Spring security实现权限管理示例,具体如下:
1、配置文件
1、POM.xml
4.0.0 org.nercita BCPwar 0.0.1-SNAPSHOT BCP http://maven.apache.org UTF-8 4.0.5.RELEASE 3.2.3.RELEASE 4.3.5.Final junit junit4.11 test javax.servlet jstl1.2 provided javax.servlet.jsp jsp-api2.1 provided org.glassfish javax.annotation3.0.1 org.glassfish javax.ejb3.0.1 org.jboss.weld weld-osgi-bundle1.0.1-SP3 javassist javassistorg.glassfish javax.servlet3.0.1 org.springframework spring-core${spring.version} org.springframework spring-aop${spring.version} org.springframework spring-context${spring.version} org.springframework spring-context-support${spring.version} org.springframework spring-jdbc${spring.version} org.springframework spring-beans${spring.version} org.springframework spring-web${spring.version} org.springframework spring-expression${spring.version} org.springframework spring-orm${spring.version} org.springframework spring-oxm${spring.version} org.springframework spring-aspects${spring.version} org.springframework spring-tx${spring.version} org.springframework spring-test${spring.version} org.springframework spring-webmvc${spring.version} org.springframework.security spring-security-core${spring.security.version} org.springframework.security spring-security-config${spring.security.version} org.springframework.security spring-security-taglibs${spring.security.version} org.springframework.security spring-security-web${spring.security.version} org.aspectj aspectjweaver1.8.2 org.aspectj aspectjrt1.8.2 mysql mysql-connector-java5.1.26 com.oracle ojdbc612.1.0.1 com.mchange c3p00.9.5 org.hibernate hibernate-core${hibernate.version} org.javassist javassistc3p0 c3p0 org.hibernate hibernate-entitymanager${hibernate.version} org.javassist javassistorg.hibernate hibernate-ehcache${hibernate.version} org.hibernate.javax.persistence hibernate-jpa-2.1-api1.0.0.Final org.javassist javassist3.18.1-GA antlr antlr2.7.7 dom4j dom4j1.6.1 commons-dbcp commons-dbcp1.4 commons-pool commons-pool1.4 commons-collections commons-collections3.1 javax.transaction jta1.1 commons-lang commons-lang2.6 commons-beanutils commons-beanutils1.9.0 com.belerweb pinyin4j2.5.0 cglib cglib3.1 asm asm3.3.1 aopalliance aopalliance1.0 net.sf.ehcache ehcache2.8.3 org.springframework.osgi spring-osgi-annotation1.2.1 wsdl4j wsdl4j1.6.3 org.apache cxf2.3.0 org.sitemesh sitemesh3.0.0 org.quartz-scheduler quartz2.1.7 c3p0 c3p0net.sf.dozer dozer5.2.0 javax.validation validation-api1.1.0.Final org.hibernate hibernate-validator4.3.0.Final com.fasterxml.jackson.core jackson-databind2.5.1 com.fasterxml classmate1.1.0 com.thoughtworks.xstream xstream1.4.7 com.sun.mail javax.mail1.5.2 org.apache.struts struts2-core2.3.12 javassist javassistorg.apache.struts struts2-spring-plugin2.3.12 org.dbunit dbunit2.4.7 org.easymock easymock3.2 org.apache.ws.commons.schema XmlSchema1.4.7 org.apache.httpcomponents httpclient4.2.1 log4j log4j1.2.17 org.slf4j slf4j-api1.7.7 org.slf4j slf4j-log4j121.7.7 org.slf4j slf4j-nop1.7.7 org.apache.logging.log4j log4j-api2.1 org.apache.logging.log4j log4j-core2.1 commons-fileupload commons-fileupload1.3.1 com.alibaba fastjson1.2.1 org.codehaus.jackson jackson-mapper-asl1.9.13 org.apache.poi poi3.13 org.apache.poi poi-ooxml3.13 net.sf.jxls jxls-core1.0.6 net.sf.jxls jxls-reader1.0.6 xmlpull xmlpull1.1.3.4a net.sf.json-lib json-lib2.4 jdk15 commons-logging commons-logging1.2 net.sf.ezmorph ezmorph1.0.6 net.coobird thumbnailator0.4.7 com.yuntongxun ccp2.6.3 BCP
2.web.xml
SSH-Application contextConfigLocation /WEB-INF/classes/applicationContext*.xml javax.servlet.jsp.jstl.fmt.localizationContext message/message-info org.springframework.web.context.ContextLoaderListener etagFilter org.springframework.web.filter.ShallowEtagHeaderFilter etagFilter @Service("customAccessDecisionManager") public class CustomAccessDecisionManager implements AccessDecisionManager { @Override public void decide(Authentication authentication, Object object, Collection configAttributes) throws AccessDeniedException, InsufficientAuthenticationException { if (configAttributes==null){ return; } Iterator iter = configAttributes.iterator(); while(iter.hasNext()){ ConfigAttribute ca = iter.next(); String needRole = ((SecurityConfig) ca).getAttribute(); //gra 为用户所被赋予的权限,needRole为访问相应的资源应具有的权限 for (GrantedAuthority gra : authentication.getAuthorities()) { if (needRole.trim().equals(gra.getAuthority().trim())) { return; } } } throw new AccessDeniedException("Access Denied"); } @Override public boolean supports(ConfigAttribute attribute) { return true; } @Override public boolean supports(Class clazz) { return true; } }
2、CustomFilterInvocationSecuritymetadataSource.java
package org.nercita.bcp.system.service;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.annotation.PostConstruct;
import org.nercita.bcp.system.domain.Authority;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecuritymetadataSource;
import org.springframework.stereotype.Service;
@Service("customFilterInvocationSecuritymetadataSource")
public class CustomFilterInvocationSecuritymetadataSource implements FilterInvocationSecuritymetadataSource {
@Autowired
private AuthorityService authorityService;
//使用的是AntUrlPathMatcher这个path matcher来检查URL是否与资源定义匹配
//private RequestMatcher urlMatcher = null;
//resourceMap就是保存的所有资源和权限的集合,URL为Key,权限作为Value!
private static HashMap> resourceMap = null;
@PostConstruct
public void init() {
loadResourceDefine();
}
private void loadResourceDefine() {
// 在Web服务器启动时,提取系统中的所有权限authority.name.
List authorities = authorityService.findAll();
//应当是资源为key, 权限为value。 资源通常为url, 权限就是那些以ROLE_为前缀的角色。 一个资源可以由多个权限来访问。
resourceMap = new HashMap>();
if(authorities!=null && authorities.size()>0 )
for (Authority auth : authorities) {
String authName = auth.getCode(); //获取权限的name 是以 ROLE_为前缀的代码值
ConfigAttribute ca = new SecurityConfig(authName); //将ROLE_XXX 封装成spring的权限配置属性
//根据权限名获取所有资源
String url = auth.getResourceUrl();
//判断资源文件和权限的对应关系,如果已经存在相关的资源url,则要通过该url为key提取出权限集合,将权限增加到权限集合中。
if (resourceMap.containsKey(url)) { //如果已存在url 加入权限
Collection value = resourceMap.get(url);
value.add(ca);
resourceMap.put(url, value);
} else {//如果不存存在url 加入url和权限
Collection atts = new ArrayList();
atts.add(ca);
resourceMap.put(url, atts);
}
}
}
@Override
public Collection getAttributes(Object object)
throws IllegalArgumentException {
//object是一个URL ,为用户请求URL
String url = ((FilterInvocation)object).getRequestUrl();
int firstQuestionMarkIndex = url.indexOf("?");
if (firstQuestionMarkIndex != -1) {
url = url.substring(0, firstQuestionMarkIndex);
}
Iterator iter = resourceMap.keySet().iterator();
String matchUrl=null;//匹配url
//取到请求的URL后与上面取出来的资源做比较
while (iter.hasNext()) {
String resURL = iter.next();
// if(urlMatcher.pathMatchesUrl(resURL,url)){
if(url.startsWith(resURL)){
// return resourceMap.get(resURL); //返回权限的集合
//初次匹配或当前匹配的url更长则更新匹配url
if(matchUrl==null||matchUrl.length() getAllConfigAttributes() {
return null;
}
@Override
public boolean supports(Class clazz) {
return true;
}
}
3、CustomFilterSecurityInterceptor.java
package org.nercita.bcp.system.service;
import java.io.IOException;
import javax.annotation.Resource;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.nercita.bcp.system.util.LogInfoService;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.SecuritymetadataSource;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.access.intercept.InterceptorStatusToken;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecuritymetadataSource;
import org.springframework.stereotype.Service;
@Service("customFilterSecurityInterceptor")
public class CustomFilterSecurityInterceptor extends
AbstractSecurityInterceptor implements Filter {
// 注入资源数据定义器
@Resource
@Qualifier("customFilterInvocationSecuritymetadataSource")
private FilterInvocationSecuritymetadataSource securitymetadataSource;
// 注入访问决策器
@Resource
@Qualifier("customAccessDecisionManager")
@Override
public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager){
super.setAccessDecisionManager(accessDecisionManager);
}
// 注入认证管理器
@Resource
@Qualifier("authenticationManager")
@Override
public void setAuthenticationManager(AuthenticationManager newManager) {
super.setAuthenticationManager(newManager);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
// 用户未登录情况下 通过在地址栏输入有效的url 访问系统 可能造成系统出现问题,所以限制匿名用户登录 自动跳转到登录页面
if(LogInfoService.getLoginUserName()==null){
httpResponse.sendRedirect(httpRequest.getContextPath()+"/login.jsp");
return;
}
FilterInvocation fi = new FilterInvocation(request, response, chain);
invoke(fi);
}
private void invoke(FilterInvocation fi) throws IOException, ServletException {
// InterceptorStatusToken token = super.beforeInvocation(fi);
// try {
// fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
// } finally {
// super.afterInvocation(token, null);
// }
InterceptorStatusToken token = null;
try {
token = super.beforeInvocation(fi);
} catch (Exception e) {
// 用户登录情况下 系统中存在用户访问的资源url和权限,但是当前用户的角色中没有这个权限 所以提示跳转用户无权访问的页面
if( e instanceof AccessDeniedException){
//HttpServletRequest httpRequest = fi.getRequest();
//HttpServletResponse httpResponse = fi.getResponse();
//
//String path = httpRequest.getContextPath();
//String basePath = httpRequest.getScheme()+"://"+httpRequest.getServerName()+":"+httpRequest.getServerPort()+path+"/";
//httpResponse.setStatus(HttpServletResponse.SC_NOT_ACCEPTABLE);
//RequestDispatcher dispatcher = httpRequest.getRequestDispatcher(basePath+"/common/403.jsp");
//
//dispatcher.forward(httpRequest, httpResponse);
//httpResponse.sendRedirect(basePath+"/common/403.jsp");
throw new AccessDeniedException("用户无权访问");
}
return;
}
try {
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} finally {
super.afterInvocation(token, null);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
@Override
public Class getSecureObjectClass() {
return FilterInvocation.class;
}
@Override
public SecuritymetadataSource obtainSecuritymetadataSource() {
return this.securitymetadataSource;
}
@Override
public void destroy() {
}
public FilterInvocationSecuritymetadataSource getSecuritymetadataSource() {
return securitymetadataSource;
}
public void setSecuritymetadataSource(
FilterInvocationSecuritymetadataSource securitymetadataSource) {
this.securitymetadataSource = securitymetadataSource;
}
}
3、核心处理类:CustomUserDetailsService.java
package org.nercita.bcp.system.service;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.annotation.Resource;
import org.nercita.bcp.system.dao.AuthorityDao;
import org.nercita.bcp.system.dao.UserDao;
import org.nercita.bcp.system.domain.Authority;
import org.nercita.bcp.system.domain.User;
import org.nercita.bcp.system.domain.reference.UserDetail;
import org.nercita.bcp.system.domain.reference.UserState;
import org.nercita.bcp.system.domain.reference.UserType;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {
//用户持久类
@Resource(name="userDao")
private UserDao userDao;
@Resource(name="authorityDao")
private AuthorityDao authorityDao;
@Override
public UserDetails loadUserByUsername(String userName)
throws UsernameNotFoundException, DataAccessException {
//根据登录名获取登陆用户
User user = userDao.findByName(userName);
if(null == user) {
throw new UsernameNotFoundException("用户" + userName + "不存在");
}
//根据用户的 类型获取用户权限
if(user.getUserType() == UserType.SysAdmin){ //用户类型为0, 表示是系统平台管理员用户
Collection auths = new ArrayList();
List authorities = authorityDao.findAll(); //获取系统中所有权限
for(Iterator iter =authorities.iterator();iter.hasNext();){
auths.add(new SimpleGrantedAuthority(iter.next().getCode()));
}
//UserDetail userDetail = new UserDetail(userName, user.getPassword(), true, true, true, true, auths);
//修改为前台系统,不能让系统管理员登陆
UserDetail userDetail = new UserDetail(userName, user.getPassword(), false, true, true, true, auths);
userDetail.setUserGroupId(user.getUserGroup().getId());
userDetail.setRealName(user.getRealName());
userDetail.setUserType(user.getUserType());
return userDetail;
}else if(user.getUserType() == UserType.TeamAdmin){ //团队管理员
//用户是否可用
boolean enabled = user.getEnabled();
//获取团队管理员的所有权限
Set authorities = user.getAuthoritySet();
Collection auths = new ArrayList();
for(Iterator iter=authorities.iterator();iter.hasNext();){
auths.add(new SimpleGrantedAuthority(iter.next().getCode()));
}
//因为spring security包中的User也实现了UserDetails,所以也可以直接返回User
UserDetail userDetail =null;
if(UserState.Enable == user.getUserState()){
userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, true, auths);
}else{
userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, false, auths);
//throw new LockedException("用户" + userName + "被锁定");
}
userDetail.setUserGroupId(user.getUserGroup().getId());
userDetail.setTeamGroupId(user.getUserGroup().getId());
userDetail.setRealName(user.getRealName());
userDetail.setUserType(user.getUserType());
return userDetail;
}else{//团队用户
//用户是否可用
boolean enabled = user.getEnabled();
Set authorities = user.getAuthoritySet();
Collection auths = new ArrayList();
for(Iterator iter=authorities.iterator();iter.hasNext();){
auths.add(new SimpleGrantedAuthority(iter.next().getCode()));
}
//因为spring security包中的User也实现了UserDetails,所以也可以直接返回User
UserDetail userDetail =null;
if(user.getUserGroup().getTeamAdmin().getUserState()==UserState.Disable){//如果团队管理员被禁用,其下属团队用也不能登录
userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, false, auths);
return userDetail;
}
if(UserState.Enable == user.getUserState()){
userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, true, auths);
}else{
userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, false, auths);
//throw new LockedException("用户" + userName + "被锁定");
}
userDetail.setUserGroupId(user.getUserGroup().getId());
userDetail.setTeamGroupId(user.getUserGroup().getTeamAdmin().getUserGroup().getId());
userDetail.setRealName(user.getRealName());
userDetail.setUserType(user.getUserType());
return userDetail;
}
}
}
4.附加类登录成功和退出成功处理
1、CustomSavedRequestAwareAuthenticationSuccessHandler.java
package org.nercita.bcp.system.service;
import java.io.IOException;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.nercita.bcp.basic.domain.Crop;
import org.nercita.bcp.system.domain.SystemLog;
import org.nercita.bcp.system.domain.User;
import org.nercita.bcp.system.domain.reference.UserType;
import org.nercita.bcp.system.util.LogInfoService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.RequestCache;
public class CustomSavedRequestAwareAuthenticationSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
// 增加登录日志
private static Logger logger = LogManager.getLogger(CustomSavedRequestAwareAuthenticationSuccessHandler.class);
@Autowired
private SystemLogService systemLogService;
@Autowired
private UserService userService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws ServletException, IOException {
System.out.println("用户登录成功处理。。。。");
User u = LogInfoService.getLoginUser();
HttpSession session =request.getSession();
if(u.getUserType()==UserType.TeamAdmin ){//用户为团队管理员
List croplist = u.getCropSet();
for(Iterator iter = croplist.iterator();iter.hasNext();){//去除被禁止的作物
String status = userService.getUserCropStatus(u.getId(),iter.next().getId());
if(status!=null && !status.equals("1")){
iter.remove();
}
}
session.setAttribute("croplist", croplist);
}else if(u.getUserType()==UserType.TeamUser){//用户为普通用户
List croplist = u.getCropSet();
for(Iterator iter = croplist.iterator();iter.hasNext();){//去除团队管理员被禁止的作物
String status = userService.getUserCropStatus(u.getUserGroup().getTeamAdmin().getId(),iter.next().getId());
if(status!=null && !status.equals("1")){
iter.remove();
}
}
session.setAttribute("croplist", croplist);
}else{//用户为系统管理员
session.setAttribute("croplist", LogInfoService.getAllCrops());
}
String userName = authentication.getName(); //用户名
String address = request.getRemoteAddr(); //远程地址
//写入日志
systemLogService.save(new SystemLog(address, "登录", "用户登录系统", userName, new Date()));
logger.info("用户" + userName + "在地址" + address + "登入系统,时间:"+new Date());
super.onAuthenticationSuccess(request, response, authentication);
}
@Override
public void setRequestCache(RequestCache requestCache) {
super.setRequestCache(requestCache);
}
}
2、CustomLogoutSuccessHandler.java
package org.nercita.bcp.system.service;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.nercita.bcp.system.domain.SystemLog;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
private static Logger logger = LogManager.getLogger(CustomLogoutSuccessHandler.class);
@Autowired
private SystemLogService systemLogService;
@Override
public void onLogoutSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws IOException, ServletException {
System.out.println("用户退出成功处理。。。。");
String userName = authentication.getName(); //用户名
String address = request.getRemoteAddr(); //远程地址
systemLogService.save(new SystemLog(address, "退出", "用户退出系统", userName, new Date()));
logger.info("日志:ip:"+request.getRemoteAddr() +"host:"+request.getRemoteHost()+"退出时间:"+new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
super.onLogoutSuccess(request, response, authentication);
}
}
3、实体Bean
1、User.java
package org.nercita.bcp.system.domain;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import org.hibernate.annotations.Cache;
import org.hibernate.annotations.CacheConcurrencyStrategy;
import org.nercita.bcp.basic.domain.Crop;
import org.nercita.bcp.system.domain.reference.ExamineStatus;
import org.nercita.bcp.system.domain.reference.UserState;
import org.nercita.bcp.system.domain.reference.UserType;
import org.nercita.core.orm.baseUidEntity;
import com.alibaba.fastjson.annotation.JSONField;
@Entity
@Table(name = "T_P_User")
@Cacheable
@Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
public class User extends baseUidEntity {
private static final long serialVersionUID = -2512321822386351911L;
// 用户名
@Column(length = 64, unique = true, nullable = false)
private String name;
// 密码
@Column(length = 64, nullable = false)
private String password;
// 真实姓名
@Column(length = 64, nullable = false)
private String realName;
// 手机
@Column(length = 13)
private String phone;
// 公司或单位
@Column(length = 64)
private String company;
// 电子邮件
@Column(length = 64)
private String email;
// 是否可用
private Boolean enabled;
// 激活码
@Column(unique=true,nullable=true)
private String activationCode;
// 重置码
@Column(unique=true,nullable=true)
private String resetCode;
private UserType userType;
private UserState userState = UserState.Disable;
@Column(length=1)
private int abolished=0;
//用户代号
@Column(length=1)
private String userMark;
//PDA imei信息
@Column(nullable=true)
private String imei;
// 用户所在用户组
@ManyToOne(optional = true, cascade = {CascadeType.PERSIST,CascadeType.MERGE})
@JoinColumn(name = "userGroup_id")
private UserGroup userGroup;
//权限集合
@ManyToMany(fetch = FetchType.LAZY)
@JSonField(serialize=false)
private Set authoritySet = new HashSet();
// 用户所属的作物集合
@ManyToMany(fetch = FetchType.EAGER)
// @JSonField(serialize=false)
private List cropSet = new ArrayList();
// 用户的菜单包
@ManyToOne(optional = true, fetch = FetchType.EAGER)
@JSonField(serialize=false)
private MenuPackage menuPackage;
// 用户的团队配置
@ManyToOne(optional = true, fetch = FetchType.EAGER)
@JSonField(serialize=false)
private CollocateTeam collocateTeam;
//注册时间
private Date registData;
//截止日期
private Date expirationDate;
//审核状态(未审核、已上传、已审核)
private ExamineStatus examineStatus;
//审核材料路径
private String certificationUrls;
// 记录人
@Column(updatable = false)
private String recorder;
// 记录时间
@Temporal(TemporalType.TIMESTAMP)
@Column(updatable = false)
private Date recordTime;
// 修改人
private String modifier;
// 修改时间
@Temporal(TemporalType.TIMESTAMP)
@Column(updatable = true)
private Date modifyTime;
@Column(length = 255)
private String remark;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getRealName() {
return realName;
}
public void setRealName(String realName) {
this.realName = realName;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public String getCompany() {
return company;
}
public void setCompany(String company) {
this.company = company;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getActivationCode() {
return activationCode;
}
public void setActivationCode(String activationCode) {
this.activationCode = activationCode;
}
public String getResetCode() {
return resetCode;
}
public void setResetCode(String resetCode) {
this.resetCode = resetCode;
}
public Boolean getEnabled() {
return enabled;
}
public void setEnabled(Boolean enabled) {
this.enabled = enabled;
}
public UserType getUserType() {
return userType;
}
public void setUserType(UserType userType) {
this.userType = userType;
}
public String getImei() {
return imei;
}
public void setImei(String imei) {
this.imei = imei;
}
public UserState getUserState() {
return userState;
}
public void setUserState(UserState userState) {
this.userState = userState;
}
public int getAbolished() {
return abolished;
}
public void setAbolished(int abolished) {
this.abolished = abolished;
}
public UserGroup getUserGroup() {
return userGroup;
}
public void setUserGroup(UserGroup userGroup) {
this.userGroup = userGroup;
}
public Set getAuthoritySet() {
return authoritySet;
}
public void setAuthoritySet(Set authoritySet) {
this.authoritySet = authoritySet;
}
public List getCropSet() {
return cropSet;
}
public void setCropSet(List cropSet) {
this.cropSet = cropSet;
}
public MenuPackage getMenuPackage() {
return menuPackage;
}
public void setMenuPackage(MenuPackage menuPackage) {
this.menuPackage = menuPackage;
}
public CollocateTeam getCollocateTeam() {
return collocateTeam;
}
public void setCollocateTeam(CollocateTeam collocateTeam) {
this.collocateTeam = collocateTeam;
}
public String getRecorder() {
return recorder;
}
public void setRecorder(String recorder) {
this.recorder = recorder;
}
public Date getRecordTime() {
return recordTime;
}
public void setRecordTime(Date recordTime) {
this.recordTime = recordTime;
}
public String getModifier() {
return modifier;
}
public void setModifier(String modifier) {
this.modifier = modifier;
}
public Date getModifyTime() {
return modifyTime;
}
public void setModifyTime(Date modifyTime) {
this.modifyTime = modifyTime;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
public String getUserMark() {
return userMark;
}
public void setUserMark(String userMark) {
this.userMark = userMark;
}
public User() {
}
public Date getRegistData() {
return registData;
}
public void setRegistData(Date registData) {
this.registData = registData;
}
public Date getExpirationDate() {
return expirationDate;
}
public void setExpirationDate(Date expirationDate) {
this.expirationDate = expirationDate;
}
public ExamineStatus getExamineStatus() {
return examineStatus;
}
public void setExamineStatus(ExamineStatus examineStatus) {
this.examineStatus = examineStatus;
}
public String getCertificationUrls() {
return certificationUrls;
}
public void setCertificationUrls(String certificationUrls) {
this.certificationUrls = certificationUrls;
}
public User(String name, String password, String realName, Boolean enabled,
UserType userType, UserState userState) {
super();
this.name = name;
this.password = password;
this.realName = realName;
this.enabled = enabled;
this.userType = userType;
this.userState = userState;
}
}
2.Authority.java
package org.nercita.bcp.system.domain;
import java.util.Date;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import org.hibernate.annotations.Cache;
import org.hibernate.annotations.CacheConcurrencyStrategy;
import org.hibernate.annotations.Index;
import org.nercita.core.orm.baseUidEntity;
@SuppressWarnings("deprecation")
@Entity
@Table(name="T_P_Authority")
@Cacheable
@Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
public class Authority extends baseUidEntity{
private static final long serialVersionUID = 1558957611918721365L;
//ROLE_"为前缀的代码
@Column(length=64, nullable=false, unique=true)
@Index(name="Index_Authority_code")
private String code;
//权限名称
@Column(length=64,nullable=false)
private String name;
//父权限
@ManyToOne
private Authority parentAuthority;
//资源路径
private String resourceUrl;
//是否为父权限
private boolean isParent;
//权限树形深度
private Integer deepLevel = 0;
//权限是否可用
private boolean enabled=true;
//所属菜单
@ManyToOne(optional = true, cascade = {CascadeType.PERSIST})
@JoinColumn(name="menu_id")
private Menu menu;
//记录人
@Column(updatable = false)
private String recorder;
private Integer orderNum = 0;
//记录时间
@Temporal(TemporalType.TIMESTAMP)
@Column(updatable = false)
private Date recordTime;
//修改人
private String modifier;
//修改时间
@Temporal(TemporalType.TIMESTAMP)
@Column(updatable = true)
private Date modifyTime;
//备注
@Column(length=255)
private String remark;
public Integer getOrderNum() {
return orderNum;
}
public void setOrderNum(Integer orderNum) {
this.orderNum = orderNum;
}
public String getCode() {
return code;
}
public void setCode(String code) {
this.code = code;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Authority getParentAuthority() {
return parentAuthority;
}
public void setParentAuthority(Authority parentAuthority) {
this.parentAuthority = parentAuthority;
}
public String getResourceUrl() {
return resourceUrl;
}
public void setResourceUrl(String resourceUrl) {
this.resourceUrl = resourceUrl;
}
public boolean isParent() {
return isParent;
}
public void setParent(boolean isParent) {
this.isParent = isParent;
}
public Integer getDeepLevel() {
return deepLevel;
}
public void setDeepLevel(Integer deepLevel) {
this.deepLevel = deepLevel;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public Menu getMenu() {
return menu;
}
public void setMenu(Menu menu) {
this.menu = menu;
}
public String getRecorder() {
return recorder;
}
public void setRecorder(String recorder) {
this.recorder = recorder;
}
public Date getRecordTime() {
return recordTime;
}
public void setRecordTime(Date recordTime) {
this.recordTime = recordTime;
}
public String getModifier() {
return modifier;
}
public void setModifier(String modifier) {
this.modifier = modifier;
}
public Date getModifyTime() {
return modifyTime;
}
public void setModifyTime(Date modifyTime) {
this.modifyTime = modifyTime;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((code == null) ? 0 : code.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
Authority other = (Authority) obj;
if (code == null) {
if (other.code != null)
return false;
} else if (!code.equals(other.code))
return false;
return true;
}
}
3. UserGroup.java
package org.nercita.bcp.system.domain;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import org.hibernate.annotations.Cache;
import org.hibernate.annotations.CacheConcurrencyStrategy;
import org.nercita.core.orm.baseUidEntity;
import com.alibaba.fastjson.annotation.JSONField;
@Entity
@Table(name="T_P_UserGroup")
@Cacheable
@Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
public class UserGroup extends baseUidEntity{
private static final long serialVersionUID = -2723021723072060418L;
//用户组名
private String name;
//父用户组 ---允许为空
@ManyToOne(optional=true,cascade=CascadeType.PERSIST,fetch=FetchType.EAGER)
private UserGroup parentUserGroup;
//子用户组
@oneToMany(mappedBy="parentUserGroup")
@JSonField(serialize=false)
private Set childrenUserGroups = new HashSet();
//该用户组的团队管理员
@ManyToOne(optional=true, cascade=CascadeType.PERSIST)
@JoinColumn(name="teamAdmin_id")
private User teamAdmin;
//组内用户列表
@oneToMany(mappedBy="userGroup")
@JSonField(serialize=false)
private List userList = new ArrayList();
//用户组深度级别 :0:团队管理员, 1...N:子用户
@Column(nullable=false)
private Integer deepLevel;
//记录人
@Column(updatable = false)
private String recorder;
//记录时间
@Temporal(TemporalType.TIMESTAMP)
@Column(updatable = false)
private Date recordTime;
//修改人
private String modifier;
//修改时间
@Temporal(TemporalType.TIMESTAMP)
@Column(updatable = true)
private Date modifyTime;
@Column(length=255)
private String remark;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public UserGroup getParentUserGroup() {
return parentUserGroup;
}
public void setParentUserGroup(UserGroup parentUserGroup) {
this.parentUserGroup = parentUserGroup;
}
public Set getChildrenUserGroups() {
return childrenUserGroups;
}
public void setChildrenUserGroups(Set childrenUserGroups) {
this.childrenUserGroups = childrenUserGroups;
}
public User getTeamAdmin() {
return teamAdmin;
}
public void setTeamAdmin(User teamAdmin) {
this.teamAdmin = teamAdmin;
}
public List getUserList() {
return userList;
}
public void setUserList(List userList) {
this.userList = userList;
}
public Integer getDeepLevel() {
return deepLevel;
}
public void setDeepLevel(Integer deepLevel) {
this.deepLevel = deepLevel;
}
public String getRecorder() {
return recorder;
}
public void setRecorder(String recorder) {
this.recorder = recorder;
}
public Date getRecordTime() {
return recordTime;
}
public void setRecordTime(Date recordTime) {
this.recordTime = recordTime;
}
public String getModifier() {
return modifier;
}
public void setModifier(String modifier) {
this.modifier = modifier;
}
public Date getModifyTime() {
return modifyTime;
}
public void setModifyTime(Date modifyTime) {
this.modifyTime = modifyTime;
}
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
}
4.baseUidEntity.java
@SuppressWarnings("serial")
@MappedSuperclass
public class baseUidEntity implements Serializable,Cloneable{
@Id
@GenericGenerator(name="uu_id", strategy="uuid")
@GeneratedValue(generator="uu_id")
private String id;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public Object clone()
{
Object o=null;
try
{
o=(Object)super.clone();
}
catch(CloneNotSupportedException e)
{
System.out.println(e.toString());
}
return o;
}
}
5. UserDetail.java
package org.nercita.bcp.system.domain.reference;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
public class UserDetail extends User{
private static final long serialVersionUID = -6889247576063361649L;
private String userId; //用户名(账号)
private String realName; //真实姓名
public UserDetail(String username, String password,Collection authorities) {
super(username, password, authorities);
}
public UserDetail(String username, String password, boolean enabled,
boolean accountNonExpired, boolean credentialsNonExpired,
boolean accountNonLocked,
Collection authorities) {
super(username, password, enabled, accountNonExpired, credentialsNonExpired,
accountNonLocked, authorities);
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
this.userId = userId;
}
public String getRealName() {
return realName;
}
public void setRealName(String realName) {
this.realName = realName;
}
}
6.UserState.java
package org.nercita.bcp.system.domain.reference;
public enum UserState {
Disable {
@Override
public String getTitle() {
return "Disable";
}
},
Enable {
@Override
public String getTitle() {
return "Enable";
}
};
@Override
public String toString() {
return this.getTitle();
}
public abstract String getTitle();
public int getValue() {
return this.ordinal();
}
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持考高分网。
