/** * 获取菜单显示权限 * * @param menuId * @return */ public ResultVO getMenuShowPermissions(int menuId) { ResultVO resultVO = new ResultVO(true); List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>(); // 获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); // 获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Subject subject = SecurityUtils.getSubject(); for (Permission permission : permissionList) { String key = permission.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(permission); } } // 获取所有菜单 List<Menu> menus = menuDao.selectAll(); Menu menu = menuDao.get(menus, menuId); if (menu == null) { resultVO.setOk(false); resultVO.setMsg("菜单不存在"); return resultVO; } // 获取菜单拥有的权限id Set<Integer> permissionIdSet = menuPermissionDao.selectPermissionIdSet(menuId); List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission permission : rootPermissions) { Map<String, Object> map = new HashMap<String, Object>(); map.put("id", permission.getId()); map.put("text", permission.getName()); map.put("key", permission.getKey()); map.put("checked", permissionIdSet.contains(permission.getId())); map.put("order", permission.getOrder()); map.put( "children", getChildrenPermissions(myPermissionList, permission.getId(), permissionIdSet, null)); mapList.add(map); } resultVO.setData(mapList); return resultVO; }
/** * 删除权限 * * @param perId * @return */ public ResultVO delPermission(int perId) { ResultVO resultVO = new ResultVO(true); // 获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Permission permission = permissionDao.get(permissionList, perId); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("权限不存在"); return resultVO; } // 查看是否有权限 Subject subject = SecurityUtils.getSubject(); if (!subject.isPermitted(permission.getKey())) { resultVO.setOk(false); resultVO.setMsg("您没有操作权限"); return resultVO; } // 判断是否是根级权限 // 获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); for (Permission p : permissionList) { String key = p.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(p); } } List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission p : rootPermissions) { if (p.getId().intValue() == perId) { resultVO.setOk(false); resultVO.setMsg("根级权限不能删除"); return resultVO; } } // 获取子级权限id集合 List<Integer> childrenPermissionIds = getChildrenPermissionIds(perId, permissionList); // 删除权限 int num = permissionDao.deletePermission(perId); for (Integer id : childrenPermissionIds) { num = permissionDao.deletePermission(id); if (num == 1) { rolePermissionDao.deleteByPerId(id); menuPermissionDao.deleteByPerId(id); } } rolePermissionDao.deleteByPerId(perId); menuPermissionDao.deleteByPerId(perId); resultVO.setMsg("删除权限成功"); return resultVO; }
/** * 创建权限 * * @param permissionCreateVO * @return */ public ResultVO cratePermission(PermissionCreateVO permissionCreateVO) { ResultVO resultVO = new ResultVO(true); // 所有权限 List<Permission> permissionList = permissionDao.selectAll(); // 查看父级权限是否存在 Integer parentId = permissionCreateVO.getParentId(); if (parentId != null) { Permission permission = permissionDao.get(permissionList, parentId.intValue()); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("父级权限不存在"); return resultVO; } } // 判断权限键值是否存在 if (isKeyExist(permissionList, permissionCreateVO.getKey())) { resultVO.setOk(false); resultVO.setMsg("权限键值已存在"); return resultVO; } Permission permission = new Permission(); permission.setKey(permissionCreateVO.getKey()); permission.setName(permissionCreateVO.getName()); permission.setParentId(permissionCreateVO.getParentId()); permission.setOrder(permissionCreateVO.getOrder()); permissionDao.createPermission(permission); resultVO.setMsg("权限创建成功"); return resultVO; }
/** * 获取显示权限 * * @return */ public ResultVO getShowPermissions(Integer rootId) { ResultVO resultVO = new ResultVO(true); List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>(); // 获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); // 获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Subject subject = SecurityUtils.getSubject(); for (Permission permission : permissionList) { String key = permission.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(permission); } } List<Integer> childrenIds = null; if (rootId != null) { childrenIds = getChildrenPermissionIds(rootId, permissionList); childrenIds.add(rootId); } List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission permission : rootPermissions) { if (childrenIds == null || !childrenIds.contains(permission.getId())) { Map<String, Object> map = new HashMap<String, Object>(); map.put("id", permission.getId()); map.put("text", permission.getName()); map.put("key", permission.getKey()); map.put("order", permission.getOrder()); map.put( "children", getChildrenPermissions(myPermissionList, permission.getId(), null, childrenIds)); mapList.add(map); } } resultVO.setData(mapList); return resultVO; }
// 编辑权限 public ResultVO editPermission(PermissionEditVO permissionEditVO) { ResultVO resultVO = new ResultVO(true); // 获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Permission permission = permissionDao.get(permissionList, permissionEditVO.getId()); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("权限不存在"); return resultVO; } Permission permissionParent = permissionDao.get(permissionList, permissionEditVO.getParentId()); if (permissionParent == null) { resultVO.setOk(false); resultVO.setMsg("上级权限不存在"); return resultVO; } if (isKeyExist(permissionList, permissionEditVO.getKey())) { if (!permission.getKey().equals(permissionEditVO.getKey())) { resultVO.setOk(false); resultVO.setMsg("权限键值已存在"); return resultVO; } } List<Integer> childrenPermissionIds = getChildrenPermissionIds(permissionEditVO.getId(), permissionList); childrenPermissionIds.add(permissionEditVO.getId()); if (childrenPermissionIds.contains(permissionEditVO.getParentId())) { resultVO.setOk(false); resultVO.setMsg("所在权限的上级不能为自己所在权限或者下级权限"); return resultVO; } Permission update = new Permission(); update.setId(permissionEditVO.getId()); update.setParentId(permissionEditVO.getParentId()); update.setName(permissionEditVO.getName()); update.setKey(permissionEditVO.getKey()); update.setOrder(permissionEditVO.getOrder()); int num = permissionDao.updatePermission(update); if (num == 1) { resultVO.setMsg("更新权限成功"); return resultVO; } else { resultVO.setOk(false); resultVO.setMsg("更新权限失败"); return resultVO; } }