// 编辑权限 public ResultVO editPermission(PermissionEditVO permissionEditVO) { ResultVO resultVO = new ResultVO(true); // 获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Permission permission = permissionDao.get(permissionList, permissionEditVO.getId()); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("权限不存在"); return resultVO; } Permission permissionParent = permissionDao.get(permissionList, permissionEditVO.getParentId()); if (permissionParent == null) { resultVO.setOk(false); resultVO.setMsg("上级权限不存在"); return resultVO; } if (isKeyExist(permissionList, permissionEditVO.getKey())) { if (!permission.getKey().equals(permissionEditVO.getKey())) { resultVO.setOk(false); resultVO.setMsg("权限键值已存在"); return resultVO; } } List<Integer> childrenPermissionIds = getChildrenPermissionIds(permissionEditVO.getId(), permissionList); childrenPermissionIds.add(permissionEditVO.getId()); if (childrenPermissionIds.contains(permissionEditVO.getParentId())) { resultVO.setOk(false); resultVO.setMsg("所在权限的上级不能为自己所在权限或者下级权限"); return resultVO; } Permission update = new Permission(); update.setId(permissionEditVO.getId()); update.setParentId(permissionEditVO.getParentId()); update.setName(permissionEditVO.getName()); update.setKey(permissionEditVO.getKey()); update.setOrder(permissionEditVO.getOrder()); int num = permissionDao.updatePermission(update); if (num == 1) { resultVO.setMsg("更新权限成功"); return resultVO; } else { resultVO.setOk(false); resultVO.setMsg("更新权限失败"); return resultVO; } }
/** * 创建权限 * * @param permissionCreateVO * @return */ public ResultVO cratePermission(PermissionCreateVO permissionCreateVO) { ResultVO resultVO = new ResultVO(true); // 所有权限 List<Permission> permissionList = permissionDao.selectAll(); // 查看父级权限是否存在 Integer parentId = permissionCreateVO.getParentId(); if (parentId != null) { Permission permission = permissionDao.get(permissionList, parentId.intValue()); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("父级权限不存在"); return resultVO; } } // 判断权限键值是否存在 if (isKeyExist(permissionList, permissionCreateVO.getKey())) { resultVO.setOk(false); resultVO.setMsg("权限键值已存在"); return resultVO; } Permission permission = new Permission(); permission.setKey(permissionCreateVO.getKey()); permission.setName(permissionCreateVO.getName()); permission.setParentId(permissionCreateVO.getParentId()); permission.setOrder(permissionCreateVO.getOrder()); permissionDao.createPermission(permission); resultVO.setMsg("权限创建成功"); return resultVO; }
/** * 删除权限 * * @param perId * @return */ public ResultVO delPermission(int perId) { ResultVO resultVO = new ResultVO(true); // 获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Permission permission = permissionDao.get(permissionList, perId); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("权限不存在"); return resultVO; } // 查看是否有权限 Subject subject = SecurityUtils.getSubject(); if (!subject.isPermitted(permission.getKey())) { resultVO.setOk(false); resultVO.setMsg("您没有操作权限"); return resultVO; } // 判断是否是根级权限 // 获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); for (Permission p : permissionList) { String key = p.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(p); } } List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission p : rootPermissions) { if (p.getId().intValue() == perId) { resultVO.setOk(false); resultVO.setMsg("根级权限不能删除"); return resultVO; } } // 获取子级权限id集合 List<Integer> childrenPermissionIds = getChildrenPermissionIds(perId, permissionList); // 删除权限 int num = permissionDao.deletePermission(perId); for (Integer id : childrenPermissionIds) { num = permissionDao.deletePermission(id); if (num == 1) { rolePermissionDao.deleteByPerId(id); menuPermissionDao.deleteByPerId(id); } } rolePermissionDao.deleteByPerId(perId); menuPermissionDao.deleteByPerId(perId); resultVO.setMsg("删除权限成功"); return resultVO; }
/** * 获取根权限 * * @param permissionList * @return */ private List<Permission> getRootPermissions(List<Permission> permissionList) { List<Permission> rootPermissions = new ArrayList<Permission>(); for (Permission permission : permissionList) { // 如果父级id是null if (permission.getParentId() == null) { rootPermissions.add(permission); continue; } Permission parentPermission = permissionDao.get(permissionList, permission.getParentId().intValue()); if (parentPermission == null) { rootPermissions.add(permission); } } return rootPermissions; }