让数据操作处于事务控制下
1. 在Appconfig里配置事务拦截器
1
2
3
4
|
public void configInterceptor(InterceptorLoader interceptorLoader) { //事务的拦截器 @Transaction interceptorLoader.add( new TransactionInterceptor()); } |
2. 在Resource的方法上使用Transaction注解配置事务
1
2
3
4
5
6
7
8
9
10
11
12
13
|
@API ( "/users" ) public class UserResource extends ApiResource { /** * 在一个数据源执行多个数据操作使用@Transaction注解 * 如果时多个数据源 使用 @Transaction(name={"ds1","ds2"}) * 数据源的名字和application.properties 里对应 */ @POST @Transaction public User save(User user,UserInfo info) { return user.save() && info.save(); } } |
对Api进行权限控制
1. 设计权限数据结构
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
DROP TABLE IF EXISTS sec_user; CREATE TABLE sec_user ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY , username VARCHAR (50) NOT NULL COMMENT '登录名' , providername VARCHAR (50) NOT NULL COMMENT '提供者' , email VARCHAR (200) COMMENT '邮箱' , mobile VARCHAR (50) COMMENT '手机' , password VARCHAR (200) NOT NULL COMMENT '密码' , avatar_url VARCHAR (255) COMMENT '头像' , first_name VARCHAR (10) COMMENT '名字' , last_name VARCHAR (10) COMMENT '姓氏' , full_name VARCHAR (20) COMMENT '全名' , created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL , updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP , deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '用户' ; DROP TABLE IF EXISTS sec_user_info; CREATE TABLE sec_user_info ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY , user_id BIGINT NOT NULL COMMENT '用户id' , creator_id BIGINT COMMENT '创建者id' , gender INT DEFAULT 0 COMMENT '性别0男,1女' , province_id BIGINT COMMENT '省id' , city_id BIGINT COMMENT '市id' , county_id BIGINT COMMENT '县id' , street VARCHAR (500) COMMENT '街道' , zip_code VARCHAR (50) COMMENT '邮编' , created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL , updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP , deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '用户信息' ; DROP TABLE IF EXISTS sec_role; CREATE TABLE sec_role ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY , name VARCHAR (50) NOT NULL COMMENT '名称' , value VARCHAR (50) NOT NULL COMMENT '值' , intro VARCHAR (255) COMMENT '简介' , pid BIGINT DEFAULT 0 COMMENT '父级id' , created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL , updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP , deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '角色' ; DROP TABLE IF EXISTS sec_user_role; CREATE TABLE sec_user_role ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY , user_id BIGINT NOT NULL , role_id BIGINT NOT NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '用户角色' ; DROP TABLE IF EXISTS sec_permission; CREATE TABLE sec_permission ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY , name VARCHAR (50) NOT NULL COMMENT '名称' , method VARCHAR (10) NOT NULL COMMENT '方法' , value VARCHAR (50) NOT NULL COMMENT '值' , url VARCHAR (255) COMMENT 'url地址' , intro VARCHAR (255) COMMENT '简介' , pid BIGINT DEFAULT 0 COMMENT '父级id' , created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL , updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP , deleted_at TIMESTAMP NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '权限' ; DROP TABLE IF EXISTS sec_role_permission; CREATE TABLE sec_role_permission ( id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY , role_id BIGINT NOT NULL , permission_id BIGINT NOT NULL ) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT = '角色权限' ; |
2. 实现AuthenticateService权限数据加载接口
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
public class MyAuthenticateService implements AuthenticateService { /** * 查询用户信息 * @param username 登录的用户名 * @return 用户权限对象 */ public Principal getPrincipal(String username) { Principal<User> principal= null ; User u = User.dao.findBy( "username=?" , username); if (u != null ) { principal = new Principal<User>(u.getStr( "username" ), u.getStr( "password" ), new HashSet<String>(u.getPermissions()), u); } return principal; } /** * 加载全部的权限信息 * @return 权限集合 */ public Set<Credential> getAllCredentials() { List<Permission> permissions = Permission.dao.findBy( "deleted_at is null" ); Set<Credential> credentials = new HashSet<Credential>(); for (Permission permission : permissions) { credentials.add( new Credential(permission.getStr( "method" ), permission.getStr( "url" ), permission.getStr( "value" ))); } return credentials; } } |
3. 在AppConfig里配置SecurityInterceptor权限拦截器
1
2
3
4
|
public void configInterceptor(InterceptorLoader interceptorLoader) { //权限拦截器 2表示用户登录的最大session数量 MyAuthenticateService 数据加载实现类 interceptorLoader.add( new SecurityInterceptor( 2 , new MyAuthenticateService())); } |
4. 模拟的用户数据
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
-- create role-- INSERT INTO sec_role( name , value, intro, pid,created_at) VALUES ( '超级管理员' , 'R_ADMIN' , '' ,0, current_timestamp ), ( '销售' , 'R_SALER' , '' ,1, current_timestamp ), ( '财务' , 'R_FINANCER' , '' ,1, current_timestamp ), ( '设置' , 'R_SETTER' , '' ,1, current_timestamp ); -- create permission-- INSERT INTO sec_permission( name ,method, value, url, intro,pid, created_at) VALUES ( '订单' , '*' , 'P_ORDER' , '/api/v1.0/orders/**' , '订单访问权限' ,0, current_timestamp ), ( '销售' , '*' , 'P_SALE' , '/api/v1.0/sales/**' , '销售访问权限' ,0, current_timestamp ), ( '财务' , '*' , 'P_FINANCE' , '/api/v1.0/finances/**' , '财务访问权限' ,0, current_timestamp ), ( '仓库' , '*' , 'P_STORE' , '/api/v1.0/stores/**' , '仓库访问权限' ,0, current_timestamp ), ( '设置' , '*' , 'P_SETTING' , '/api/v1.0/settings/**' , '设置访问权限' ,0, current_timestamp ); INSERT INTO sec_role_permission(role_id, permission_id) VALUES (1,1),(1,2),(1,3),(1,4),(1,5), (2,1),(2,2),(2,4), (3,1),(3,2),(3,3),(3,4), (4,5); -- user data-- -- create admin-- INSERT INTO sec_user(username, providername, email, mobile, password , avatar_url, first_name, last_name, full_name, created_at) VALUES ( 'admin' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ), ( 'saler' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ), ( 'financer' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ), ( 'setter' , 'dreampie' , '<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>' , '18611434500' , 'a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0' , '' , '仁辉' , '王' , '仁辉·王' , current_timestamp ); -- create user_info-- INSERT INTO sec_user_info(user_id, creator_id, gender,province_id,city_id,county_id,street,created_at) VALUES (1,0,0,1,2,3, '人民大学' , current_timestamp ), (2,0,0,1,2,3, '人民大学' , current_timestamp ), (3,0,0,1,2,3, '人民大学' , current_timestamp ), (4,0,0,1,2,3, '人民大学' , current_timestamp ); -- create user_role-- INSERT INTO sec_user_role( user_id, role_id) VALUES (1,1),(2,2),(3,3),(4,4); |
以上就是基于resty security的Api权限控制与事务支持的详细内容,更多关于resty security的Api权限控制与事务支持的资料请关注服务器之家其它相关文章!
原文链接:https://dreampie.gitbooks.io/resty-chs/content/transaction.html