一:所需的数据库表和sql语句 --创建权限表 create table system.purview ( pvalue number(3)primary key, pname varchar2(20), pmodule varchar2(20) ); insert into system.purview values(1,'添加','新闻'); insert into system.purview values(2,'修改','新闻'); insert into system.purview values(3,'删除','新闻'); insert into system.purview values(4,'查询','新闻'); insert into system.purview values(5,'添加','公告'); insert into system.purview values(6,'修改','公告'); insert into system.purview values(7,'删除','公告'); insert into system.purview values(8,'查询','公告'); --创建角色表 create table system.roler ( id varchar2(20)primary key, rid varchar2(20), rname varchar2(20) ); create sequence system.roler_sequence start with 1 increment by 1 nomaxvalue cache 20; create trigger system.roler_trigger before insert on system.roler for each row when(new.id is null) begin select system.roler_sequence.nextval into:new.id from dual; end; 1)roler表  2)purview表  二:添加权限 1)添加角色jsp
<%@ page language="java" import="java.util.*" pageEncoding="GBK"%>
<%@page isELIgnored="false" %>
<%@taglib uri="/struts-tags" prefix="s" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<form action="rolerInsertDo.action" method="post">
角色名<input type="text" name="rname"/>
<BR></BR>权限
<table border="1">
<tr><td >新闻</td><td>
<table border="1">
<tr>
<s:iterator value="purviewList" var="pur">
<s:if test="${pur.pmodule=='新闻'}">
<td><input type="checkbox" name="purview" value="${pur.pvalue}"/>${pur.pname }</td>
</s:if>
</s:iterator>
</tr>
</table>
</td></tr>
<tr><td>公告</td><td>
<table border="1">
<tr>
<s:iterator value="purviewList" var="pur">
<s:if test="${pur.pmodule=='公告'}">
<td><input type="checkbox" name="purview" value="${pur.pvalue}"/>${pur.pname }</td>
</s:if>
</s:iterator>
</tr>
</table>
</td></tr>
</table>
<input type="submit"value="提交"/>
</form>
</body>
</html>
2)添加角色action
public String insertDo() {
//获得角色名称和权限值
int p[]=roler.getPurview();
//调用service层
rolerService=new InsertRolerService();
int flag= rolerService.insert(roler);
return SUCCESS;
}
3)添加角色service
public int insert(InsertRolerBean roler){
//开始连接数据库
dbcon=new DBConnection();
sta=dbcon.getSta();
//取出所有选 中的权限值,生成最终的权限值
long sum=0;
for(int i=0;i<roler.getPurview().length;i++){
sum+=Math.pow(2, roler.getPurview()[i]);//getPurview是事先声明好的get和set方法,此数组用来接收前台所选的权限,Math.pow此发放为权限算法
}
sql="insert into roler(rid,rname) values("+sum+",'"+roler.getRname()+"')";
try {
flag=sta.executeUpdate(sql);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return flag;
}
三:根据用户查看此用户所具有的权限 1)查看用户所具有的权限页面 <%@ page language="java" import="java.util.*" pageEncoding="GBK"%> <%@page isELIgnored="false" %> <%@taglib uri="/struts-tags" prefix="s" %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> </head> <body> <form action="checkRoler" method="post"> 用户名:<input type="text" name="rname"> <input type="submit" value="登录"> </form> </body> </html> 2)查询用户所具有的权限action
public String getByName(){
String name=roler.getRname();
//System.out.println("name-------------->"+name);
purviewService=new RolerService();
roler=purviewService.getByRname(name);
long rid=roler.getRid();
System.out.println("rid------------->"+rid);
purviewList=purviewService.getAll();
lis=purviewService.getRoler(purviewList,rid);
lis=purviewService.getQX(lis);
return "success";
}
3)查询用户所具有的权限service a).getByRname方法,用来根据所登用户的名称得到rid字段
public InsertRolerBean getByRname(String rname){
dbcon=new DBConnection();
sta=dbcon.getSta();
sql="select id,rid,rname from roler t where t.rname='"+rname+"'";
try {
rs=sta.executeQuery(sql);
while(rs.next()){
rb=new InsertRolerBean();
rb.setId(rs.getInt("id"));
rb.setRid(rs.getLong("rid"));
rb.setRname(rs.getString("rname"));
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return rb;
}
b).getAll()方法用来得到所有权限名称
public List getAll(){
purviewList=new ArrayList();
//开始连接数据库
dbcon=new DBConnection();
sta=dbcon.getSta();
sql="select pvalue,pname,pmodule from purview";
try {
rs=sta.executeQuery(sql);
//循环打包
while(rs.next()){
RolerBean pur=new RolerBean();
pur.setPvalue(rs.getInt("pvalue"));
pur.setPname(rs.getString("pname"));
pur.setPmodule(rs.getString("pmodule"));
purviewList.add(pur);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}finally{
dbcon.close();
}
return purviewList;
}
c).getRoler()方法,用来得到登录用户所具有的权限
public List getRoler(List lis,long rid){
//System.out.println("lisSize-------------->"+lis.size());
purviewList=new ArrayList();
for(int i=1;i<=lis.size();i++){
long cou=(long) Math.pow(2,i);//将purview表中的pvalue字段进行权限算法
System.out.println("cou------------>"+cou);
long fh=cou&rid;//将权限与用所具有的权限算法进行对比,如果为零则没有这个权限反之具有折个权限
if(fh!=0){
purviewList.add(i);
}
//System.out.println(cou);
}
return purviewList;
}
d)getQX()方法:
public List getQX(List lis){
String str=lis.toString();
String tr=str.substring(1,str.length()-1);//截取已转型成String的List集合中的数字
purviewList=new ArrayList();
dbcon=new DBConnection();
sta=dbcon.getSta();
sql="select pvalue,pname,pmodule from purview where pvalue in("+tr+")";
//System.out.println("hello---------->"+i);
try {
rs=sta.executeQuery(sql);
while(rs.next()){
rob=new RolerBean();
rob.setPvalue(rs.getInt("pvalue"));
rob.setPname(rs.getString("pname"));
rob.setPmodule(rs.getString("pmodule"));
purviewList.add(rob);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return purviewList;
}
四:图例
1)添加角色图例: 数据库表见前边的图
2)查看用户所具有的权限图例: 转载地址:http://blog.csdn.net/wangzihu/article/details/7653244 转载请保留固定链接: https://linuxeye.com/program/582.html |
