Skip to content

Commit 920e9d0

Browse files
c0de8ug-droidc0de8ug-droid
committed
add role function
1 parent 4412a27 commit 920e9d0

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

52 files changed

+525
-184
lines changed

pom.xml

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -32,23 +32,29 @@
3232
<dependency>
3333
<groupId>org.apache.shiro</groupId>
3434
<artifactId>shiro-core</artifactId>
35-
<version>1.2.2</version>
35+
<version>1.2.4</version>
3636
</dependency>
3737
<dependency>
3838
<groupId>org.apache.shiro</groupId>
3939
<artifactId>shiro-web</artifactId>
40-
<version>1.2.2</version>
40+
<version>1.2.4</version>
4141
</dependency>
4242
<dependency>
4343
<groupId>org.apache.shiro</groupId>
4444
<artifactId>shiro-quartz</artifactId>
45-
<version>1.2.2</version>
45+
<version>1.2.4</version>
4646
</dependency>
4747
<dependency>
4848
<groupId>org.apache.shiro</groupId>
4949
<artifactId>shiro-spring</artifactId>
50-
<version>1.2.2</version>
50+
<version>1.2.4</version>
5151
</dependency>
52+
<dependency>
53+
<groupId>org.apache.shiro</groupId>
54+
<artifactId>shiro-aspectj</artifactId>
55+
<version>1.2.4</version>
56+
</dependency>
57+
5258

5359
<dependency>
5460
<groupId>mysql</groupId>
@@ -61,12 +67,12 @@
6167
<dependency>
6268
<groupId>org.aspectj</groupId>
6369
<artifactId>aspectjrt</artifactId>
64-
<version>1.7.4</version>
70+
<version>1.8.8</version>
6571
</dependency>
6672
<dependency>
6773
<groupId>org.aspectj</groupId>
6874
<artifactId>aspectjweaver</artifactId>
69-
<version>1.7.4</version>
75+
<version>1.8.8</version>
7076
</dependency>
7177
<dependency>
7278
<groupId>org.springframework</groupId>

src/main/java/com/giit/www/college/controller/ClazzController.java

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
import com.giit.www.college.service.ClazzBiz;
44
import com.giit.www.util.TermContainer;
5+
import org.apache.shiro.authz.annotation.RequiresRoles;
56
import org.springframework.stereotype.Controller;
67
import org.springframework.ui.Model;
78
import org.springframework.web.bind.annotation.RequestBody;
@@ -13,30 +14,35 @@
1314
* Created by c0de8ug on 16-2-11.
1415
*/
1516
@Controller
17+
1618
@RequestMapping("clazz.do")
1719
public class ClazzController {
1820

1921
@Resource(name = "clazzBizImpl")
2022
private ClazzBiz clazzBiz;
2123

24+
@RequiresRoles("admin")
2225
@RequestMapping("add")
2326
public String add(String deptName, String specName, String year) {
2427
clazzBiz.add(deptName, specName, year);
2528
return "redirect:/clazz.do/clazz.view";
2629
}
2730

31+
@RequiresRoles("admin")
2832
@RequestMapping("delete")
2933
public String delete(int clazzId) {
3034
clazzBiz.delete(clazzId);
3135
return "redirect:/clazz.do/clazz.view";
3236
}
3337

38+
@RequiresRoles("admin")
3439
@RequestMapping("clazz.view")
3540
public String findAll(Model m) {
3641
m.addAttribute("clazzList", clazzBiz.findAll());
3742
return "/admin/college/clazz";
3843
}
3944

45+
@RequiresRoles("admin")
4046
@RequestMapping("clazz_add.view")
4147
public String findDeptAndSpec(Model m) {
4248
m.addAttribute("deptAndSpecJson", clazzBiz.findDeptAndSpecJson());

src/main/java/com/giit/www/college/controller/CourseController.java

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
import com.giit.www.college.service.CourseBiz;
44
import com.giit.www.entity.Course;
5+
import org.apache.shiro.authz.annotation.RequiresRoles;
56
import org.springframework.stereotype.Controller;
67
import org.springframework.ui.Model;
78
import org.springframework.web.bind.annotation.RequestMapping;
@@ -12,29 +13,34 @@
1213
* Created by c0de8ug on 16-2-12.
1314
*/
1415
@Controller
16+
1517
@RequestMapping("course.do")
1618
public class CourseController {
1719
@Resource(name = "courseBizImpl")
1820
private CourseBiz courseBiz;
1921

22+
@RequiresRoles("admin")
2023
@RequestMapping("course.view")
2124
private String courseView(Model m) {
2225
m.addAttribute("courseList", courseBiz.findAll());
2326
return "/admin/college/course";
2427
}
2528

29+
@RequiresRoles("admin")
2630
@RequestMapping("course_add.view")
2731
private String courseAddView(Model m) {
2832
m.addAttribute("specNameList", courseBiz.findAllSpecName());
2933
return "/admin/college/course_add";
3034
}
3135

36+
@RequiresRoles("admin")
3237
@RequestMapping("add")
3338
private String add(Course course) {
3439
courseBiz.add(course);
3540
return "redirect:/course.do/course.view";
3641
}
3742

43+
@RequiresRoles("admin")
3844
@RequestMapping("delete")
3945
private String delete(String courseTitle) {
4046
courseBiz.delete(courseTitle);

src/main/java/com/giit/www/college/controller/DeptController.java

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
import com.giit.www.college.service.DeptBiz;
44
import com.giit.www.entity.Dept;
5+
import org.apache.shiro.authz.annotation.RequiresRoles;
56
import org.springframework.stereotype.Controller;
67
import org.springframework.ui.Model;
78
import org.springframework.web.bind.annotation.RequestMapping;
@@ -19,34 +20,40 @@ public class DeptController {
1920
@Resource(name = "deptBizImpl")
2021
private DeptBiz deptBiz;
2122

23+
@RequiresRoles("admin")
2224
@RequestMapping("dept.view")
2325
public String deptView(Model m) {
2426
m.addAttribute("deptList", deptBiz.findAll());
2527
return "/admin/college/dept";
2628
}
2729

30+
@RequiresRoles("admin")
2831
@RequestMapping("dept_add.view")
2932
public String deptAddView(Model m) {
3033
return "/admin/college/dept_add";
3134
}
3235

36+
@RequiresRoles("admin")
3337
@RequestMapping("dept_update.view")
3438
public String deptUpdateView(Model m) {
3539
return "/admin/college/dept_update";
3640
}
3741

42+
@RequiresRoles("admin")
3843
@RequestMapping("add")
3944
public String add(String deptName) {
4045
deptBiz.add(deptName);
4146
return "redirect:/dept.do/dept.view";
4247
}
4348

49+
@RequiresRoles("admin")
4450
@RequestMapping("update")
4551
public String update(Dept dept) {
4652
deptBiz.update(dept);
4753
return "redirect:/dept.do/dept.view";
4854
}
4955

56+
@RequiresRoles("admin")
5057
@RequestMapping("delete")
5158
public String delete(int deptId) {
5259
deptBiz.delete(deptId);

src/main/java/com/giit/www/college/controller/OrderBookController.java

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@
66
import com.giit.www.entity.custom.OrderBookReviewVo;
77
import com.giit.www.entity.custom.OrderBookVo;
88
import com.giit.www.util.TermContainer;
9+
import org.apache.shiro.authz.annotation.Logical;
10+
import org.apache.shiro.authz.annotation.RequiresRoles;
911
import org.springframework.http.HttpStatus;
1012
import org.springframework.stereotype.Controller;
1113
import org.springframework.ui.Model;
@@ -24,45 +26,48 @@
2426
* Created by c0de8ug on 16-2-13.
2527
*/
2628
//TODO URL我自己定义全小写
27-
@RequestMapping("orderbook.do")
2829
@Controller
30+
@RequestMapping("orderbook.do")
31+
2932
public class OrderBookController {
3033
@Resource(name = "orderBookBizImpl")
3134
private OrderBookBiz orderBookBiz;
3235

36+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
3337
@RequestMapping("orderbook.view")
3438
public String orderBookView(Model m, HttpSession httpSession) {
3539
String staffId = (String) httpSession.getAttribute("username");
3640

37-
//TODO 这里的year应该从服务器端开课的地方拿,但是如何拿怎么拿有点不理解,先给它一个值
38-
//而且对于一个老师上多门相同的课区分也有问题
3941
List<Section> sectionList = orderBookBiz.findSelectedSection(staffId, TermContainer.now());
4042
int courseCount = sectionList.size();
4143
m.addAttribute("selectedSectionList", sectionList);
4244
m.addAttribute("courseCount", courseCount);
4345
return "/teacher/orderbook";
4446
}
4547

48+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
4649
@RequestMapping("orderbook_review.view")
4750
public String orderBookReviewView(Model m, HttpSession session) {
4851
//TODO 放到SESSION方便处理
4952
session.setAttribute("notReviewedBookList", orderBookBiz.findAllNotReviewedBook());
5053
return "/teacher/orderbook_review";
5154
}
5255

56+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
5357
@RequestMapping("orderbook_add.view")
5458
public String orderBookAddView(Model m) {
5559
return "/teacher/orderbook_add";
5660
}
5761

62+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
5863
@RequestMapping("orderbook_added.view")
5964
public String orderBookAddedView(Model m, HttpSession session) {
6065
String staffId = (String) session.getAttribute("username");
6166
m.addAttribute("addedBookInfoList", orderBookBiz.findAddedBookInfoList(staffId));
6267
return "/teacher/orderbook_added";
6368
}
6469

65-
70+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
6671
@RequestMapping("add")
6772
public String add(HttpServletRequest request, HttpSession session) {
6873
Map map = request.getParameterMap();
@@ -73,12 +78,14 @@ public String add(HttpServletRequest request, HttpSession session) {
7378
return "redirect:/orderbook.do/orderbook.view";
7479
}
7580

81+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
7682
@RequestMapping("update")
7783
@ResponseStatus(value = HttpStatus.OK)
7884
public void update(@RequestBody ChangedItems changedItems, HttpSession session) {
7985
orderBookBiz.update(changedItems, (String) session.getAttribute("username"));
8086
}
8187

88+
@RequiresRoles(value = {"admin", "teacher"}, logical = Logical.OR)
8289
@RequestMapping("audit")
8390
public String audit(HttpSession session) {
8491
List<OrderBookReviewVo> orderBookReviewVoList = (List<OrderBookReviewVo>) session.getAttribute("notReviewedBookList");

src/main/java/com/giit/www/college/controller/SectionController.java

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
import com.giit.www.entity.Section;
55
import com.giit.www.entity.Timetable;
66
import com.giit.www.util.TermContainer;
7+
import org.apache.shiro.authz.annotation.RequiresRoles;
78
import org.springframework.stereotype.Controller;
89
import org.springframework.ui.Model;
910
import org.springframework.web.bind.annotation.RequestMapping;
@@ -21,12 +22,14 @@ public class SectionController {
2122
@Resource(name = "sectionBizImpl")
2223
private SectionBiz sectionBiz;
2324

25+
@RequiresRoles("admin")
2426
@RequestMapping("section.view")
2527
public String sectionView(Model m) {
2628
m.addAttribute("sectionList", sectionBiz.findAllCustom());
2729
return "/admin/college/section";
2830
}
2931

32+
@RequiresRoles("admin")
3033
@RequestMapping("section_add.view")
3134
public String sectionAddView(Model m) {
3235
m.addAttribute("courseTitleList", sectionBiz.findAllCourseTitle());
@@ -35,25 +38,27 @@ public String sectionAddView(Model m) {
3538
return "/admin/college/section_add";
3639
}
3740

41+
@RequiresRoles("admin")
3842
@RequestMapping("section_timetable_add.view")
3943
public String sectionTimetableAdd(Model m) {
4044
return "/admin/college/section_timetable_add";
4145
}
4246

47+
@RequiresRoles("admin")
4348
@RequestMapping("add")
4449
public String add(Section section, HttpSession session) {
45-
String staffId = (String) session.getAttribute("username");
46-
sectionBiz.add(section, staffId);
50+
sectionBiz.add(section);
4751
return "redirect:section.view";
4852
}
4953

54+
@RequiresRoles("admin")
5055
@RequestMapping("addTimetable")
5156
public String addTimetable(Timetable timetable) {
5257
sectionBiz.addTimetable(timetable);
5358
return "redirect:section.view";
5459
}
5560

56-
61+
@RequiresRoles("admin")
5762
@RequestMapping("delete")
5863
public String delete(int secId) {
5964
sectionBiz.delete(secId);

src/main/java/com/giit/www/college/controller/SpecController.java

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
import com.giit.www.college.service.SpecBiz;
55
import com.giit.www.entity.Spec;
66
import org.apache.ibatis.annotations.Param;
7+
import org.apache.shiro.authz.annotation.RequiresRoles;
78
import org.springframework.stereotype.Controller;
89
import org.springframework.ui.Model;
910
import org.springframework.web.bind.annotation.RequestMapping;
@@ -20,37 +21,38 @@ public class SpecController {
2021
@Resource(name = "specBizImpl")
2122
SpecBiz specBiz;
2223

23-
24+
@RequiresRoles("admin")
2425
@RequestMapping("spec_add.view")
2526
public String specAddView(Model m) {
2627
m.addAttribute("deptNameList", specBiz.findDpet());
2728
return "/admin/college/spec_add";
2829
}
2930

3031
//TODO 该名字deptAndSpec不好,但是不知道如何命名-, -
32+
@RequiresRoles("admin")
3133
@RequestMapping("spec.view")
3234
public String specView(Model m) {
3335
m.addAttribute("deptAndSpec", specBiz.findDeptAndSpec());
3436
return "/admin/college/spec";
3537
}
36-
38+
@RequiresRoles("admin")
3739
@RequestMapping("spec_update.view")
3840
public String specUpdateView(Model m) {
3941
return "/admin/college/spec_update";
4042
}
41-
43+
@RequiresRoles("admin")
4244
@RequestMapping("update")
4345
public String update(@Param("specName") String newSpecName, @Param("newSpecName") String specName) {
4446
specBiz.update(specName, newSpecName);
4547
return "redirect:/spec.do/spec.view";
4648
}
47-
49+
@RequiresRoles("admin")
4850
@RequestMapping("add")
4951
public String add(Spec spec) {
5052
specBiz.add(spec);
5153
return "redirect:/spec.do/spec.view";
5254
}
53-
55+
@RequiresRoles("admin")
5456
@RequestMapping("delete")
5557
public String delete(String specName) {
5658
specBiz.delete(specName);

0 commit comments

Comments
 (0)