예제 #1
0
  /**
   * 删除权限
   *
   * @param perId
   * @return
   */
  public ResultVO delPermission(int perId) {
    ResultVO resultVO = new ResultVO(true);
    // 获取所有权限
    List<Permission> permissionList = permissionDao.selectAll();
    Permission permission = permissionDao.get(permissionList, perId);
    if (permission == null) {
      resultVO.setOk(false);
      resultVO.setMsg("权限不存在");
      return resultVO;
    }
    // 查看是否有权限
    Subject subject = SecurityUtils.getSubject();
    if (!subject.isPermitted(permission.getKey())) {
      resultVO.setOk(false);
      resultVO.setMsg("您没有操作权限");
      return resultVO;
    }
    // 判断是否是根级权限
    // 获取我拥有的权限
    List<Permission> myPermissionList = new ArrayList<Permission>();
    for (Permission p : permissionList) {
      String key = p.getKey();
      boolean permitted = subject.isPermitted(key);
      if (permitted) {
        myPermissionList.add(p);
      }
    }
    List<Permission> rootPermissions = getRootPermissions(myPermissionList);
    for (Permission p : rootPermissions) {
      if (p.getId().intValue() == perId) {
        resultVO.setOk(false);
        resultVO.setMsg("根级权限不能删除");
        return resultVO;
      }
    }

    // 获取子级权限id集合
    List<Integer> childrenPermissionIds = getChildrenPermissionIds(perId, permissionList);

    // 删除权限
    int num = permissionDao.deletePermission(perId);

    for (Integer id : childrenPermissionIds) {
      num = permissionDao.deletePermission(id);
      if (num == 1) {
        rolePermissionDao.deleteByPerId(id);
        menuPermissionDao.deleteByPerId(id);
      }
    }
    rolePermissionDao.deleteByPerId(perId);
    menuPermissionDao.deleteByPerId(perId);
    resultVO.setMsg("删除权限成功");
    return resultVO;
  }
예제 #2
0
 /**
  * 获取子级权限
  *
  * @param permissions
  * @param parentId
  * @return
  */
 public static List<Map<String, Object>> getChildrenPermissions(
     List<Permission> permissions,
     Integer parentId,
     Set<Integer> checkedPermissionIdSet,
     List<Integer> childrenIdList) {
   List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>();
   for (Permission permission : permissions) {
     if ((parentId == null && permission.getParentId() == null)
         || (parentId != null
             && permission.getParentId() != null
             && permission.getParentId().intValue() == parentId.intValue())) {
       if (childrenIdList == null || !childrenIdList.contains(permission.getId())) {
         Map<String, Object> map = new HashMap<String, Object>();
         map.put("id", permission.getId());
         map.put("text", permission.getName());
         map.put("key", permission.getKey());
         map.put(
             "checked",
             checkedPermissionIdSet == null
                 ? false
                 : checkedPermissionIdSet.contains(permission.getId()));
         map.put("order", permission.getOrder());
         map.put(
             "children",
             getChildrenPermissions(
                 permissions, permission.getId(), checkedPermissionIdSet, childrenIdList));
         mapList.add(map);
       }
     }
   }
   return mapList;
 }
예제 #3
0
  /**
   * 获取菜单显示权限
   *
   * @param menuId
   * @return
   */
  public ResultVO getMenuShowPermissions(int menuId) {

    ResultVO resultVO = new ResultVO(true);

    List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>();

    // 获取我拥有的权限
    List<Permission> myPermissionList = new ArrayList<Permission>();
    // 获取所有权限
    List<Permission> permissionList = permissionDao.selectAll();
    Subject subject = SecurityUtils.getSubject();
    for (Permission permission : permissionList) {
      String key = permission.getKey();
      boolean permitted = subject.isPermitted(key);
      if (permitted) {
        myPermissionList.add(permission);
      }
    }

    // 获取所有菜单
    List<Menu> menus = menuDao.selectAll();
    Menu menu = menuDao.get(menus, menuId);
    if (menu == null) {
      resultVO.setOk(false);
      resultVO.setMsg("菜单不存在");
      return resultVO;
    }

    // 获取菜单拥有的权限id
    Set<Integer> permissionIdSet = menuPermissionDao.selectPermissionIdSet(menuId);

    List<Permission> rootPermissions = getRootPermissions(myPermissionList);
    for (Permission permission : rootPermissions) {
      Map<String, Object> map = new HashMap<String, Object>();
      map.put("id", permission.getId());
      map.put("text", permission.getName());
      map.put("key", permission.getKey());
      map.put("checked", permissionIdSet.contains(permission.getId()));
      map.put("order", permission.getOrder());
      map.put(
          "children",
          getChildrenPermissions(myPermissionList, permission.getId(), permissionIdSet, null));
      mapList.add(map);
    }
    resultVO.setData(mapList);
    return resultVO;
  }
예제 #4
0
 private static boolean isKeyExist(List<Permission> list, String key) {
   for (Permission permission : list) {
     if (permission.getKey().equals(key)) {
       return true;
     }
   }
   return false;
 }
예제 #5
0
  /**
   * 获取显示权限
   *
   * @return
   */
  public ResultVO getShowPermissions(Integer rootId) {
    ResultVO resultVO = new ResultVO(true);
    List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>();

    // 获取我拥有的权限
    List<Permission> myPermissionList = new ArrayList<Permission>();
    // 获取所有权限
    List<Permission> permissionList = permissionDao.selectAll();
    Subject subject = SecurityUtils.getSubject();
    for (Permission permission : permissionList) {
      String key = permission.getKey();
      boolean permitted = subject.isPermitted(key);
      if (permitted) {
        myPermissionList.add(permission);
      }
    }

    List<Integer> childrenIds = null;
    if (rootId != null) {
      childrenIds = getChildrenPermissionIds(rootId, permissionList);
      childrenIds.add(rootId);
    }

    List<Permission> rootPermissions = getRootPermissions(myPermissionList);
    for (Permission permission : rootPermissions) {
      if (childrenIds == null || !childrenIds.contains(permission.getId())) {
        Map<String, Object> map = new HashMap<String, Object>();
        map.put("id", permission.getId());
        map.put("text", permission.getName());
        map.put("key", permission.getKey());
        map.put("order", permission.getOrder());
        map.put(
            "children",
            getChildrenPermissions(myPermissionList, permission.getId(), null, childrenIds));
        mapList.add(map);
      }
    }
    resultVO.setData(mapList);
    return resultVO;
  }
예제 #6
0
  // 编辑权限
  public ResultVO editPermission(PermissionEditVO permissionEditVO) {
    ResultVO resultVO = new ResultVO(true);
    // 获取所有权限
    List<Permission> permissionList = permissionDao.selectAll();

    Permission permission = permissionDao.get(permissionList, permissionEditVO.getId());
    if (permission == null) {
      resultVO.setOk(false);
      resultVO.setMsg("权限不存在");
      return resultVO;
    }

    Permission permissionParent = permissionDao.get(permissionList, permissionEditVO.getParentId());
    if (permissionParent == null) {
      resultVO.setOk(false);
      resultVO.setMsg("上级权限不存在");
      return resultVO;
    }

    if (isKeyExist(permissionList, permissionEditVO.getKey())) {
      if (!permission.getKey().equals(permissionEditVO.getKey())) {
        resultVO.setOk(false);
        resultVO.setMsg("权限键值已存在");
        return resultVO;
      }
    }

    List<Integer> childrenPermissionIds =
        getChildrenPermissionIds(permissionEditVO.getId(), permissionList);
    childrenPermissionIds.add(permissionEditVO.getId());
    if (childrenPermissionIds.contains(permissionEditVO.getParentId())) {
      resultVO.setOk(false);
      resultVO.setMsg("所在权限的上级不能为自己所在权限或者下级权限");
      return resultVO;
    }

    Permission update = new Permission();
    update.setId(permissionEditVO.getId());
    update.setParentId(permissionEditVO.getParentId());
    update.setName(permissionEditVO.getName());
    update.setKey(permissionEditVO.getKey());
    update.setOrder(permissionEditVO.getOrder());
    int num = permissionDao.updatePermission(update);
    if (num == 1) {
      resultVO.setMsg("更新权限成功");
      return resultVO;
    } else {
      resultVO.setOk(false);
      resultVO.setMsg("更新权限失败");
      return resultVO;
    }
  }