Bootstrap

Java一一一简易图书管理系统

Java一一一简易图书管理系统

1. 需求分析
  • 功能需求
    • 添加图书
    • 删除图书
    • 更新图书信息
    • 查询图书
    • 列出所有图书
2. 设计
  • 实体类Book
  • 业务逻辑类LibraryManager
3. 实现
3.1 Book类
public class Book {
    private String id;
    private String title;
    private String author;
    private int year;

    public Book(String id, String title, String author, int year) {
        this.id = id;
        this.title = title;
        this.author = author;
        this.year = year;
    }

    // Getters and Setters
    public String getId() {
        return id;
    }

    public void setId(String id) {
        this.id = id;
    }

    public String getTitle() {
        return title;
    }

    public void setTitle(String title) {
        this.title = title;
    }

    public String getAuthor() {
        return author;
    }

    public void setAuthor(String author) {
        this.author = author;
    }

    public int getYear() {
        return year;
    }

    public void setYear(int year) {
        this.year = year;
    }

    @Override
    public String toString() {
        return "Book{" +
                "id='" + id + '\'' +
                ", title='" + title + '\'' +
                ", author='" + author + '\'' +
                ", year=" + year +
                '}';
    }
}
3.2 LibraryManager类
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;

public class LibraryManager {
    private List<Book> books;

    public LibraryManager() {
        this.books = new ArrayList<>();
    }

    public void addBook(Book book) {
        books.add(book);
    }

    public boolean removeBook(String id) {
        return books.removeIf(book -> book.getId().equals(id));
    }

    public void updateBook(String id, Book updatedBook) {
        Book book = books.stream()
                .filter(b -> b.getId().equals(id))
                .findFirst()
                .orElse(null);
        if (book != null) {
            book.setTitle(updatedBook.getTitle());
            book.setAuthor(updatedBook.getAuthor());
            book.setYear(updatedBook.getYear());
        }
    }

    public List<Book> searchBooksByTitle(String title) {
        return books.stream()
                .filter(book -> book.getTitle().contains(title))
                .collect(Collectors.toList());
    }

    public List<Book> getAllBooks() {
        return new ArrayList<>(books);
    }
}
4. 测试
public class Main {
    public static void main(String[] args) {
        LibraryManager manager = new LibraryManager();
        
        // 添加图书
        manager.addBook(new Book("1", "Java Basics", "John Doe", 2021));
        manager.addBook(new Book("2", "Advanced Java", "Jane Doe", 2022));
        
        // 列出所有图书
        System.out.println("All Books:");
        manager.getAllBooks().forEach(System.out::println);
        
        // 更新图书
        Book updatedBook = new Book("1", "Java Fundamentals", "John Doe", 2021);
        manager.updateBook("1", updatedBook);
        
        // 搜索图书
        System.out.println("Search Results:");
        manager.searchBooksByTitle("Java").forEach(System.out::println);
        
        // 删除图书
        manager.removeBook("2");
        
        // 再次列出所有图书
        System.out.println("All Books after removal:");
        manager.getAllBooks().forEach(System.out::println);
    }
}
5. 总结

这个简易的图书管理系统展示了Java在面向对象编程中的基本应用,包括类的定义、方法的实现以及简单的集合操作。通过这个案例,初学者可以学习到如何使用Java创建和管理对象集合,以及如何实现简单的业务逻辑。

请注意,这只是一个基础示例,实际应用中可能需要考虑更多的功能和异常处理,以及与数据库的交互等。

案例名称:基于Spring Boot的RESTful图书管理系统

1. 环境准备
  • Java 11 或更高版本
  • Spring Boot 2.5.x 或更高版本
  • Maven 或 Gradle 作为构建工具
  • 一个文本编辑器或IDE(如IntelliJ IDEA或Eclipse)
2. 项目结构
src/
|-- main/
|   |-- java/
|   |   `-- com.example.bookstore/
|   |       |-- BookController.java
|   |       |-- BookService.java
|   |       `-- Book.java
|   `-- resources/
|       `-- application.properties
3. 实现步骤
3.1 创建Spring Boot项目

使用Spring Initializr来生成项目基础结构。

3.2 添加依赖

pom.xml(Maven)或build.gradle(Gradle)中添加Web和JPA依赖。

pom.xml 示例:

<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>
    <dependency>
        <groupId>com.h2database</groupId>
        <artifactId>h2</artifactId>
        <scope>runtime</scope>
    </dependency>
</dependencies>
3.3 Book实体类
package com.example.bookstore;

import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;

@Entity
public class Book {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String title;
    private String author;
    private int publishYear;

    // Constructors, getters and setters
}
3.4 BookRepository接口
package com.example.bookstore;

import org.springframework.data.jpa.repository.JpaRepository;

public interface BookRepository extends JpaRepository<Book, Long> {
}
3.5 BookService业务逻辑类
package com.example.bookstore;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
import java.util.Optional;

@Service
public class BookService {
    @Autowired
    private BookRepository bookRepository;

    public List<Book> getAllBooks() {
        return bookRepository.findAll();
    }

    public Book getBookById(Long id) {
        return bookRepository.findById(id).orElse(null);
    }

    public Book addBook(Book book) {
        return bookRepository.save(book);
    }

    public Book updateBook(Long id, Book updatedBook) {
        Optional<Book> bookOptional = bookRepository.findById(id);
        if (bookOptional.isPresent()) {
            Book book = bookOptional.get();
            book.setTitle(updatedBook.getTitle());
            book.setAuthor(updatedBook.getAuthor());
            book.setPublishYear(updatedBook.getPublishYear());
            return bookRepository.save(book);
        }
        return null;
    }

    public void deleteBook(Long id) {
        bookRepository.deleteById(id);
    }
}
3.6 BookController控制器
package com.example.bookstore;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/api/books")
public class BookController {
    @Autowired
    private BookService bookService;

    @GetMapping
    public List<Book> getAllBooks() {
        return bookService.getAllBooks();
    }

    @GetMapping("/{id}")
    public ResponseEntity<Book> getBookById(@PathVariable Long id) {
        Book book = bookService.getBookById(id);
        return book != null ? ResponseEntity.ok(book) : ResponseEntity.notFound().build();
    }

    @PostMapping
    public Book addBook(@RequestBody Book book) {
        return bookService.addBook(book);
    }

    @PutMapping("/{id}")
    public ResponseEntity<Book> updateBook(@PathVariable Long id, @RequestBody Book updatedBook) {
        Book book = bookService.updateBook(id, updatedBook);
        return book != null ? ResponseEntity.ok(book) : ResponseEntity.notFound().build();
    }

    @DeleteMapping("/{id}")
    public ResponseEntity<Void> deleteBook(@PathVariable Long id) {
        bookService.deleteBook(id);
        return ResponseEntity.ok().build();
    }
}
3.7 配置文件application.properties
spring.datasource.url=jdbc:h2:mem:testdb
spring.datasource.driverClassName=org.h2.Driver
spring.datasource.username=sa
spring.datasource.password=
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect

spring.h2.console.enabled=true
4. 运行和测试

使用您喜欢的IDE运行main方法或使用Maven/Gradle命令来启动Spring Boot应用。使用Postman或curl命令行工具来测试API。

5. 总结

这个案例展示了如何使用Spring Boot创建一个简单的RESTful API,它提供了基本的CRUD操作。通过这个案例,您可以学习到Spring Boot的核心概念,如依赖注入、服务层、数据访问层以及RESTful API设计。

这个示例使用了内存数据库H2,适合开发和测试,但在生产环境中,您应该使用更健壮的数据库解决方案,并考虑安全性、异常处理和日志记录等因素。

接下来,我们将在图书管理系统中增加一个新功能:用户认证和授权。我们将使用Spring Security来实现这一功能,确保只有认证用户可以访问敏感数据和执行特定操作。

带有用户认证和授权的图书管理系统

1. 添加Spring Security依赖

首先,需要在项目的pom.xml(Maven)或build.gradle(Gradle)文件中添加Spring Security的依赖。

pom.xml 示例:

<dependencies>
    <!-- ... other dependencies ... -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
</dependencies>
2. 配置Spring Security

创建一个配置类来配置Spring Security。

package com.example.bookstore;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    public UserDetailsService userDetailsService(PasswordEncoder encoder) {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(
                User.withUsername("user")
                     .password(encoder.encode("password"))
                     .roles("USER")
                     .build()
        );
        return manager;
    }

    @Bean
    public HttpSecurity httpSecurity(UserDetailsService userDetailsService) throws Exception {
        return new HttpSecurity(http -> http
                .authorizeRequests()
                    .antMatchers("/api/books/**").authenticated()
                .and()
                .httpBasic()
                .and()
                .csrf().disable()
        );
    }
}
3. 保护RESTful API

使用@PreAuthorize注解来保护特定的API端点。

package com.example.bookstore;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api/books")
public class BookController {
    // ... existing code ...

    @PreAuthorize("hasRole('USER')")
    @DeleteMapping("/{id}")
    public ResponseEntity<Void> deleteBook(@PathVariable Long id) {
        bookService.deleteBook(id);
        return ResponseEntity.ok().build();
    }
}
4. 增加用户注册功能

创建一个用户注册的API端点。

// ... existing imports ...

@RestController
@RequestMapping("/api/auth")
public class AuthController {

    private final UserService userService;

    public AuthController(UserService userService) {
        this.userService = userService;
    }

    @PostMapping("/register")
    public ResponseEntity<?> registerUser(@RequestBody UserRegistrationDto userRegistrationDto) {
        userService.registerUser(userRegistrationDto);
        return ResponseEntity.ok().build();
    }
}
5. 用户注册服务和数据传输对象

创建UserServiceUserRegistrationDto来处理用户注册。

package com.example.bookstore;

// UserService.java
@Service
public class UserService {
    private final UserRepository userRepository;
    private final PasswordEncoder passwordEncoder;

    @Autowired
    public UserService(UserRepository userRepository, PasswordEncoder passwordEncoder) {
        this.userRepository = userRepository;
        this.passwordEncoder = passwordEncoder;
    }

    public void registerUser(UserRegistrationDto userRegistrationDto) {
        User newUser = new User(
                userRegistrationDto.getUsername(),
                passwordEncoder.encode(userRegistrationDto.getPassword())
        );
        userRepository.save(newUser);
    }
}

// UserRegistrationDto.java
public class UserRegistrationDto {
    private String username;
    private String password;

    // Constructors, getters and setters
}
6. 更新数据库配置

application.propertiesapplication.yml中添加用户表的配置。

# application.properties
spring.datasource.url=jdbc:h2:mem:testdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
spring.datasource.driverClassName=org.h2.Driver
spring.datasource.username=sa
spring.datasource.password=

spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
spring.jpa.hibernate.ddl-auto=update

# H2 console settings
spring.h2.console.enabled=true
spring.h2.console.path=/h2-console
7. 测试和验证

启动应用程序,并使用Postman或curl测试用户注册和认证保护的API。

8. 总结

通过增加用户认证和授权,我们的图书管理系统变得更加安全。Spring Security提供了一套强大的安全工具,可以轻松地集成到Spring Boot应用程序中。通过使用@EnableWebSecurity注解和配置HttpSecurity,我们可以控制对API端点的访问。此外,@PreAuthorize注解允许我们在方法级别细粒度地控制访问权限。

请注意,本案例中的用户存储在内存中,仅用于演示目的。在实际应用中,您应该使用数据库来持久化用户信息,并考虑使用JWT或OAuth2等更先进的认证机制。

接下来,我们将在图书管理系统中增加一个新功能:基于角色的访问控制(RBAC)。这将允许我们根据用户的角色限制对某些资源的访问。

基于角色的访问控制的图书管理系统

1. 扩展用户模型

首先,我们需要扩展用户模型来包含角色信息。

package com.example.bookstore;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

import javax.persistence.*;
import java.util.Collection;
import java.util.stream.Collectors;

@Entity
public class User {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String username;
    private String password;

    @ManyToMany(fetch = FetchType.EAGER)
    private Set<Role> roles;

    // Constructors, getters and setters

    public Collection<? extends GrantedAuthority> getAuthorities() {
        return roles.stream()
                .map(role -> new SimpleGrantedAuthority(role.getName()))
                .collect(Collectors.toList());
    }
}
2. 角色模型

创建一个角色模型来定义不同的角色。

package com.example.bookstore;

@Entity
public class Role {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String name;

    // Constructors, getters and setters
}
3. 用户角色关联

创建一个关联表来定义用户和角色之间的关系。

package com.example.bookstore;

import javax.persistence.*;

@Entity
@Table(name = "user_role")
public class UserRole {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;

    @ManyToOne
    @JoinColumn(name = "user_id")
    private User user;

    @ManyToOne
    @JoinColumn(name = "role_id")
    private Role role;

    // Constructors, getters and setters
}
4. 更新UserRepository

添加方法来查找用户及其角色。

package com.example.bookstore;

import org.springframework.data.jpa.repository.JpaRepository;

public interface UserRepository extends JpaRepository<User, Long> {
    User findByUsername(String username);
}
5. 更新Spring Security配置

更新SecurityConfig来使用自定义的UserDetailsService

package com.example.bookstore;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.provisioning.UserDetailsManager;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserRepository userRepository;

    @Bean
    @Override
    public UserDetailsService userDetailsService() {
        return new UserDetailsManager() {
            @Override
            public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
                User user = userRepository.findByUsername(username);
                if (user == null) {
                    throw new UsernameNotFoundException("User not found");
                }
                return user;
            }

            // Other methods are omitted for brevity
        };
    }

    // Other configurations are omitted for brevity
}
6. 基于角色的访问控制

使用@PreAuthorize@Secured注解来限制访问。

package com.example.bookstore;

import org.springframework.security.access.prepost.PreAuthorize;

@RestController
@RequestMapping("/api/books")
public class BookController {

    // ... existing code ...

    @PreAuthorize("hasRole('ADMIN')")
    @PostMapping
    public Book addBook(@RequestBody Book book) {
        return bookService.addBook(book);
    }

    @PreAuthorize("hasRole('USER')")
    @GetMapping
    public List<Book> getAllBooks() {
        return bookService.getAllBooks();
    }
}
7. 用户角色管理

创建API端点来管理用户角色。

package com.example.bookstore;

@RestController
@RequestMapping("/api/users")
public class UserController {
    private final UserService userService;

    @Autowired
    public UserController(UserService userService) {
        this.userService = userService;
    }

    @PostMapping("/{username}/roles")
    public ResponseEntity<?> addRoleToUser(@PathVariable String username, @RequestBody RoleRequestDto roleRequestDto) {
        userService.addRoleToUser(username, roleRequestDto.getRoleName());
        return ResponseEntity.ok().build();
    }
}

// RoleRequestDto.java
public class RoleRequestDto {
    private String roleName;

    // Constructors, getters and setters
}
8. 测试和验证

启动应用程序,并使用Postman或curl测试基于角色的访问控制。

9. 总结

通过实现基于角色的访问控制,我们的图书管理系统可以更细致地控制用户对资源的访问。这在多用户应用中尤为重要,可以确保用户只能访问他们被授权的资源。

这个案例演示了如何在Spring Security中使用自定义的UserDetailsService来加载用户及其角色信息,以及如何使用@PreAuthorize注解来实现基于角色的访问控制。在实际应用中,您可能还需要实现更复杂的用户和角色管理功能,以及更细粒度的权限控制策略。

;