要求没有勾上就没有登录,这里是没有勾上,别人勾上才没有登录(纳入体系),管理员赋予所有权限,就保证了每个地址有关联角色,不存在不受角色约束的,新的角色需要,要再加进来
附件的包实现了修改角色权限不需重新启动,对比之前的附件就知道下面的两种情况就是在构建角色权限的时候,拼接不同
在大多数情况下,下面两种情况都可以:
(一)展现的菜单来源于中间表(角色菜单)
如果autch分开(所有菜单要求登录)(这样就没有选择的就不具备权限,需重登录),但是role这块有新增的老的用到了还是要加上
role再过滤一次(admin最全admin赋予所有权限就也有了角色的约束)---没有选的不显示菜单,直接访问地址也需要登录
/financialSalesStatistics/teamPage>>>>authc
/salesWorkProcessor/queryOrderWithDialStatus>>>>authc
/financialSalesMsgTemplate/listPage>>>>authc
/financialSalesFunc/deleteByPrimaryKey>>>>authc
/financialSalesOperatorCallDetail/list>>>>authc
/financialSalesRole/listFunc>>>>authc
/financialSalesTeam/update>>>>authc
/financialSalesOrder/deleteByPrimaryKey>>>>authc
/financialSalesOrder/exportExcel>>>>authc
/financialSalesUser/selectUserNoAssign>>>>authc
/financialSalesMsgTemplate/deleteByPrimaryKey>>>>authc
/salesWorkProcessor/queryNext>>>>authc
/financialSalesFunc/update>>>>authc
/financialSalesFunc/listPage>>>>authc,role["24","27"]
/financialSalesOrder/list>>>>authc
/financialSalesTeam/list>>>>authc
/financialSalesTeam/listPage>>>>authc
/financialSalesFunc/list>>>>authc,role["24"]
/financialSalesTeam/delete>>>>authc
/financialSalesOperator/delete>>>>authc
/financialSalesOperator/insert>>>>authc
/detailWorkProcess/queryOrders>>>>authc
/financialSalesEmployment/update>>>>authc,role["27"]
/namesManage>>>>authc,role["24","26","27"]
/financialSalesTeam/insert>>>>authc
/financialSalesUser/deleteByPrimaryKey>>>>authc
/salesWorkProcessor/getFinancialFlag>>>>authc
/financialSalesUser/listPage>>>>authc
/financialSalesOrder/update>>>>authc
/financialSalesFunc/insert>>>>authc
/financialSalesEmployment/selectByChildRoleId>>>>authc
/financialSalesCustomers/delete>>>>authc
/financialSalesUser/list>>>>authc
/financialSalesCustomers/listPage>>>>authc
/dashboard>>>>authc,role["24","25","26","27"]
/financialSalesEmployment/listPage>>>>authc,role["27"]
/financialSalesRole/update>>>>authc
/financialSalesRole/listPage>>>>authc
/financialSalesRole/insert>>>>authc
/financialSalesMsgTemplate/insert>>>>authc
/financialSalesMsgTemplate/update>>>>authc
/financialSalesOperatorCallDetail/listPage>>>>authc
/financialSalesSms/sendSms>>>>authc
/financialSalesOrder/edit>>>>authc
/financialSalesEmployment/insert>>>>authc,role["27"]
/financialSalesOperatorCallDetail/update>>>>authc
/salesWorkProcessor/saveOrUpdateDetailOrderInfo>>>>authc
/financialSalesCustomers/insert>>>>authc
/financialSalesRole/list>>>>authc
/financialSalesOperatorCallDetail/delete>>>>authc
/salesWorkProcessor/closeOrder>>>>authc
/fileupload/downLoad>>>>authc
/financialSalesOperator/listPage>>>>authc
/financialSalesEmployment/list>>>>authc,role["27"]
/salesWorkProcessor/insert>>>>authc
/financialSalesOperator/list>>>>authc
/statAnalysis>>>>authc,role["24","25","26","27"]
/systemManage>>>>authc,role["24","26","27"]
/financialSalesUser/insert>>>>authc
/financialSalesUser/saveUserRole>>>>authc
/financialSalesFunc/listFuncByUserName>>>>authc
/financialSalesOrder/exportCsv>>>>authc
/financialSalesOperator/update>>>>authc
/financialSalesMsgTemplate/list>>>>authc
/financialSalesEmployment/delete>>>>authc,role["27"]
/agentManage>>>>authc,role["24","26","27"]
/financialSalesStatistics/empPage>>>>authc,role["24"]
/financialSalesRole/saveFunc>>>>authc
/fileupload/downLoadTemplate>>>>authc
/financialSalesRole/deleteByPrimaryKey>>>>authc
/fileupload/upload>>>>authc
/financialSalesOperatorCallDetail/insert>>>>authc
/salesWorkProcessor/getCounts>>>>authc
/financialSalesCustomers/update>>>>authc
/salesWorkProcessor/queryAll>>>>authc
/financialSalesOrder/listPage>>>>authc
/financialSalesCustomers/list>>>>authc
(二)展现的菜单来源于中间表
authc不分开就是角色菜单中间表中的,后续有其他用户加入新的地址进入中间表,老用户用了没有授权就会推出,老用户也需授权
选择的时候都是展现全量的没有选择的就是没有纳入管理体系(不是中间表中的),可以不登陆(有admin赋予了所有权限也就有了角色的约束,就避免了不选就不纳入
角色约束的管理体系)---没有选的不显示菜单,直接访问不给admin所有权限的情况下,其他没有选就不需要登录
authc role permiss 一级一级过滤
/statAnalysis>>>>authc,role["24","25","26","27"]
/systemManage>>>>authc,role["24","26","27"]
/dashboard>>>>authc,role["24","25","26","27"]
/financialSalesTeam/listPage>>>>authc,role["27"]
/financialSalesStatistics/teamPage>>>>authc,role["25","27"]
/financialSalesEmployment/listPage>>>>authc,role["27"]
/financialSalesFunc/list>>>>authc,role["24"]
/financialSalesRole/listPage>>>>authc,role["24","26","27"]
/financialSalesMsgTemplate/listPage>>>>authc,role["27"]
/financialSalesEmployment/delete>>>>authc,role["27"]
/agentManage>>>>authc,role["24","26","27"]
/financialSalesStatistics/empPage>>>>authc,role["24","25","26","27"]
/financialSalesEmployment/insert>>>>authc,role["27"]
/financialSalesEmployment/update>>>>authc,role["27"]
/namesManage>>>>authc,role["24","26","27"]
/fileupload/downLoadTemplate>>>>authc,role["26","27"]
/financialSalesUser/listPage>>>>authc,role["24","26","27"]
/financialSalesOrder/update>>>>authc,role["26","27"]
/financialSalesOrder/listPage>>>>authc,role["24","26","27"]
/financialSalesFunc/listPage>>>>authc,role["24","27"]
/financialSalesEmployment/list>>>>authc,role["27"]
注意
MyAuthenticationFilter中onLoginSuccess中的session.stop();需要注掉,否则用框架的登陆走了onLoginSuccess然后又清了session会报错