Python 官方文档:入门教程 => 点击学习
目录让数据操作处于事务控制下1.在Appconfig里配置事务拦截器2.在Resource的方法上使用Transaction注解配置事务 对api进行权限控制1.设计权限数
public void configInterceptor(InterceptorLoader interceptorLoader) {
//事务的拦截器 @Transaction
interceptorLoader.add(new TransactionInterceptor());
}
@API("/users")
public class UserResource extends ApiResource {
@POST
@Transaction
public User save(User user,UserInfo info) {
return user.save() && info.save();
}
}DROP TABLE IF EXISTS sec_user;
CREATE TABLE sec_user (
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL COMMENT '登录名',
providername VARCHAR(50) NOT NULL COMMENT '提供者',
email VARCHAR(200) COMMENT '邮箱',
mobile VARCHAR(50) COMMENT '手机',
passWord VARCHAR(200) NOT NULL COMMENT '密码',
avatar_url VARCHAR(255) COMMENT '头像',
first_name VARCHAR(10) COMMENT '名字',
last_name VARCHAR(10) COMMENT '姓氏',
full_name VARCHAR(20) COMMENT '全名',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP,
deleted_at TIMESTAMP NULL
) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='用户';
DROP TABLE IF EXISTS sec_user_info;
CREATE TABLE sec_user_info (
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
user_id BIGINT NOT NULL COMMENT '用户id',
creator_id BIGINT COMMENT '创建者id',
gender INT DEFAULT 0 COMMENT '性别0男,1女',
province_id BIGINT COMMENT '省id',
city_id BIGINT COMMENT '市id',
county_id BIGINT COMMENT '县id',
street VARCHAR(500) COMMENT '街道',
zip_code VARCHAR(50) COMMENT '邮编',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP,
deleted_at TIMESTAMP NULL
) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='用户信息';
DROP TABLE IF EXISTS sec_role;
CREATE TABLE sec_role (
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(50) NOT NULL COMMENT '名称',
value VARCHAR(50) NOT NULL COMMENT '值',
intro VARCHAR(255) COMMENT '简介',
pid BIGINT DEFAULT 0 COMMENT '父级id',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP,
deleted_at TIMESTAMP NULL
) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='角色';
DROP TABLE IF EXISTS sec_user_role;
CREATE TABLE sec_user_role (
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
user_id BIGINT NOT NULL,
role_id BIGINT NOT NULL
) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='用户角色';
DROP TABLE IF EXISTS sec_permission;
CREATE TABLE sec_permission (
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(50) NOT NULL COMMENT '名称',
method VARCHAR(10) NOT NULL COMMENT '方法',
value VARCHAR(50) NOT NULL COMMENT '值',
url VARCHAR(255) COMMENT 'url地址',
intro VARCHAR(255) COMMENT '简介',
pid BIGINT DEFAULT 0 COMMENT '父级id',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
updated_at TIMESTAMP NULL ON UPDATE CURRENT_TIMESTAMP,
deleted_at TIMESTAMP NULL
) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='权限';
DROP TABLE IF EXISTS sec_role_permission;
CREATE TABLE sec_role_permission (
id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY,
role_id BIGINT NOT NULL,
permission_id BIGINT NOT NULL
) ENGINE =InnoDB DEFAULT CHARSET =utf8 COMMENT ='角色权限';
public class MyAuthenticateService implements AuthenticateService {
public Principal getPrincipal(String username) {
Principal<User> principal=null;
User u = User.dao.findBy("username=?", username);
if (u != null) {
principal = new Principal<User>(u.getStr("username"), u.getStr("password"), new HashSet<String>(u.getPermissions()), u);
}
return principal;
}
public Set<Credential> getAllCredentials() {
List<Permission> permissions = Permission.dao.findBy("deleted_at is null");
Set<Credential> credentials = new HashSet<Credential>();
for (Permission permission : permissions) {
credentials.add(new Credential(permission.getStr("method"), permission.getStr("url"), permission.getStr("value")));
}
return credentials;
}
}
public void configInterceptor(InterceptorLoader interceptorLoader) {
//权限拦截器 2表示用户登录的最大session数量 MyAuthenticateService 数据加载实现类
interceptorLoader.add(new SecurityInterceptor(2, new MyAuthenticateService()));
}
-- create role--
INSERT INTO sec_role(name, value, intro, pid,created_at)
VALUES ('超级管理员','R_ADMIN','',0, current_timestamp),
('销售','R_SALER','',1,current_timestamp),
('财务','R_FINANCER','',1,current_timestamp),
('设置','R_SETTER','',1,current_timestamp);
-- create permission--
INSERT INTO sec_permission( name,method, value, url, intro,pid, created_at)
VALUES ('订单','*','P_ORDER','/api/v1.0/orders/**','订单访问权限',0,current_timestamp),
('销售','*','P_SALE','/api/v1.0/sales/**','销售访问权限',0,current_timestamp),
('财务','*','P_FINANCE','/api/v1.0/finances/**','财务访问权限',0,current_timestamp),
('仓库','*','P_STORE','/api/v1.0/stores/**','仓库访问权限',0,current_timestamp),
('设置','*','P_SETTING','/api/v1.0/settings/**','设置访问权限',0,current_timestamp);
INSERT INTO sec_role_permission(role_id, permission_id)
VALUES (1,1),(1,2),(1,3),(1,4),(1,5),
(2,1),(2,2),(2,4),
(3,1),(3,2),(3,3),(3,4),
(4,5);
-- user data--
-- create admin--
INSERT INTO sec_user(username, providername, email, mobile, password, avatar_url, first_name, last_name, full_name, created_at)
VALUES ('admin','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3Df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁辉','王','仁辉·王',current_timestamp),
('saler','dreampie','<a href="Https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁辉','王','仁辉·王',current_timestamp),
('financer','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁辉','王','仁辉·王',current_timestamp),
('setter','dreampie','<a href="https://dreampie.gitbooks.io/cdn-cgi/l/email-protection" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" target="_blank" >[email protected]</a>','18611434500','a217d8ac340ee5da8098bff32a5769ebad5d4cfd74adebe6c7020db4dc4c3df517f56f6bc41882deb47814bd060db6f1e225219b095d7906d2115ba9e8ab80a0','','仁辉','王','仁辉·王',current_timestamp);
-- create user_info--
INSERT INTO sec_user_info(user_id, creator_id, gender,province_id,city_id,county_id,street,created_at)
VALUES (1,0,0,1,2,3,'人民大学',current_timestamp),
(2,0,0,1,2,3,'人民大学',current_timestamp),
(3,0,0,1,2,3,'人民大学',current_timestamp),
(4,0,0,1,2,3,'人民大学',current_timestamp);
-- create user_role--
INSERT INTO sec_user_role( user_id, role_id)
VALUES (1,1),(2,2),(3,3),(4,4);以上就是基于resty security的Api权限控制与事务支持的详细内容,更多关于resty security的Api权限控制与事务支持的资料请关注编程网其它相关文章!
--结束END--
本文标题: 基于resty security的Api权限控制与事务支持
本文链接: https://www.lsjlt.com/news/141585.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
下载Word文档到电脑,方便收藏和打印~
2024-03-01
2024-03-01
2024-03-01
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
官方手机版
微信公众号
商务合作
0