新增AuthorityService及其实现类

新增net.wendal.nutzbook.service.AuthorityService类

  1. package net.wendal.nutzbook.service;
  2. import net.wendal.nutzbook.bean.Role;
  3. import net.wendal.nutzbook.bean.User;
  4. public interface AuthorityService {
  5. /**
  6. * 扫描RequiresPermissions和RequiresRoles注解
  7. * @param pkg 需要扫描的package
  8. */
  9. void initFormPackage(String pkg);
  10. /**
  11. * 检查最基础的权限,确保admin用户-admin角色-(用户增删改查-权限增删改查)这一基础权限设置
  12. * @param admin
  13. */
  14. void checkBasicRoles(User admin);
  15. /**
  16. * 添加一个权限
  17. */
  18. public void addPermission(String permission);
  19. /**
  20. * 添加一个角色
  21. */
  22. public Role addRole(String role);
  23. }

及其实现类AuthorityServiceImpl(节选)

  1. public void checkBasicRoles(User admin) {
  2. // 检查一下admin的权限
  3. Role adminRole = dao.fetch(Role.class, "admin");
  4. if (adminRole == null) {
  5. adminRole = addRole("admin");
  6. }
  7. // admin账号必须存在与admin组
  8. if (0 == dao.count("t_user_role", Cnd.where("u_id", "=", admin.getId()).and("role_id", "=", adminRole.getId()))) {
  9. dao.insert("t_user_role", Chain.make("u_id", admin.getId()).add("role_id", adminRole.getId()));
  10. }
  11. // admin组必须有authority:* 也就是权限管理相关的权限
  12. List<Record> res = dao.query("t_role_permission", Cnd.where("role_id", "=", adminRole.getId()));
  13. OUT: for (Permission permission : dao.query(Permission.class, Cnd.where("name", "like", "authority:%").or("name", "like", "user:%"), null)) {
  14. for (Record re : res) {
  15. if (re.getInt("permission_id") == permission.getId())
  16. continue OUT;
  17. }
  18. dao.insert("t_role_permission", Chain.make("role_id", adminRole.getId()).add("permission_id", permission.getId()));
  19. };
  20. }