1 創建數據庫
docker run \
--name security_db \
-e MYSQL_ROOT_HOST=%.%.%.% \
-e MYSQL_ROOT_PASSWORD=123456 \
-p 6969:3306 \
-di mysql:8.0.18
jdbc:mysql://ip:6969/?serverTimezone=UTC
CREATE DATABASE security_db;
USE security_db;
2 設計表
![]()
CREATE TABLE `sys_user`
(
`id` VARCHAR(64) NOT NULL COMMENT '用戶ID',
`username` varchar(20) NOT NULL COMMENT '用戶名',
`password` varchar(100) NOT NULL COMMENT '密碼',
`salt` varchar(20) DEFAULT NULL COMMENT '鹽加密(爲null說明是明文存儲,需要升級爲密文)',
`status` tinyint DEFAULT 1 COMMENT '狀態(0禁用、1正常)',
`create_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT '插入時間',
`update_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改時間',
PRIMARY KEY (`id`),
UNIQUE KEY `uk_user_username` (`username`)
) DEFAULT CHARSET = utf8mb4 COMMENT ='用戶表';
CREATE TABLE `sys_role`
(
`id` VARCHAR(64) NOT NULL COMMENT '角色ID',
`role_name` varchar(20) DEFAULT NULL COMMENT '角色名',
`role_desc` varchar(250) DEFAULT NULL COMMENT '角色說明',
`create_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT '插入時間',
`update_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改時間',
PRIMARY KEY (`id`)
) DEFAULT CHARSET = utf8mb4 COMMENT ='角色表';
CREATE TABLE `sys_permission`
(
`id` VARCHAR(64) NOT NULL COMMENT '權限ID',
`perm_tag` varchar(50) DEFAULT NULL COMMENT '權限標識符',
`perm_desc` varchar(250) DEFAULT NULL COMMENT '權限說明',
`create_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT '插入時間',
`update_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改時間',
PRIMARY KEY (`id`)
) DEFAULT CHARSET = utf8mb4 COMMENT ='權限表';
CREATE TABLE `sys_user_role`
(
`user_id` VARCHAR(64) NOT NULL COMMENT '用戶ID',
`role_id` VARCHAR(64) NOT NULL COMMENT '角色ID',
`create_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT '插入時間',
`update_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改時間',
PRIMARY KEY (`user_id`, `role_id`),
CONSTRAINT `fk_userRole_userId` FOREIGN KEY (`user_id`) REFERENCES `sys_user` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_userRole_roleId` FOREIGN KEY (`role_id`) REFERENCES `sys_role` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT
) DEFAULT CHARSET = utf8mb4 COMMENT ='用戶角色表';
CREATE TABLE `sys_role_permission`
(
`role_id` VARCHAR(64) NOT NULL COMMENT '角色ID',
`perm_id` VARCHAR(64) NOT NULL COMMENT '權限ID',
`create_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT '插入時間',
`update_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改時間',
PRIMARY KEY (`role_id`, `perm_id`),
CONSTRAINT `fk_rolePermission_roleId` FOREIGN KEY (`role_id`) REFERENCES `sys_role` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `fk_rolePermission_permId` FOREIGN KEY (`perm_id`) REFERENCES `sys_permission` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT
) DEFAULT CHARSET = utf8mb4 COMMENT ='角色權限表';
-- ----------------------------
-- 用戶表 123456
-- ----------------------------
INSERT INTO `sys_user`(id, username, salt, password)
VALUES ('1', '張三', 'e3f9fdf61f5d42bc84db', 'u0h5xlqUh44ccogtzsP0t7L1yAe2mi3OxmtDyLyvZ0c='),
('2', '歆瑤', 'e3f9fdf61f5d42bc84db', 'u0h5xlqUh44ccogtzsP0t7L1yAe2mi3OxmtDyLyvZ0c=');
-- ----------------------------
-- 角色表
-- ----------------------------
INSERT INTO `sys_role`(id, role_name, role_desc)
VALUES ('100', '輔導員', '超級管理員,擁有所有權限'),
('200', '班長', '查詢權限');
-- ----------------------------
-- 權限表
-- ----------------------------
INSERT INTO `sys_permission`(id, perm_tag, perm_desc)
VALUES ('1000', 'student:add', '增加學生權限'),
('2000', 'student:delete', '刪除學生權限'),
('3000', 'student:update', '修改學生權限'),
('4000', 'student:list', '查看學生列表權限'),
('5000', 'student:select', '查看學生權限');
-- ----------------------------
-- 角色權限表
-- ----------------------------
-- 輔導員擁有所有權限
insert into sys_role_permission(role_id, perm_id)
select r.id rID, p.id pID
from sys_role r,
sys_permission p
where r.role_name = '輔導員';
-- 班長擁有查詢權限
insert into sys_role_permission(role_id, perm_id)
select r.id rID, p.id pID
from sys_role r,
sys_permission p
where r.role_name = '班長'
and (p.perm_tag = 'student:select' or p.perm_tag = 'student:list');
-- ----------------------------
-- 用戶角色表
-- ----------------------------
-- 歆瑤是輔導員
insert into sys_user_role(user_id, role_id)
select u.id uID, r.id rID
from sys_user u
join sys_role r on r.role_name = '輔導員' and u.username = '歆瑤';
-- 張三是班長
insert into sys_user_role(user_id, role_id)
select u.id uID, r.id rID
from sys_user u
join sys_role r on r.role_name = '班長' and u.username = '張三';
select u.id userId,
u.username username,
u.password password,
r.id roleId,
r.role_name roleName,
r.role_desc roleDesc,
p.id permId,
p.perm_tag permTag,
p.perm_desc permDesc
from sys_user u
join sys_user_role ur on ur.user_id = u.id
join sys_role r on r.id = ur.role_id
join sys_role_permission rp on rp.role_id = r.id
join sys_permission p on p.id = rp.perm_id
where username = '歆瑤'
![]()
3 MyBatis多表聯查
/**
* 用戶 角色 權限 關聯表
*/
public interface UserRolePermissionMapper {
/**
* 通過用戶名返回詳細的用戶信息(用戶 角色 權限)
*
* @param username 用戶名
*/
User getUserDetailByUsername(String username);
/**
* 插入用戶和角色關係
*
* @param userId 用戶id
* @param roleId 角色id
*/
void insertUserRoleRelation(@Param("userId") String userId, @Param("roleId") String roleId);
/**
* 插入角色和權限關係
*
* @param roleId 角色id
* @param permId 權限id
*/
void insertRolePermissionRelation(@Param("roleId") String roleId, @Param("permId") String permId);
}
<!--
返回用戶詳細信息
UserRolePermissionMapper.xml
-->
<resultMap type="cn.yuanyu.studentapi.entity.User" id="userDetailresultMap">
<!-- 封裝用戶 -->
<id property="id" column="userId"/>
<result property="username" column="username"/>
<result property="password" column="password"/>
<result property="salt" column="salt"/>
<result property="status" column="status"/>
<!-- 封裝角色 -->
<collection property="roles" ofType="cn.yuanyu.studentapi.entity.Role">
<id property="id" column="roleId"/>
<result property="roleName" column="roleName"/>
<result property="roleDesc" column="roleDesc"/>
<!-- 封裝權限 -->
<collection property="permissions" ofType="cn.yuanyu.studentapi.entity.Permission">
<id property="id" column="permId"/>
<result property="permTag" column="permTag"/>
<result property="permDesc" column="permDesc"/>
</collection>
</collection>
</resultMap>
<select id="getUserDetailByUsername" resultMap="userDetailresultMap">
select u.id userId,
u.salt salt,
u.status status,
u.username username,
u.password password,
r.id roleId,
r.role_name roleName,
r.role_desc roleDesc,
p.id permId,
p.perm_tag permTag,
p.perm_desc permDesc
from sys_user u
join sys_user_role ur on ur.user_id = u.id
join sys_role r on r.id = ur.role_id
join sys_role_permission rp on rp.role_id = r.id
join sys_permission p on p.id = rp.perm_id
where username = #{username};
</select>
<!--
UserRolePermissionMapper.xml
-->
<insert id="insertUserRoleRelation">
insert into sys_user_role (user_id, role_id)
values (#{userId}, #{roleId})
</insert>
<insert id="insertRolePermissionRelation">
insert into sys_role_permission (role_id, perm_id)
values (#{roleId}, #{permId})
</insert>
