好得很程序员自学网

<tfoot draggable='sEl'></tfoot>

基于resty security的Api权限控制与事务支持

让数据操作处于事务控制下

1. 在Appconfig里配置事务拦截器

?

1

2

3

4

public void configInterceptor(InterceptorLoader interceptorLoader) {

     //事务的拦截器 @Transaction

     interceptorLoader.add( new TransactionInterceptor());

}

2. 在Resource的方法上使用Transaction注解配置事务

?

1

2

3

4

5

6

7

8

9

10

11

12

13

@API ( "/users" )

public class UserResource extends ApiResource {

   /**

    * 在一个数据源执行多个数据操作使用@Transaction注解

    * 如果时多个数据源 使用 @Transaction(name={"ds1","ds2"})

    * 数据源的名字和application.properties 里对应

    */

   @POST

   @Transaction

   public User save(User user,UserInfo info) {

     return user.save() && info.save();

   }

}

 对Api进行权限控制

1. 设计权限数据结构

?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

DROP TABLE IF EXISTS sec_user;

CREATE TABLE sec_user (

   id            BIGINT        NOT NULL AUTO_INCREMENT PRIMARY KEY ,

   username      VARCHAR (50)  NOT NULL COMMENT '登录名' ,

   providername  VARCHAR (50)  NOT NULL COMMENT '提供者' ,

   email         VARCHAR (200) COMMENT '邮箱' ,

   mobile        VARCHAR (50) COMMENT '手机' ,

   password       VARCHAR (200) NOT NULL COMMENT '密码' ,

   avatar_url    VARCHAR (255) COMMENT '头像' ,

   first_name    VARCHAR (10) COMMENT '名字' ,

   last_name     VARCHAR (10) COMMENT '姓氏' ,

   full_name     VARCHAR (20) COMMENT '全名' ,

   created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP    NOT NULL ,

   updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP ,

   deleted_at TIMESTAMP NULL

) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '用户' ;

 

DROP TABLE IF EXISTS sec_user_info;

CREATE TABLE sec_user_info (

   id          BIGINT     NOT NULL AUTO_INCREMENT PRIMARY KEY ,

   user_id     BIGINT     NOT NULL COMMENT '用户id' ,

   creator_id  BIGINT COMMENT '创建者id' ,

   gender      INT DEFAULT 0 COMMENT '性别0男,1女' ,

   province_id BIGINT COMMENT '省id' ,

   city_id     BIGINT COMMENT '市id' ,

   county_id   BIGINT COMMENT '县id' ,

   street      VARCHAR (500) COMMENT '街道' ,

   zip_code    VARCHAR (50) COMMENT '邮编' ,

   created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP    NOT NULL ,

   updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP ,

   deleted_at TIMESTAMP NULL

) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '用户信息' ;

 

DROP TABLE IF EXISTS sec_role;

CREATE TABLE sec_role (

   id         BIGINT     NOT NULL AUTO_INCREMENT PRIMARY KEY ,

   name        VARCHAR (50)   NOT NULL COMMENT '名称' ,

   value      VARCHAR (50)  NOT NULL COMMENT '值' ,

   intro      VARCHAR (255) COMMENT '简介' ,

   pid        BIGINT DEFAULT 0 COMMENT '父级id' ,

   created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP    NOT NULL ,

   updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP ,

   deleted_at TIMESTAMP NULL

) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '角色' ;

 

DROP TABLE IF EXISTS sec_user_role;

CREATE TABLE sec_user_role (

   id      BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,

   user_id BIGINT NOT NULL ,

   role_id BIGINT NOT NULL

) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '用户角色' ;

 

DROP TABLE IF EXISTS sec_permission;

CREATE TABLE sec_permission (

   id         BIGINT       NOT NULL AUTO_INCREMENT PRIMARY KEY ,

   name        VARCHAR (50) NOT NULL COMMENT '名称' ,

   method      VARCHAR (10) NOT NULL COMMENT '方法' ,

   value      VARCHAR (50) NOT NULL COMMENT '值' ,

   url        VARCHAR (255) COMMENT 'url地址' ,

   intro      VARCHAR (255) COMMENT '简介' ,

   pid        BIGINT DEFAULT 0 COMMENT '父级id' ,

   created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP    NOT NULL ,

   updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP ,

   deleted_at TIMESTAMP NULL

) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '权限' ;

 

DROP TABLE IF EXISTS sec_role_permission;

CREATE TABLE sec_role_permission (

   id            BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY ,

   role_id       BIGINT NOT NULL ,

   permission_id BIGINT NOT NULL

) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '角色权限' ;

2. 实现AuthenticateService权限数据加载接口

?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

public class MyAuthenticateService implements AuthenticateService {

   /**

    * 查询用户信息 

    * @param username 登录的用户名

    * @return 用户权限对象

    */

   public Principal getPrincipal(String username) {

     Principal<User> principal= null ;

     User u = User.dao.findBy( "username=?" , username);

     if (u != null ) {

       principal = new Principal<User>(u.getStr( "username" ), u.getStr( "password" ), new HashSet<String>(u.getPermissions()), u);

     }

     return principal;

   }

   /**

    * 加载全部的权限信息

    * @return 权限集合

    */

   public Set<Credential> getAllCredentials() {

     List<Permission> permissions = Permission.dao.findBy( "deleted_at is null" );

     Set<Credential> credentials = new HashSet<Credential>();

 

     for (Permission permission : permissions) {

       credentials.add( new Credential(permission.getStr( "method" ), permission.getStr( "url" ), permission.getStr( "value" )));

     }

 

     return credentials;

   }

}

3. 在AppConfig里配置SecurityInterceptor权限拦截器

?

1

2

3

4

public void configInterceptor(InterceptorLoader interceptorLoader) {

     //权限拦截器 2表示用户登录的最大session数量 MyAuthenticateService 数据加载实现类

     interceptorLoader.add( new SecurityInterceptor( 2 , new MyAuthenticateService()));

}

4. 模拟的用户数据

?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

-- create role--

INSERT INTO sec_role( name , value, intro, pid,created_at)

VALUES ( '超级管理员' , 'R_ADMIN' , '' ,0, current_timestamp ),

        ( '销售' , 'R_SALER' , '' ,1, current_timestamp ),

        ( '财务' , 'R_FINANCER' , '' ,1, current_timestamp ),

        ( '设置' , 'R_SETTER' , '' ,1, current_timestamp );

 

-- create permission--

INSERT INTO sec_permission( name ,method, value, url, intro,pid, created_at)

VALUES ( '订单' , '*' , 'P_ORDER' , '/api/v1.0/orders/**' , '订单访问权限' ,0, current_timestamp ),

        ( '销售' , '*' , 'P_SALE' , '/api/v1.0/sales/**' , '销售访问权限' ,0, current_timestamp ),

        ( '财务' , '*' , 'P_FINANCE' , '/api/v1.0/finances/**' , '财务访问权限' ,0, current_timestamp ),

        ( '仓库' , '*' , 'P_STORE' , '/api/v1.0/stores/**' , '仓库访问权限' ,0, current_timestamp ),

        ( '设置' , '*' , 'P_SETTING' , '/api/v1.0/settings/**' , '设置访问权限' ,0, current_timestamp );

 

INSERT INTO sec_role_permission(role_id, permission_id)

VALUES (1,1),(1,2),(1,3),(1,4),(1,5),

        (2,1),(2,2),(2,4),

        (3,1),(3,2),(3,3),(3,4),

        (4,5);

 

-- user data--

-- create  admin--

INSERT INTO sec_user(username, providername, email, mobile, password , avatar_url, first_name, last_name, full_name, created_at)

VALUES ( 'admin' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow"  rel="external nofollow"  rel="external nofollow"  rel="external nofollow"          target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ),

        ( 'saler' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow"  rel="external nofollow"  rel="external nofollow"  rel="external nofollow"          target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ),

        ( 'financer' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow"  rel="external nofollow"  rel="external nofollow"  rel="external nofollow"          target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ),

        ( 'setter' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow"  rel="external nofollow"  rel="external nofollow"  rel="external nofollow"          target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp );

 

-- create user_info--

INSERT INTO sec_user_info(user_id, creator_id, gender,province_id,city_id,county_id,street,created_at)

VALUES (1,0,0,1,2,3, '人民大学' , current_timestamp ),

        (2,0,0,1,2,3, '人民大学' , current_timestamp ),

        (3,0,0,1,2,3, '人民大学' , current_timestamp ),

        (4,0,0,1,2,3, '人民大学' , current_timestamp );

 

-- create user_role--

INSERT INTO sec_user_role( user_id, role_id)

VALUES (1,1),(2,2),(3,3),(4,4);

以上就是基于resty security的Api权限控制与事务支持的详细内容,更多关于resty security的Api权限控制与事务支持的资料请关注其它相关文章!

原文链接:https://dreampie.gitbooks.io/resty-chs/content/transaction.html

查看更多关于基于resty security的Api权限控制与事务支持的详细内容...

声明:本文来自网络,不代表【好得很程序员自学网】立场,转载请注明出处:http://www.haodehen.cn/did201856
  阅读:17次

上一篇: redis实现分布式锁实例详解

下一篇:spring cloud oauth2 feign 遇到的坑及解决