文章目录
建议配合视频学习食用(3-1~3-8):
https://www.bilibili.com/video/BV1rr4y1F7Y2?p=1
10.部门管理
1.更改数据库sys_dept sys_permission
2.Spring Security防止点击劫持攻击
菜单栏与内容栏是分层的,添加防止点击劫持攻击可以将子页面显示到右面的区域中
![在这里插入图片描述](https://www.icode9.com/i/ll/?i=bc23886e27e9475794c857ec232063ab.png?,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAcXFfMTI5MTc5OTU1MA==,size_20,color_FFFFFF,t_70,g_se,x_16)
修改spring-security.xml文件,在http标签内添加
<!-- 防止点击劫持攻击 -->
<!-- <!– 启用后,将X-Frame-Options标头添加到响应中,这使较新的浏览器可以进行一些安全检查并防止点击劫持攻击 –>-->
<security:headers>
<security:frame-options policy="SAMEORIGIN"/>
</security:headers>
3.登录使用记住我功能
修改spring-security.xml文件,在http标签内添加
<!-- 记住我功能 -->
<security:remember-me data-source-ref="dataSource"
token-validity-seconds="1200"
remember-me-parameter="remember-me"
user-service-ref="sysUserServiceImpl"
/>
4.添加部门管理页面
4.1在springmvc.xml修改jsp文件的路径
4.2添加deptManager.jsp文件
deptManager.jsp
<%--
Created by IntelliJ IDEA.
User: 12917
Date: 2022/1/17
Time: 20:49
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<html>
<head>
<!-- 获取CSRF Token -->
<meta name="_csrf" content="${_csrf.token}"/>
<!-- 获取CSRF头,默认为X-CSRF-TOKEN -->
<meta name="_csrf_header" content="${_csrf.headerName}"/>
<meta charset="utf-8">
<title>layui</title>
<meta name="renderer" content="webkit">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link rel="stylesheet" href="${pageContext.request.contextPath}/statics/layui/lib/layui-v2.5.5/css/layui.css" media="all">
<link rel="stylesheet" href="${pageContext.request.contextPath}/statics/layui/css/public.css" media="all">
</head>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
<%-- 搜索条件区域 --%>
<fieldset class="table-search-fieldset">
<legend>搜索信息</legend>
<div style="margin: 10px 10px 10px 10px">
<form class="layui-form layui-form-pane" action="">
<div class="layui-form-item">
<div class="layui-inline">
<label class="layui-form-label">部门名称</label>
<div class="layui-input-inline">
<input type="text" name="deptName" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-inline">
<button type="submit" class="layui-btn" lay-submit lay-filter="data-search-btn"><i class="layui-icon layui-icon-search"></i>搜索</button>
<button type="reset" class="layui-btn layui-btn-warm"><i class="layui-icon layui-icon-refresh-1"></i>重置</button>
</div>
</div>
</form>
</div>
</fieldset>
<%-- 头部工具栏区域 --%>
<script type="text/html" id="toolbarDemo">
<div class="layui-btn-container">
<button class="layui-btn layui-btn-normal layui-btn-sm data-add-btn" lay-event="add"><i class="layui-icon layui-icon-add-1"></i>添加 </button>
</div>
</script>
<%-- 表格区域 --%>
<table class="layui-hide" id="currentTableId" lay-filter="currentTableFilter"></table>
<%-- 行工具栏区域 --%>
<script type="text/html" id="currentTableBar">
<a class="layui-btn layui-btn-xs data-count-edit" lay-event="edit"><i class="layui-icon layui-icon-edit"></i>编辑</a>
<a class="layui-btn layui-btn-xs layui-btn-danger data-count-delete" lay-event="delete"><i class="layui-icon layui-icon-delete"></i>删除</a>
</script>
<%-- 添加和修改窗口 --%>
<div style="display: none;padding: 5px" id="addOrUpdateWindow">
<form class="layui-form" style="width:90%;" id="dataFrm" lay-filter="dataFrm">
<%-- 隐藏域,保存主键 --%>
<input type="hidden" name="id">
<div class="layui-form-item">
<label class="layui-form-label">部门名称</label>
<div class="layui-input-block">
<input type="text" name="deptName" lay-verify="required" autocomplete="off"
placeholder="请输入部门名称" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">部门地址</label>
<div class="layui-input-block">
<input type="text" name="address" lay-verify="required" autocomplete="off" placeholder="请输入部门地址"
class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">部门备注</label>
<div class="layui-input-block">
<textarea class="layui-textarea" name="remark" id="content"></textarea>
</div>
</div>
<div class="layui-form-item layui-row layui-col-xs12">
<div class="layui-input-block" style="text-align: center;">
<button type="button" class="layui-btn" lay-submit lay-filter="doSubmit"><span
class="layui-icon layui-icon-add-1"></span>提交
</button>
<button type="reset" class="layui-btn layui-btn-warm"><span
class="layui-icon layui-icon-refresh-1"></span>重置
</button>
</div>
</div>
</form>
</div>
</div>
</div>
<script src="${pageContext.request.contextPath}/statics/layui/lib/layui-v2.5.5/layui.js" charset="utf-8"></script>
<script>
layui.use(['form', 'table','layer'], function () {
var $ = layui.jquery,
form = layui.form,
layer = layui.layer,
table = layui.table;
//获取<meta>标签中封装的CSRF Token
var token = $("meta[name='_csrf']").attr("content");
var header = $("meta[name='_csrf_header']").attr("content");
//将头中的CSRF Token信息进行发送
$(document).ajaxSend(function (e,xhr,options) {
xhr.setRequestHeader(header,token);
});
var tableIns = table.render({
elem: '#currentTableId',
url: '${pageContext.request.contextPath}/admin/dept/list',
toolbar: '#toolbarDemo',
cols: [[
{field: 'id', width: 120, title: "部门编号",align: 'center'},
{field: 'deptName', minWidth: 120, title: '部门名称',align: 'center'},
{field: 'address', minWidth: 150, title: '部门地址',align: 'center'},
{field: 'createDate', minWidth: 120, title: '创建时间',align: 'center'},
{field: 'remark', minWidth: 120, title: '备注',align: 'center'},
{title: '操作', minWidth: 150, toolbar: '#currentTableBar', align: "center"}
]],
page: true,
});
//监听模糊查询
form.on("submit(data-search-btn)",function (data) {
tableIns.reload({
where:data.field,//查询条件
page:{
curr:1
}
});
return false;
})
//监听表格头部工具栏事件
table.on("toolbar(currentTableFilter)",function (obj) {
switch (obj.event) {
case 'add':
openAddWindow();
break;
}
});
//监听表格行工具栏事件
table.on("tool(currentTableFilter)",function (obj) {
switch (obj.event) {
case 'edit':
openUpdateWindow(obj.data);
break;
case 'delete':
deleteById(obj.data);
break;
}
});
//定义变量,分别保存提交地址和窗口索引
var url,mainIndex;
/**
* 打开添加窗口
*/
function openAddWindow() {
mainIndex = layer.open({
type:1,
title:"添加部门",
area: ["800px", "400px"],//窗口宽高
content: $("#addOrUpdateWindow"),//引用的内容窗口
success:function () {
//提交地址
url = "/admin/dept/addDept";
//清空表单数据
$("#dataFrm")[0].reset();
}
});
}
/**
* 打开修改窗口
*/
function openUpdateWindow(data) {
mainIndex = layer.open({
type:1,
title:"修改部门",
area: ["800px", "400px"],//窗口宽高
content: $("#addOrUpdateWindow"),//引用的内容窗口
success:function () {
//提交地址
url = "/admin/dept/updateDept";
//表单数据回显
form.val("dataFrm",data);
}
});
}
//监听表单提交事件
form.on("submit(doSubmit)",function (data) {
//发送请求
$.post(url,data.field,function(result){
if(result.success){
//提示
layer.alert(result.message,{icon:1});
//刷新当前数据表格
tableIns.reload();
//关闭当前窗口
layer.close(mainIndex);
}else{
//提示
layer.alert(result.message,{icon:2});
}
},"json");
return false;
});
/**
* 删除部门
* @param data
*/
function deleteById(data) {
//发送请求查询该部门下是否存在用户信息
$.get("/admin/dept/checkDeptHasUser",{"deptId":data.id},function(result){
if(result.exist){
layer.alert(result.message,{icon:0});
}else{
//提示用户是否确认删除
layer.confirm("确定要删除该部门吗?",{icon:3,title:"提示"},function (index) {
//发送删除的请求
$.post("/admin/dept/deleteById",{"id":data.id},function(result){
if(result.success){
//提示
layer.alert(result.message,{icon:1});
//刷新当前数据表格
tableIns.reload();
}else{
//提示
layer.alert(result.message,{icon:2});
}
},"json");
layer.close(index);
});
}
},"json");
}
});
</script>
</body>
</html>
4.3在hotel-manager下新建页面控制文件PageController.java
package com.manong.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/admin")
public class PageController {
/**
* Description: 去到部门管理页面
* @param:
* @Return
*/
@RequestMapping("/toDeptManager")
public String toDeptManager(){
return "dept/deptManager";
}
}
4.5修改数据库sys_permission表
4.6效果
5.实现部门管理的增删改查
Dept–>DeptVo–>DeptMapper–>DeptMapper.xml–>DeptService–>DeptServiceImpl–>DeptController—>deptManager.jsp
5.1 添加依赖包
对于DeptVo 的分页需要加载PageHelper依赖于插件
在hotel-parent下的pom.xml下添加
在hotel-dao的mybatis-config.xml文件下添加
5.2添加工具类
DataGridViewResult.java 部门数据列表显示
package com.manong.utils;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@NoArgsConstructor
public class DataGridViewResult {
private Integer code = 0;
private String msg = "";
private Long count;
private Object data;
public DataGridViewResult(Long count, Object data) {
this.count = count;
this.data = data;
}
public DataGridViewResult(Object data) {
this.data = data;
}
}
5.3修改页面提交地址
deptManager.jsp
5.4 删除的时候先判断该部门下有没有用户
SysUserMapper.java–>SysUserService.java->SysUserServiceImpl.java->DeptController.java增加一个检查内容