dev 权限部分

朱兆平
.gitignore
pom.xml
src/main/java/com/tianbo/warehouse/dao/PERMISSIONMapper.java
src/main/java/com/tianbo/warehouse/dao/ROLEMapper.java
src/main/java/com/tianbo/warehouse/dao/USERSMapper.java
src/main/java/com/tianbo/warehouse/model/PERMISSION.java
src/main/java/com/tianbo/warehouse/model/ROLE.java
src/main/java/com/tianbo/warehouse/model/USERS.java
src/main/java/com/tianbo/warehouse/security/CustomUserDetailService.java
src/main/java/com/tianbo/warehouse/security/MyAccessDecisionManager.java
src/main/java/com/tianbo/warehouse/security/MyFilterSecurityInterceptor.java
src/main/java/com/tianbo/warehouse/security/MyInvocationSecurityMetadataSourceService.java
src/main/java/com/tianbo/warehouse/security/PasswordEncoderImp.java
src/main/java/com/tianbo/warehouse/security/WebSecurityConfig.java
src/main/java/com/tianbo/warehouse/service/UserService.java
src/main/java/com/tianbo/warehouse/service/imp/UserServiceImpl.java
src/main/resources/application.properties
src/main/resources/mapping/PERMISSIONMapper.xml
src/main/resources/mapping/ROLEMapper.xml
src/main/resources/mapping/USERSMapper.xml
--- a/.gitignore
查看文件 @9358b3c
+++ b/.gitignore
查看文件 @9358b3c
@@ -3,7 +3,9 @@
 /logs/
 /out/
 .mvn
- 
+ /lib/
+ /xmlFromImf/
+ /errorLogs/
 ### STS ###
 .apt_generated
 .classpath
--- a/pom.xml
查看文件 @9358b3c
+++ b/pom.xml
查看文件 @9358b3c
@@ -74,6 +74,13 @@
 			</exclusions>
 		</dependency>
 		<!--spring boot-->
+ 		<!-- tools-->
+ 		<dependency>
+ 			<groupId>commons-codec</groupId>
+ 			<artifactId>commons-codec</artifactId>
+ 			<version>1.11</version>
+ 		</dependency>
+ 		<!-- tools-->
 		<!-- alibaba的druid数据库连接池 -->
 		<dependency>
 			<groupId>com.alibaba</groupId>
--- a/src/main/java/com/tianbo/warehouse/dao/PERMISSIONMapper.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/dao/PERMISSIONMapper.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.dao;
+ 
+ import com.tianbo.warehouse.model.PERMISSION;
+ import java.math.BigDecimal;
+ import java.util.List;
+ 
+ public interface PERMISSIONMapper {
+     int deleteByPrimaryKey(BigDecimal permissionId);
+ 
+     int insert(PERMISSION record);
+ 
+     int insertSelective(PERMISSION record);
+ 
+     List<PERMISSION> selectByPrimaryKey(BigDecimal permissionId);
+ 
+     int updateByPrimaryKeySelective(PERMISSION record);
+ 
+     int updateByPrimaryKey(PERMISSION record);
+ 
+     List<PERMISSION> findAll();
+ 
+     List<PERMISSION> findByUserId(BigDecimal userId);
+ }
\ No newline at end of file
--- a/src/main/java/com/tianbo/warehouse/dao/ROLEMapper.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/dao/ROLEMapper.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.dao;
+ 
+ import com.tianbo.warehouse.model.ROLE;
+ import java.math.BigDecimal;
+ import java.util.List;
+ 
+ public interface ROLEMapper {
+     int deleteByPrimaryKey(BigDecimal roleId);
+ 
+     int insert(ROLE record);
+ 
+     int insertSelective(ROLE record);
+ 
+     ROLE selectByPrimaryKey(BigDecimal roleId);
+ 
+     int updateByPrimaryKeySelective(ROLE record);
+ 
+     int updateByPrimaryKey(ROLE record);
+ 
+     List<ROLE> findRolesByUserId(BigDecimal userId);
+ }
\ No newline at end of file
--- a/src/main/java/com/tianbo/warehouse/dao/USERSMapper.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/dao/USERSMapper.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.dao;
+ 
+ import com.tianbo.warehouse.model.ROLE;
+ import com.tianbo.warehouse.model.USERS;
+ import java.math.BigDecimal;
+ import java.util.List;
+ 
+ public interface USERSMapper {
+     int deleteByPrimaryKey(BigDecimal userId);
+ 
+     int insert(USERS record);
+ 
+     int insertSelective(USERS record);
+ 
+     USERS selectByPrimaryKey(BigDecimal userId);
+ 
+     List<USERS> selectByUsername(String userName);
+ 
+     int updateByPrimaryKeySelective(USERS record);
+ 
+     int updateByPrimaryKey(USERS record);
+ 
+ }
\ No newline at end of file
--- a/src/main/java/com/tianbo/warehouse/model/PERMISSION.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/model/PERMISSION.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.model;
+ 
+ import java.math.BigDecimal;
+ 
+ public class PERMISSION {
+     private BigDecimal permissionId;
+ 
+     private String permissionName;
+ 
+     private String permissionSign;
+ 
+     private String description;
+ 
+     private String groupName;
+ 
+     public BigDecimal getPermissionId() {
+         return permissionId;
+     }
+ 
+     public void setPermissionId(BigDecimal permissionId) {
+         this.permissionId = permissionId;
+     }
+ 
+     public String getPermissionName() {
+         return permissionName;
+     }
+ 
+     public void setPermissionName(String permissionName) {
+         this.permissionName = permissionName == null ? null : permissionName.trim();
+     }
+ 
+     public String getPermissionSign() {
+         return permissionSign;
+     }
+ 
+     public void setPermissionSign(String permissionSign) {
+         this.permissionSign = permissionSign == null ? null : permissionSign.trim();
+     }
+ 
+     public String getDescription() {
+         return description;
+     }
+ 
+     public void setDescription(String description) {
+         this.description = description == null ? null : description.trim();
+     }
+ 
+     public String getGroupName() {
+         return groupName;
+     }
+ 
+     public void setGroupName(String groupName) {
+         this.groupName = groupName == null ? null : groupName.trim();
+     }
+ }
\ No newline at end of file
--- a/src/main/java/com/tianbo/warehouse/model/ROLE.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/model/ROLE.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.model;
+ 
+ import org.springframework.security.core.GrantedAuthority;
+ 
+ import java.math.BigDecimal;
+ 
+ public class ROLE implements GrantedAuthority{
+ 
+     private static final long serialVersionUID = -3957539165716897200L;
+ 
+     private BigDecimal roleId;
+ 
+     private String roleName;
+ 
+     private String roleSign;
+ 
+     private String description;
+ 
+     public BigDecimal getRoleId() {
+         return roleId;
+     }
+ 
+     public void setRoleId(BigDecimal roleId) {
+         this.roleId = roleId;
+     }
+ 
+     public String getRoleName() {
+         return roleName;
+     }
+ 
+     public void setRoleName(String roleName) {
+         this.roleName = roleName == null ? null : roleName.trim();
+     }
+ 
+     public String getRoleSign() {
+         return roleSign;
+     }
+ 
+     public void setRoleSign(String roleSign) {
+         this.roleSign = roleSign == null ? null : roleSign.trim();
+     }
+ 
+     public String getDescription() {
+         return description;
+     }
+ 
+     public void setDescription(String description) {
+         this.description = description == null ? null : description.trim();
+     }
+ 
+     @Override
+     public String getAuthority(){
+         return this.getRoleName();
+     }
+ }
\ No newline at end of file
--- a/src/main/java/com/tianbo/warehouse/model/USERS.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/model/USERS.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.model;
+ 
+ import org.springframework.security.core.GrantedAuthority;
+ import org.springframework.security.core.authority.SimpleGrantedAuthority;
+ import org.springframework.security.core.userdetails.UserDetails;
+ 
+ import java.io.Serializable;
+ import java.math.BigDecimal;
+ import java.util.ArrayList;
+ import java.util.Collection;
+ import java.util.Date;
+ import java.util.List;
+ 
+ public class USERS  implements UserDetails{
+ 
+     private static final long serialVersionUID = 1L;
+ 
+     private BigDecimal userId;
+ 
+     private String username;
+ 
+     private String password;
+ 
+     private Short state;
+ 
+     private Date creattime;
+ 
+     private String sex;
+ 
+     private String address;
+ 
+     private Date birthday;
+ 
+     private String mobilephone;
+ 
+     private Date updatetime;
+ 
+     private List<ROLE> roles;
+ 
+     public BigDecimal getUserId() {
+         return userId;
+     }
+ 
+     public void setUserId(BigDecimal userId) {
+         this.userId = userId;
+     }
+ 
+     @Override
+     public String getUsername() {
+         return username;
+     }
+ 
+     public void setUsername(String username) {
+         this.username = username == null ? null : username.trim();
+     }
+ 
+     @Override
+     public String getPassword() {
+         return password;
+     }
+ 
+     public void setPassword(String password) {
+         this.password = password == null ? null : password.trim();
+     }
+ 
+     public Short getState() {
+         return state;
+     }
+ 
+     public void setState(Short state) {
+         this.state = state;
+     }
+ 
+     public Date getCreattime() {
+         return creattime;
+     }
+ 
+     public void setCreattime(Date creattime) {
+         this.creattime = creattime;
+     }
+ 
+     public String getSex() {
+         return sex;
+     }
+ 
+     public void setSex(String sex) {
+         this.sex = sex == null ? null : sex.trim();
+     }
+ 
+     public String getAddress() {
+         return address;
+     }
+ 
+     public void setAddress(String address) {
+         this.address = address == null ? null : address.trim();
+     }
+ 
+     public Date getBirthday() {
+         return birthday;
+     }
+ 
+     public void setBirthday(Date birthday) {
+         this.birthday = birthday;
+     }
+ 
+     public String getMobilephone() {
+         return mobilephone;
+     }
+ 
+     public void setMobilephone(String mobilephone) {
+         this.mobilephone = mobilephone == null ? null : mobilephone.trim();
+     }
+ 
+     public Date getUpdatetime() {
+         return updatetime;
+     }
+ 
+     public void setUpdatetime(Date updatetime) {
+         this.updatetime = updatetime;
+     }
+ 
+     public List<ROLE> getRoles() {
+         return roles;
+     }
+ 
+     public void setRoles(List<ROLE> roles) {
+         this.roles = roles;
+     }
+ 
+     @Override
+     public boolean isAccountNonExpired(){
+         return true;
+     }
+ 
+     @Override
+     public boolean isAccountNonLocked(){
+         return true;
+     }
+ 
+     @Override
+     public boolean isCredentialsNonExpired(){
+         return true;
+     }
+ 
+     @Override
+     public boolean isEnabled(){
+         return true;
+     }
+ 
+     @Override
+     public Collection<? extends GrantedAuthority> getAuthorities(){
+         List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
+         List<ROLE> roles = this.getRoles();
+         for (ROLE role : roles) {
+             auths.add(new SimpleGrantedAuthority(role.getAuthority()));
+         }
+         return auths;
+     }
+ }
\ No newline at end of file
--- a/src/main/java/com/tianbo/warehouse/security/CustomUserDetailService.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/security/CustomUserDetailService.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.security;
+ 
+ import com.tianbo.warehouse.dao.PERMISSIONMapper;
+ import com.tianbo.warehouse.dao.USERSMapper;
+ import com.tianbo.warehouse.model.PERMISSION;
+ import com.tianbo.warehouse.model.USERS;
+ import com.tianbo.warehouse.service.UserService;
+ import org.springframework.beans.factory.annotation.Autowired;
+ import org.springframework.security.core.GrantedAuthority;
+ import org.springframework.security.core.authority.SimpleGrantedAuthority;
+ import org.springframework.security.core.userdetails.User;
+ import org.springframework.security.core.userdetails.UserDetails;
+ import org.springframework.security.core.userdetails.UserDetailsService;
+ import org.springframework.security.core.userdetails.UsernameNotFoundException;
+ import org.springframework.stereotype.Service;
+ 
+ import java.util.ArrayList;
+ import java.util.List;
+ 
+ @Service("customuserservice")
+ public class CustomUserDetailService implements UserDetailsService {
+ 
+     @Autowired
+     UserService userService;
+     @Autowired
+     PERMISSIONMapper permissionMapper;
+ 
+     @Override
+     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+ 
+         try {
+             USERS user = userService.loadByUsername(username);
+ 
+             //这里是根据用户ID取的权限表，还可以根据用户ID 去角色表
+             List<PERMISSION> permissions = permissionMapper.findByUserId(user.getUserId());
+             List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
+             for (PERMISSION permission : permissions) {
+                 if (permission != null && permission.getPermissionName() != null) {
+ 
+                     GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(permission.getPermissionName());
+                     //1：此处将权限信息添加到 GrantedAuthority 对象中，在后面进行全权限验证时会使用GrantedAuthority 对象。
+                     grantedAuthorities.add(grantedAuthority);
+                 }
+             }
+             return user;
+         } catch (UsernameNotFoundException e) {
+ 
+             e.printStackTrace();
+         }
+         return null;
+     }
+ }
--- a/src/main/java/com/tianbo/warehouse/security/MyAccessDecisionManager.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/security/MyAccessDecisionManager.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.security;
+ 
+ import org.springframework.security.access.AccessDecisionManager;
+ import org.springframework.security.access.AccessDeniedException;
+ import org.springframework.security.access.ConfigAttribute;
+ import org.springframework.security.authentication.InsufficientAuthenticationException;
+ import org.springframework.security.core.Authentication;
+ import org.springframework.security.core.GrantedAuthority;
+ import org.springframework.stereotype.Service;
+ 
+ import java.util.Collection;
+ import java.util.Iterator;
+ 
+ @Service
+ public class MyAccessDecisionManager implements AccessDecisionManager{
+ 
+     // decide 方法是判定是否拥有权限的决策方法，
+     //authentication 是释CustomUserService中循环添加到 GrantedAuthority 对象中的权限信息集合.
+     //object 包含客户端发起的请求的requset信息，可转换为 HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
+     //configAttributes 为MyInvocationSecurityMetadataSource的getAttributes(Object object)这个方法返回的结果，此方法是为了判定用户请求的url 是否在权限表中，如果在权限表中，则返回给 decide 方法，用来判定用户是否有此权限。如果不在权限表中则放行。
+ 
+     @Override
+     public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException{
+ 
+         if(null== configAttributes || configAttributes.size() <=0) {
+             return;
+         }
+         ConfigAttribute c;
+         String needRole;
+         for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
+             c = iter.next();
+             needRole = c.getAttribute();
+             //authentication 为在注释1 中循环添加到 GrantedAuthority 对象中的权限信息集合
+             for(GrantedAuthority ga : authentication.getAuthorities()) {
+                 if(needRole.trim().equals(ga.getAuthority())) {
+                     return;
+                 }
+             }
+         }
+         throw new AccessDeniedException("no right");
+     }
+ 
+     @Override
+     public boolean supports(ConfigAttribute var1){
+ 
+         return true;
+     }
+ 
+     @Override
+     public boolean supports(Class<?> var1){
+         return true;
+     }
+ }
--- a/src/main/java/com/tianbo/warehouse/security/MyFilterSecurityInterceptor.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/security/MyFilterSecurityInterceptor.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.security;
+ 
+ import org.springframework.beans.factory.annotation.Autowired;
+ import org.springframework.security.access.SecurityMetadataSource;
+ import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
+ import org.springframework.security.access.intercept.InterceptorStatusToken;
+ import org.springframework.security.web.FilterInvocation;
+ import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+ import org.springframework.stereotype.Service;
+ 
+ import javax.servlet.*;
+ import java.io.IOException;
+ 
+ @Service
+ public class MyFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter {
+ 
+     @Autowired
+     private FilterInvocationSecurityMetadataSource securityMetadataSource;
+ 
+ 
+     @Autowired
+     public void setMyAccessDecisionManager(MyAccessDecisionManager myAccessDecisionManager) {
+         super.setAccessDecisionManager(myAccessDecisionManager);
+     }
+ 
+ 
+     @Override
+     public void init(FilterConfig filterConfig) throws ServletException {
+ 
+     }
+ 
+     @Override
+     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ 
+         FilterInvocation fi = new FilterInvocation(request, response, chain);
+         invoke(fi);
+     }
+ 
+ 
+     public void invoke(FilterInvocation fi) throws IOException, ServletException {
+ //fi里面有一个被拦截的url
+ //里面调用MyInvocationSecurityMetadataSource的getAttributes(Object object)这个方法获取fi对应的所有权限
+ //再调用MyAccessDecisionManager的decide方法来校验用户的权限是否足够
+         InterceptorStatusToken token = super.beforeInvocation(fi);
+         try {
+ //执行下一个拦截器
+             fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
+         } finally {
+             super.afterInvocation(token, null);
+         }
+     }
+ 
+     @Override
+     public void destroy() {
+ 
+     }
+ 
+     @Override
+     public Class<?> getSecureObjectClass() {
+         return FilterInvocation.class;
+     }
+ 
+     @Override
+     public SecurityMetadataSource obtainSecurityMetadataSource() {
+         return this.securityMetadataSource;
+     }
+ 
+ }
--- a/src/main/java/com/tianbo/warehouse/security/MyInvocationSecurityMetadataSourceService.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/security/MyInvocationSecurityMetadataSourceService.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.security;
+ 
+ import com.tianbo.warehouse.dao.PERMISSIONMapper;
+ import com.tianbo.warehouse.model.PERMISSION;
+ import org.springframework.beans.factory.annotation.Autowired;
+ import org.springframework.security.access.ConfigAttribute;
+ import org.springframework.security.access.SecurityConfig;
+ import org.springframework.security.web.FilterInvocation;
+ import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
+ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+ import org.springframework.stereotype.Service;
+ 
+ import javax.servlet.http.HttpServletRequest;
+ import java.util.*;
+ 
+ @Service
+ public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource{
+ 
+     @Autowired
+     PERMISSIONMapper permissionMapper;
+ 
+     private HashMap<String, Collection<ConfigAttribute>> map =null;
+ 
+     /**
+      * 加载权限表中所有权限
+      */
+     public void loadResourceDefine(){
+         map = new HashMap<>();
+         Collection<ConfigAttribute> array;
+         ConfigAttribute cfg;
+         List<PERMISSION> permissions = permissionMapper.findAll();
+         for(PERMISSION permission : permissions) {
+             array = new ArrayList<>();
+             cfg = new SecurityConfig(permission.getPermissionName());
+             //此处只添加了用户的名字，其实还可以添加更多权限的信息，例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
+             array.add(cfg);
+             //用权限的getUrl() 作为map的key，用ConfigAttribute的集合作为 value，
+             map.put(permission.getPermissionSign(), array);
+         }
+ 
+     }
+ 
+     //此方法是为了判定用户请求的url 是否在权限表中，如果在权限表中，则返回给 decide 方法，用来判定用户是否有此权限。如果不在权限表中则放行。
+     @Override
+     public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
+         if(map ==null) {loadResourceDefine();}
+         //object 中包含用户请求的request 信息
+         HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
+         AntPathRequestMatcher matcher;
+         String resUrl;
+         for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
+             resUrl = iter.next();
+             matcher = new AntPathRequestMatcher(resUrl);
+             if(matcher.matches(request)) {
+                 return map.get(resUrl);
+             }
+         }
+         return null;
+     }
+ 
+     @Override
+     public Collection<ConfigAttribute> getAllConfigAttributes() {
+         return null;
+     }
+ 
+     @Override
+     public boolean supports(Class<?> clazz) {
+         return true;
+     }
+ }
--- a/src/main/java/com/tianbo/warehouse/security/PasswordEncoderImp.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/security/PasswordEncoderImp.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.security;
+ 
+ import org.apache.commons.codec.digest.DigestUtils;
+ import org.apache.tomcat.util.security.MD5Encoder;
+ import org.springframework.security.crypto.password.PasswordEncoder;
+ import org.springframework.stereotype.Service;
+ 
+ @Service(value = "passwordEncodeService")
+ public class PasswordEncoderImp implements PasswordEncoder{
+ 
+     @Override
+     public String encode(CharSequence charSequence) {
+         String enncodePassword = DigestUtils.md5Hex(charSequence.toString());
+         return enncodePassword;
+     }
+ 
+     @Override
+     public boolean matches(CharSequence rawPassword, String encodedPassword) {
+         //用户输入的登录密码
+         String endcodeInputPass = DigestUtils.md5Hex(rawPassword.toString());
+         return encodedPassword.equals(endcodeInputPass);
+     }
+ }
--- a/src/main/java/com/tianbo/warehouse/security/WebSecurityConfig.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/security/WebSecurityConfig.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.security;
+ 
+ import org.springframework.beans.factory.annotation.Autowired;
+ import org.springframework.context.annotation.Bean;
+ import org.springframework.context.annotation.Configuration;
+ import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+ import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+ import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+ import org.springframework.security.core.userdetails.UserDetailsService;
+ import org.springframework.security.crypto.password.PasswordEncoder;
+ import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
+ 
+ @Configuration
+ @EnableWebSecurity
+ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+ 
+     @Autowired
+     private MyFilterSecurityInterceptor myFilterSecurityInterceptor;
+ 
+     @Autowired
+     private  PasswordEncoder passwordEncoder;
+ 
+     @Bean
+     UserDetailsService customUserService(){ //注册UserDetailsService 的bean
+         return new CustomUserDetailService();
+     }
+ 
+     @Override
+     protected void configure(AuthenticationManagerBuilder  auth) throws Exception {
+         //user Details Service验证
+         auth.userDetailsService(customUserService()).passwordEncoder(passwordEncoder);
+     }
+ 
+     @Override
+     protected void configure(HttpSecurity http) throws Exception {
+         http.authorizeRequests()
+                 .anyRequest().authenticated() //任何请求,登录后可以访问
+                 .and()
+                 .formLogin()
+                 .loginProcessingUrl("/home")
+                 .loginPage("/login")
+                 .failureUrl("/login?error")
+                 .permitAll() //登录页面用户任意访问
+                 .and()
+                 .logout().permitAll(); //注销行为任意访问
+         http.addFilterBefore(myFilterSecurityInterceptor, FilterSecurityInterceptor.class);
+     }
+ }
--- a/src/main/java/com/tianbo/warehouse/service/UserService.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/service/UserService.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.service;
+ 
+ import com.tianbo.warehouse.model.USERS;
+ 
+ public interface UserService {
+     USERS loadByUsername(String username);
+ }
--- a/src/main/java/com/tianbo/warehouse/service/imp/UserServiceImpl.java 0 → 100644
查看文件 @9358b3c
+++ b/src/main/java/com/tianbo/warehouse/service/imp/UserServiceImpl.java 0 → 100644
查看文件 @9358b3c
+ package com.tianbo.warehouse.service.imp;
+ 
+ import com.tianbo.warehouse.dao.ROLEMapper;
+ import com.tianbo.warehouse.dao.USERSMapper;
+ import com.tianbo.warehouse.model.ROLE;
+ import com.tianbo.warehouse.model.USERS;
+ import com.tianbo.warehouse.service.UserService;
+ import org.springframework.beans.factory.annotation.Autowired;
+ import org.springframework.stereotype.Service;
+ 
+ import java.util.List;
+ 
+ @Service(value = "userService")
+ public class UserServiceImpl implements UserService{
+ 
+     @Autowired
+     private USERSMapper usersMapper;
+ 
+     @Autowired
+     private ROLEMapper roleMapper;
+ 
+     @Override
+     public USERS loadByUsername(String username){
+         List<USERS> userList = usersMapper.selectByUsername(username);
+ 
+         if (userList != null && userList.size() > 0) {
+             USERS user = userList.get(0);
+ 
+             List<ROLE> roleList = roleMapper.findRolesByUserId(user.getUserId());
+             if (roleList!=null && roleList.size()>0){
+                 user.setRoles(roleList);
+                 return user;
+             }
+         }
+         return null;
+ 
+     }
+ }
--- a/src/main/resources/application.properties
查看文件 @9358b3c
+++ b/src/main/resources/application.properties
查看文件 @9358b3c
@@ -42,8 +42,8 @@ spring.datasource.druid.test-on-return=false
 spring.datasource.druid.default-auto-commit=true
 
 mybatis.mapper-locations=classpath:mapping/*.xml
- mybatis.type-aliases-package=com.example.demo.model
- logging.level.com.example.demo.mapper=DEBUG
+ mybatis.type-aliases-package=com.tianbo.warehouse.model
+ logging.level.com.tianbo.warehouse.dao=DEBUG
 
 pagehelper.helper-dialect=oracle
 #pagehelper.auto-dialect=true
--- a/src/main/resources/mapping/PERMISSIONMapper.xml 0 → 100644
查看文件 @9358b3c
+++ b/src/main/resources/mapping/PERMISSIONMapper.xml 0 → 100644
查看文件 @9358b3c
+ <?xml version="1.0" encoding="UTF-8" ?>
+ <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+ <mapper namespace="com.tianbo.warehouse.dao.PERMISSIONMapper" >
+   <resultMap id="BaseResultMap" type="com.tianbo.warehouse.model.PERMISSION" >
+     <id column="PERMISSION_ID" property="permissionId" jdbcType="DECIMAL" />
+     <result column="PERMISSION_NAME" property="permissionName" jdbcType="VARCHAR" />
+     <result column="PERMISSION_SIGN" property="permissionSign" jdbcType="VARCHAR" />
+     <result column="DESCRIPTION" property="description" jdbcType="VARCHAR" />
+     <result column="GROUP_NAME" property="groupName" jdbcType="VARCHAR" />
+   </resultMap>
+   <sql id="Base_Column_List" >
+     PERMISSION_ID, PERMISSION_NAME, PERMISSION_SIGN, DESCRIPTION, GROUP_NAME
+   </sql>
+   <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.math.BigDecimal" >
+     select 
+     <include refid="Base_Column_List" />
+     from PERMISSION
+     where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+   </select>
+   <select id="findAll" resultMap="BaseResultMap" >
+     select
+     <include refid="Base_Column_List" />
+     from PERMISSION
+   </select>
+   <select id="findByUserId" parameterType="java.math.BigDecimal" resultMap="BaseResultMap">
+     select p.*
+     from USERS u
+     LEFT JOIN USER_ROLE ur on u.user_id= ur.user_id
+     LEFT JOIN ROLE r on ur.role_id=r.role_id
+     LEFT JOIN ROLE_PERMISSION rp on rp.role_id=r.role_id
+     LEFT JOIN PERMISSION p on p.PERMISSION_ID =rp.permission_id
+     where u.USER_ID = #{userId,jdbcType=DECIMAL}
+   </select>
+ 
+   <delete id="deleteByPrimaryKey" parameterType="java.math.BigDecimal" >
+     delete from PERMISSION
+     where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+   </delete>
+   <insert id="insert" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+     insert into PERMISSION (PERMISSION_ID, PERMISSION_NAME, PERMISSION_SIGN, 
+       DESCRIPTION, GROUP_NAME)
+     values (#{permissionId,jdbcType=DECIMAL}, #{permissionName,jdbcType=VARCHAR}, #{permissionSign,jdbcType=VARCHAR}, 
+       #{description,jdbcType=VARCHAR}, #{groupName,jdbcType=VARCHAR})
+   </insert>
+   <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+     insert into PERMISSION
+     <trim prefix="(" suffix=")" suffixOverrides="," >
+       <if test="permissionId != null" >
+         PERMISSION_ID,
+       </if>
+       <if test="permissionName != null" >
+         PERMISSION_NAME,
+       </if>
+       <if test="permissionSign != null" >
+         PERMISSION_SIGN,
+       </if>
+       <if test="description != null" >
+         DESCRIPTION,
+       </if>
+       <if test="groupName != null" >
+         GROUP_NAME,
+       </if>
+     </trim>
+     <trim prefix="values (" suffix=")" suffixOverrides="," >
+       <if test="permissionId != null" >
+         #{permissionId,jdbcType=DECIMAL},
+       </if>
+       <if test="permissionName != null" >
+         #{permissionName,jdbcType=VARCHAR},
+       </if>
+       <if test="permissionSign != null" >
+         #{permissionSign,jdbcType=VARCHAR},
+       </if>
+       <if test="description != null" >
+         #{description,jdbcType=VARCHAR},
+       </if>
+       <if test="groupName != null" >
+         #{groupName,jdbcType=VARCHAR},
+       </if>
+     </trim>
+   </insert>
+   <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+     update PERMISSION
+     <set >
+       <if test="permissionName != null" >
+         PERMISSION_NAME = #{permissionName,jdbcType=VARCHAR},
+       </if>
+       <if test="permissionSign != null" >
+         PERMISSION_SIGN = #{permissionSign,jdbcType=VARCHAR},
+       </if>
+       <if test="description != null" >
+         DESCRIPTION = #{description,jdbcType=VARCHAR},
+       </if>
+       <if test="groupName != null" >
+         GROUP_NAME = #{groupName,jdbcType=VARCHAR},
+       </if>
+     </set>
+     where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+   </update>
+   <update id="updateByPrimaryKey" parameterType="com.tianbo.warehouse.model.PERMISSION" >
+     update PERMISSION
+     set PERMISSION_NAME = #{permissionName,jdbcType=VARCHAR},
+       PERMISSION_SIGN = #{permissionSign,jdbcType=VARCHAR},
+       DESCRIPTION = #{description,jdbcType=VARCHAR},
+       GROUP_NAME = #{groupName,jdbcType=VARCHAR}
+     where PERMISSION_ID = #{permissionId,jdbcType=DECIMAL}
+   </update>
+ </mapper>
\ No newline at end of file
--- a/src/main/resources/mapping/ROLEMapper.xml 0 → 100644
查看文件 @9358b3c
+++ b/src/main/resources/mapping/ROLEMapper.xml 0 → 100644
查看文件 @9358b3c
+ <?xml version="1.0" encoding="UTF-8" ?>
+ <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+ <mapper namespace="com.tianbo.warehouse.dao.ROLEMapper" >
+   <resultMap id="BaseResultMap" type="com.tianbo.warehouse.model.ROLE" >
+     <id column="ROLE_ID" property="roleId" jdbcType="DECIMAL" />
+     <result column="ROLE_NAME" property="roleName" jdbcType="VARCHAR" />
+     <result column="ROLE_SIGN" property="roleSign" jdbcType="VARCHAR" />
+     <result column="DESCRIPTION" property="description" jdbcType="VARCHAR" />
+   </resultMap>
+   <sql id="Base_Column_List" >
+     ROLE_ID, ROLE_NAME, ROLE_SIGN, DESCRIPTION
+   </sql>
+   <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.math.BigDecimal" >
+     select 
+     <include refid="Base_Column_List" />
+     from ROLE
+     where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+   </select>
+   <select id="findRolesByUserId" parameterType="java.math.BigDecimal" resultMap="BaseResultMap">
+     SELECT
+     R.*
+     FROM
+     USERS U
+     LEFT JOIN USER_ROLE UR ON U .USER_ID = UR.USER_ID
+     LEFT JOIN ROLE R ON  R.ROLE_ID= UR.ROLE_ID
+     where U.USER_ID = #{userId,jdbcType=DECIMAL}
+   </select>
+   <delete id="deleteByPrimaryKey" parameterType="java.math.BigDecimal" >
+     delete from ROLE
+     where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+   </delete>
+   <insert id="insert" parameterType="com.tianbo.warehouse.model.ROLE" >
+     insert into ROLE (ROLE_ID, ROLE_NAME, ROLE_SIGN, 
+       DESCRIPTION)
+     values (#{roleId,jdbcType=DECIMAL}, #{roleName,jdbcType=VARCHAR}, #{roleSign,jdbcType=VARCHAR}, 
+       #{description,jdbcType=VARCHAR})
+   </insert>
+   <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.ROLE" >
+     insert into ROLE
+     <trim prefix="(" suffix=")" suffixOverrides="," >
+       <if test="roleId != null" >
+         ROLE_ID,
+       </if>
+       <if test="roleName != null" >
+         ROLE_NAME,
+       </if>
+       <if test="roleSign != null" >
+         ROLE_SIGN,
+       </if>
+       <if test="description != null" >
+         DESCRIPTION,
+       </if>
+     </trim>
+     <trim prefix="values (" suffix=")" suffixOverrides="," >
+       <if test="roleId != null" >
+         #{roleId,jdbcType=DECIMAL},
+       </if>
+       <if test="roleName != null" >
+         #{roleName,jdbcType=VARCHAR},
+       </if>
+       <if test="roleSign != null" >
+         #{roleSign,jdbcType=VARCHAR},
+       </if>
+       <if test="description != null" >
+         #{description,jdbcType=VARCHAR},
+       </if>
+     </trim>
+   </insert>
+   <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.ROLE" >
+     update ROLE
+     <set >
+       <if test="roleName != null" >
+         ROLE_NAME = #{roleName,jdbcType=VARCHAR},
+       </if>
+       <if test="roleSign != null" >
+         ROLE_SIGN = #{roleSign,jdbcType=VARCHAR},
+       </if>
+       <if test="description != null" >
+         DESCRIPTION = #{description,jdbcType=VARCHAR},
+       </if>
+     </set>
+     where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+   </update>
+   <update id="updateByPrimaryKey" parameterType="com.tianbo.warehouse.model.ROLE" >
+     update ROLE
+     set ROLE_NAME = #{roleName,jdbcType=VARCHAR},
+       ROLE_SIGN = #{roleSign,jdbcType=VARCHAR},
+       DESCRIPTION = #{description,jdbcType=VARCHAR}
+     where ROLE_ID = #{roleId,jdbcType=DECIMAL}
+   </update>
+ </mapper>
\ No newline at end of file
--- a/src/main/resources/mapping/USERSMapper.xml 0 → 100644
查看文件 @9358b3c
+++ b/src/main/resources/mapping/USERSMapper.xml 0 → 100644
查看文件 @9358b3c
+ <?xml version="1.0" encoding="UTF-8" ?>
+ <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
+ <mapper namespace="com.tianbo.warehouse.dao.USERSMapper" >
+   <resultMap id="BaseResultMap" type="com.tianbo.warehouse.model.USERS" >
+     <id column="USER_ID" property="userId" jdbcType="DECIMAL" />
+     <result column="USERNAME" property="username" jdbcType="VARCHAR" />
+     <result column="PASSWORD" property="password" jdbcType="VARCHAR" />
+     <result column="STATE" property="state" jdbcType="DECIMAL" />
+     <result column="CREATTIME" property="creattime" jdbcType="TIMESTAMP" />
+     <result column="SEX" property="sex" jdbcType="VARCHAR" />
+     <result column="ADDRESS" property="address" jdbcType="VARCHAR" />
+     <result column="BIRTHDAY" property="birthday" jdbcType="TIMESTAMP" />
+     <result column="MOBILEPHONE" property="mobilephone" jdbcType="VARCHAR" />
+     <result column="UPDATETIME" property="updatetime" jdbcType="TIMESTAMP" />
+   </resultMap>
+   <sql id="Base_Column_List" >
+     USER_ID, USERNAME, PASSWORD, STATE, CREATTIME, SEX, ADDRESS, BIRTHDAY, MOBILEPHONE, 
+     UPDATETIME
+   </sql>
+   <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.math.BigDecimal" >
+     select 
+     <include refid="Base_Column_List" />
+     from USERS
+     where USER_ID = #{userId,jdbcType=DECIMAL}
+   </select>
+   <select id="selectByUsername" resultMap="BaseResultMap" parameterType="java.lang.String" >
+     select
+     <include refid="Base_Column_List" />
+     from USERS
+     where USERNAME = #{username,jdbcType=VARCHAR}
+   </select>
+   <delete id="deleteByPrimaryKey" parameterType="java.math.BigDecimal" >
+     delete from USERS
+     where USER_ID = #{userId,jdbcType=DECIMAL}
+   </delete>
+   <insert id="insert" parameterType="com.tianbo.warehouse.model.USERS" >
+     insert into USERS (USER_ID, USERNAME, PASSWORD, 
+       STATE, CREATTIME, SEX, 
+       ADDRESS, BIRTHDAY, MOBILEPHONE, 
+       UPDATETIME)
+     values (#{userId,jdbcType=DECIMAL}, #{username,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR}, 
+       #{state,jdbcType=DECIMAL}, #{creattime,jdbcType=TIMESTAMP}, #{sex,jdbcType=VARCHAR}, 
+       #{address,jdbcType=VARCHAR}, #{birthday,jdbcType=TIMESTAMP}, #{mobilephone,jdbcType=VARCHAR}, 
+       #{updatetime,jdbcType=TIMESTAMP})
+   </insert>
+   <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.USERS" >
+     insert into USERS
+     <trim prefix="(" suffix=")" suffixOverrides="," >
+       <if test="userId != null" >
+         USER_ID,
+       </if>
+       <if test="username != null" >
+         USERNAME,
+       </if>
+       <if test="password != null" >
+         PASSWORD,
+       </if>
+       <if test="state != null" >
+         STATE,
+       </if>
+       <if test="creattime != null" >
+         CREATTIME,
+       </if>
+       <if test="sex != null" >
+         SEX,
+       </if>
+       <if test="address != null" >
+         ADDRESS,
+       </if>
+       <if test="birthday != null" >
+         BIRTHDAY,
+       </if>
+       <if test="mobilephone != null" >
+         MOBILEPHONE,
+       </if>
+       <if test="updatetime != null" >
+         UPDATETIME,
+       </if>
+     </trim>
+     <trim prefix="values (" suffix=")" suffixOverrides="," >
+       <if test="userId != null" >
+         #{userId,jdbcType=DECIMAL},
+       </if>
+       <if test="username != null" >
+         #{username,jdbcType=VARCHAR},
+       </if>
+       <if test="password != null" >
+         #{password,jdbcType=VARCHAR},
+       </if>
+       <if test="state != null" >
+         #{state,jdbcType=DECIMAL},
+       </if>
+       <if test="creattime != null" >
+         #{creattime,jdbcType=TIMESTAMP},
+       </if>
+       <if test="sex != null" >
+         #{sex,jdbcType=VARCHAR},
+       </if>
+       <if test="address != null" >
+         #{address,jdbcType=VARCHAR},
+       </if>
+       <if test="birthday != null" >
+         #{birthday,jdbcType=TIMESTAMP},
+       </if>
+       <if test="mobilephone != null" >
+         #{mobilephone,jdbcType=VARCHAR},
+       </if>
+       <if test="updatetime != null" >
+         #{updatetime,jdbcType=TIMESTAMP},
+       </if>
+     </trim>
+   </insert>
+   <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.USERS" >
+     update USERS
+     <set >
+       <if test="username != null" >
+         USERNAME = #{username,jdbcType=VARCHAR},
+       </if>
+       <if test="password != null" >
+         PASSWORD = #{password,jdbcType=VARCHAR},
+       </if>
+       <if test="state != null" >
+         STATE = #{state,jdbcType=DECIMAL},
+       </if>
+       <if test="creattime != null" >
+         CREATTIME = #{creattime,jdbcType=TIMESTAMP},
+       </if>
+       <if test="sex != null" >
+         SEX = #{sex,jdbcType=VARCHAR},
+       </if>
+       <if test="address != null" >
+         ADDRESS = #{address,jdbcType=VARCHAR},
+       </if>
+       <if test="birthday != null" >
+         BIRTHDAY = #{birthday,jdbcType=TIMESTAMP},
+       </if>
+       <if test="mobilephone != null" >
+         MOBILEPHONE = #{mobilephone,jdbcType=VARCHAR},
+       </if>
+       <if test="updatetime != null" >
+         UPDATETIME = #{updatetime,jdbcType=TIMESTAMP},
+       </if>
+     </set>
+     where USER_ID = #{userId,jdbcType=DECIMAL}
+   </update>
+   <update id="updateByPrimaryKey" parameterType="com.tianbo.warehouse.model.USERS" >
+     update USERS
+     set USERNAME = #{username,jdbcType=VARCHAR},
+       PASSWORD = #{password,jdbcType=VARCHAR},
+       STATE = #{state,jdbcType=DECIMAL},
+       CREATTIME = #{creattime,jdbcType=TIMESTAMP},
+       SEX = #{sex,jdbcType=VARCHAR},
+       ADDRESS = #{address,jdbcType=VARCHAR},
+       BIRTHDAY = #{birthday,jdbcType=TIMESTAMP},
+       MOBILEPHONE = #{mobilephone,jdbcType=VARCHAR},
+       UPDATETIME = #{updatetime,jdbcType=TIMESTAMP}
+     where USER_ID = #{userId,jdbcType=DECIMAL}
+   </update>
+ </mapper>
\ No newline at end of file