溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章主要介紹了基于resty security的Api權限控制與事務支持的方法的相關知識,內容詳細易懂,操作簡單快捷,具有一定借鑒價值,相信大家閱讀完這篇基于resty security的Api權限控制與事務支持的方法文章都會有所收獲,下面我們一起來看看吧。
public void configInterceptor(InterceptorLoader interceptorLoader) {
//事務的攔截器 @Transaction
interceptorLoader.add(new TransactionInterceptor());
}@API("/users")
public class UserResource extends ApiResource {
/**
* 在一個數據源執行多個數據操作使用@Transaction注解
* 如果時多個數據源 使用 @Transaction(name={"ds1","ds2"})
* 數據源的名字和application.properties 里對應
*/
@POST
@Transaction
public User save(User user,UserInfo info) {
return user.save() && info.save();
}
}DROP TABLE IF EXISTS sec_user; CREATE TABLE sec_user ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(50) NOT NULL COMMENT '登錄名', providername VARCHAR(50) NOT NULL COMMENT '提供者', email VARCHAR(200) COMMENT '郵箱', mobile VARCHAR(50) COMMENT '手機', password VARCHAR(200) NOT NULL COMMENT '密碼', avatar_url VARCHAR(255) COMMENT '頭像', first_name VARCHAR(10) COMMENT '名字', last_name VARCHAR(10) COMMENT '姓氏', full_name VARCHAR(20) COMMENT '全名', created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP, deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='用戶'; DROP TABLE IF EXISTS sec_user_info; CREATE TABLE sec_user_info ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY, user_id BIGINT NOT NULL COMMENT '用戶id', creator_id BIGINT COMMENT '創建者id', gender INT DEFAULT 0 COMMENT '性別0男,1女', province_id BIGINT COMMENT '省id', city_id BIGINT COMMENT '市id', county_id BIGINT COMMENT '縣id', street VARCHAR(500) COMMENT '街道', zip_code VARCHAR(50) COMMENT '郵編', created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP, deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='用戶信息'; DROP TABLE IF EXISTS sec_role; CREATE TABLE sec_role ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY, name VARCHAR(50) NOT NULL COMMENT '名稱', value VARCHAR(50) NOT NULL COMMENT '值', intro VARCHAR(255) COMMENT '簡介', pid BIGINT DEFAULT 0 COMMENT '父級id', created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP, deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='角色'; DROP TABLE IF EXISTS sec_user_role; CREATE TABLE sec_user_role ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY, user_id BIGINT NOT NULL, role_id BIGINT NOT NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='用戶角色'; DROP TABLE IF EXISTS sec_permission; CREATE TABLE sec_permission ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY, name VARCHAR(50) NOT NULL COMMENT '名稱', method VARCHAR(10) NOT NULL COMMENT '方法', value VARCHAR(50) NOT NULL COMMENT '值', url VARCHAR(255) COMMENT 'url地址', intro VARCHAR(255) COMMENT '簡介', pid BIGINT DEFAULT 0 COMMENT '父級id', created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP, deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='權限'; DROP TABLE IF EXISTS sec_role_permission; CREATE TABLE sec_role_permission ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY, role_id BIGINT NOT NULL, permission_id BIGINT NOT NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='角色權限';
public class MyAuthenticateService implements AuthenticateService {
/**
* 查詢用戶信息
* @param username 登錄的用戶名
* @return 用戶權限對象
*/
public Principal getPrincipal(String username) {
Principal<User> principal=null;
User u = User.dao.findBy("username=?", username);
if (u != null) {
principal = new Principal<User>(u.getStr("username"), u.getStr("password"), new HashSet<String>(u.getPermissions()), u);
}
return principal;
}
/**
* 加載全部的權限信息
* @return 權限集合
*/
public Set<Credential> getAllCredentials() {
List<Permission> permissions = Permission.dao.findBy("deleted_at is null");
Set<Credential> credentials = new HashSet<Credential>();
for (Permission permission : permissions) {
credentials.add(new Credential(permission.getStr("method"), permission.getStr("url"), permission.getStr("value")));
}
return credentials;
}
}public void configInterceptor(InterceptorLoader interceptorLoader) {
//權限攔截器 2表示用戶登錄的最大session數量 MyAuthenticateService 數據加載實現類
interceptorLoader.add(new SecurityInterceptor(2, new MyAuthenticateService()));
}-- create role--
INSERT INTO sec_role(name, value, intro, pid,created_at)
VALUES ('超級管理員','R_ADMIN','',0, current_timestamp),
('銷售','R_SALER','',1,current_timestamp),
('財務','R_FINANCER','',1,current_timestamp),
('設置','R_SETTER','',1,current_timestamp);
-- create permission--
INSERT INTO sec_permission( name,method, value, url, intro,pid, created_at)
VALUES ('訂單','*','P_ORDER','/api/v1.0/orders/**','訂單訪問權限',0,current_timestamp),
('銷售','*','P_SALE','/api/v1.0/sales/**','銷售訪問權限',0,current_timestamp),
('財務','*','P_FINANCE','/api/v1.0/finances/**','財務訪問權限',0,current_timestamp),
('倉庫','*','P_STORE','/api/v1.0/stores/**','倉庫訪問權限',0,current_timestamp),
('設置','*','P_SETTING','/api/v1.0/settings/**','設置訪問權限',0,current_timestamp);
INSERT INTO sec_role_permission(role_id, permission_id)
VALUES (1,1),(1,2),(1,3),(1,4),(1,5),
(2,1),(2,2),(2,4),
(3,1),(3,2),(3,3),(3,4),
(4,5);
-- user data--
-- create admin--
INSERT INTO sec_user(username, providername, email, mobile, password, avatar_url, first_name, last_name, full_name, created_at)
VALUES ('admin','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁輝','王','仁輝·王',current_timestamp),
('saler','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁輝','王','仁輝·王',current_timestamp),
('financer','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁輝','王','仁輝·王',current_timestamp),
('setter','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁輝','王','仁輝·王',current_timestamp);
-- create user_info--
INSERT INTO sec_user_info(user_id, creator_id, gender,province_id,city_id,county_id,street,created_at)
VALUES (1,0,0,1,2,3,'人民大學',current_timestamp),
(2,0,0,1,2,3,'人民大學',current_timestamp),
(3,0,0,1,2,3,'人民大學',current_timestamp),
(4,0,0,1,2,3,'人民大學',current_timestamp);
-- create user_role--
INSERT INTO sec_user_role( user_id, role_id)
VALUES (1,1),(2,2),(3,3),(4,4);關于“基于resty security的Api權限控制與事務支持的方法”這篇文章的內容就介紹到這里,感謝各位的閱讀!相信大家對“基于resty security的Api權限控制與事務支持的方法”知識都有一定的了解,大家如果還想學習更多知識,歡迎關注億速云行業資訊頻道。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
