17. [TD]:选举中的 Web 服务器安全 / JSON
关键词:多层架构、Spring、依赖注入、安全 Web 服务 / JSON、客户端 / 服务器
现在我们将把上一章所学的内容应用到选举作业中。架构如下:
 |
具体流程如下:
- 编写服务器端;
- 编写不包含 [ui] 层但带有 [business] 层 JUnit 测试的客户端;
- 编写包含[UI]层的客户端;
17.1. 支持
 |  |
本章的项目位于 [support / chap-17] 文件夹中。该 SQL 脚本用于生成测试所需的数据库。
17.2. 数据库
安全服务器数据库中现在必须包含 [USERS]、[ROLES] 和 [USERS_ROLES] 表:
 |  |
用于生成数据库的 SQL 脚本可在文档的“支持”部分中找到。
17.3. 安全服务器
要设置安全的选举服务器,只需复制并粘贴示例项目 [intro-spring-security-server-01]:
 |
任务:按照 [1] 中的说明重命名包。
完成此操作后,我们将 [pom.xml] 文件修改如下:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>istia.st.elections</groupId>
<artifactId>elections-security-webjson-metier-dao-spring-data</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>elections-security-webjson-metier-dao-spring-data</name>
<description>elections spring security</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.2.7.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>istia.st.elections</groupId>
<artifactId>elections-webjson-metier-dao-spring-data</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
<!-- Spring security -->
...
</dependencies>
<!-- plugins -->
<build>
...
</build>
</project>
- 在第 23–27 行,将对 [intro-server-webjson-01] 项目的依赖替换为第 12 段中讨论的对 [elections-webjson-metier-dao-spring-data] 项目的依赖;
- 在第 4–7 行,输入新项目的属性;
我们还需要修改项目的配置类:
[DaoConfig]
package elections.security.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Import;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
@EnableJpaRepositories(basePackages = { "elections.security.repositories" })
@ComponentScan(basePackages = { "elections.security.dao" })
@Import({ elections.dao.config.DaoConfig.class })
public class DaoConfig {
// constants
final static private String[] ENTITIES_PACKAGES = { "elections.dao.entities", "elections.security.entities" };
@Bean
public String[] packagesToScan() {
return ENTITIES_PACKAGES;
}
}
更改内容如下:
- 第 8、9、14 行:输入正确的包名;
- 第 10 行:导入的类现为 [elections.dao.config.DaoConfig],来自 [elections-webjson-metier-dao-spring-data] 项目;
注意:如前所述,此配置仅在类 [elections.dao.config.DaoConfig] 带有 [@Configuration] 注解时才有效。请确认这一点。
[SecurityConfig]
package elections.security.config;
...
@EnableWebSecurity
@ComponentScan(basePackages = { "elections.security.service" })
@Import({ WebConfig.class, DaoConfig.class })
public class SecurityConfig extends WebSecurityConfigurerAdapter {
...
}
更改位于以下几行:
- 第 6 行:更改包名;
就这样。通过执行 JUnit 测试 [] 进行初步测试:
 |
运行 [Boot] 类,然后使用 Chrome 扩展程序 [Advanced Rest Client] 执行以下测试:
 |
在[1]中,请求。在[3]中,响应。在[2]中,HTTP头是用户认证头[admin, admin]:Authorization:Basic YWRtaW46YWRtaW4=
现在请求竞争列表:
 |
17.4. 不带 [ui] 层的安全服务器客户端
 |
将 [elections-ui-metier-dao-webjson] 项目复制并粘贴到 [elections-metier-dao-security-webjson] 项目中。
 |
任务:在 [1] 中,如有必要请重命名包,并移除 [ui] 层中的包以及 [boot] 启动类。
接下来我们将按照第16.5节所述进行操作。
17.4.1. Maven 配置
仅项目标识部分发生变化:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>istia.st.elections</groupId>
<artifactId>elections-metier-dao-security-webjson</artifactId>
<version>0.0.1-SNAPSHOT</version>
<description>Client jUnit du serveur web / jSON</description>
<name>elections-metier-dao-security-webjson</name>
...
17.4.2. [业务]层的重构
 |
[IElectionsMetier] 接口的演变如下:
package elections.security.client.metier;
import elections.security.client.entities.ListeElectorale;
import elections.security.client.entities.User;
public interface IElectionsMetier {
// authentication
public void authenticate(User user);
// get the lists in competition
public ListeElectorale[] getListesElectorales(User user);
// the number of seats to be filled
public int getNbSiegesAPourvoir(User user);
// the electoral threshold
public double getSeuilElectoral(User user);
// recording results
public void recordResultats(User user, ListeElectorale[] listesElectorales);
// calculating seats
public ListeElectorale[] calculerSieges(User user, ListeElectorale[] listesElectorales);
}
所有方法的第一个参数都是希望使用安全服务器资源的用户。
[ElectionsMetier] 的实现如下:
package elections.security.client.metier;
import java.io.IOException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import elections.security.client.dao.IClientDao;
import elections.security.client.entities.ElectionsConfig;
import elections.security.client.entities.ElectionsException;
import elections.security.client.entities.ListeElectorale;
import elections.security.client.entities.User;
@Component
public class ElectionsMetier implements IElectionsMetier {
@Autowired
private IClientDao dao;
@Autowired
private ApplicationContext context;
// election configuration
private ElectionsConfig electionsConfig;
private ElectionsConfig getElectionsConfig(User user) {
if(electionsConfig!=null){
return electionsConfig;
}
// mappers jSON
ObjectMapper mapperResponse = context.getBean(ObjectMapper.class);
try {
// request
Response<ElectionsConfig> response = mapperResponse.readValue(dao.getResponse(user, "/getElectionsConfig", null),
new TypeReference<Response<ElectionsConfig>>() {
});
// mistake?
if (response.getStatus() != 0) {
// 1 exception is thrown
throw new ElectionsException(response.getStatus(), response.getMessages());
} else {
electionsConfig = response.getBody();
return electionsConfig;
}
} catch (ElectionsException e1) {
throw e1;
} catch (IOException | RuntimeException e2) {
throw new ElectionsException(100, e2);
}
}
@Override
public ListeElectorale[] getListesElectorales(User user) {
...
}
@Override
public int getNbSiegesAPourvoir(User user) {
return getElectionsConfig(user).getNbSiegesAPourvoir();
}
@Override
public double getSeuilElectoral(User user) {
return getElectionsConfig(user).getSeuilElectoral();
}
@Override
public void recordResultats(User user, ListeElectorale[] listesElectorales) {
...
}
@Override
public ListeElectorale[] calculerSieges(User user, ListeElectorale[] listesElectorales) {
...
}
@Override
public void authenticate(User user) {
dao.getResponse(user, "/authenticate", null);
}
}
任务:完成上述代码。
17.4.3. Spring 配置
 |
[MetierConfig] 类的演变过程如下:
package elections.security.client.config;
...
@ComponentScan({ "elections.security.client.dao", "elections.security.client.metier" })
public class MetierConfig {
第 5 行:必须更新待扫描的包。
17.4.4. 针对 [业务] 层的 JUnit 测试
 |
[Test01] 测试类更改如下:
package elections.security.client.metier.junit;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.SpringApplicationConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import elections.security.client.config.MetierConfig;
import elections.security.client.entities.ElectionsException;
import elections.security.client.entities.ListeElectorale;
import elections.security.client.entities.User;
import elections.security.client.metier.IElectionsMetier;
@SpringApplicationConfiguration(classes = MetierConfig.class)
@RunWith(SpringJUnit4ClassRunner.class)
public class Test01 {
// layer [electionsMetier]
@Autowired
private IElectionsMetier electionsMetier;
// mapper jSON
private final ObjectMapper mapper = new ObjectMapper();
// users
static private User admin;
static private User user;
static private User unknown;
@BeforeClass
public static void initTest() {
admin = new User("admin", "admin");
user = new User("user", "user");
unknown = new User("x", "y");
}
@Test()
public void checkUserUser() {
ElectionsException se = null;
try {
electionsMetier.authenticate(user);
} catch (ElectionsException e) {
se = e;
}
Assert.assertNotNull(se);
Assert.assertEquals("403 Forbidden", se.getErreurs().get(0));
}
@Test()
public void checkUserUnknown() {
ElectionsException se = null;
try {
electionsMetier.authenticate(unknown);
} catch (ElectionsException e) {
se = e;
}
Assert.assertNotNull(se);
Assert.assertEquals("401 Unauthorized", se.getErreurs().get(0));
}
@Test()
public void checkUserAdmin() {
ElectionsException se = null;
try {
electionsMetier.authenticate(admin);
} catch (ElectionsException e) {
se = e;
}
Assert.assertNull(se);
}
/**
* vérification 1 : méthode de calcul des sièges on fixe en dur les listes
*/
@Test
public void calculSieges1() {
// create the table of 7 candidate lists
ListeElectorale[] listes = new ListeElectorale[7];
listes[0] = new ListeElectorale("A", 32000, 0, false);
listes[1] = new ListeElectorale("B", 25000, 0, false);
listes[2] = new ListeElectorale("C", 16000, 0, false);
listes[3] = new ListeElectorale("D", 12000, 0, false);
listes[4] = new ListeElectorale("E", 8000, 0, false);
listes[5] = new ListeElectorale("F", 4500, 0, false);
listes[6] = new ListeElectorale("G", 2500, 0, false);
// the seats for each list are calculated
listes = electionsMetier.calculerSieges(admin,listes);
// check results
Assert.assertEquals(2, listes[0].getSieges());
Assert.assertFalse(listes[0].isElimine());
Assert.assertEquals(2, listes[1].getSieges());
Assert.assertFalse(listes[1].isElimine());
Assert.assertEquals(1, listes[2].getSieges());
Assert.assertFalse(listes[2].isElimine());
Assert.assertEquals(1, listes[3].getSieges());
Assert.assertFalse(listes[3].isElimine());
Assert.assertEquals(0, listes[4].getSieges());
Assert.assertFalse(listes[4].isElimine());
Assert.assertEquals(0, listes[5].getSieges());
Assert.assertTrue(listes[5].isElimine());
Assert.assertEquals(0, listes[6].getSieges());
Assert.assertTrue(listes[6].isElimine());
}
/**
* vérification 2 : méthode de calcul des sièges on demande les listes à la couche [metier] puis on fixe en dur les
* voix
*/
@Test
public void calculSieges2() {
// create the table of 7 candidate lists
ListeElectorale[] listes = electionsMetier.getListesElectorales(admin);
// the voices are hard-fixed
listes[0].setVoix(32000);
listes[1].setVoix(25000);
listes[2].setVoix(16000);
listes[3].setVoix(12000);
listes[4].setVoix(8000);
listes[5].setVoix(4500);
listes[6].setVoix(2500);
// the seats obtained by each list are calculated
listes = electionsMetier.calculerSieges(admin,listes);
// check results
Assert.assertEquals(2, listes[0].getSieges());
Assert.assertFalse(listes[0].isElimine());
Assert.assertEquals(2, listes[1].getSieges());
Assert.assertFalse(listes[1].isElimine());
Assert.assertEquals(1, listes[2].getSieges());
Assert.assertFalse(listes[2].isElimine());
Assert.assertEquals(1, listes[3].getSieges());
Assert.assertFalse(listes[3].isElimine());
Assert.assertEquals(0, listes[4].getSieges());
Assert.assertFalse(listes[4].isElimine());
Assert.assertEquals(0, listes[5].getSieges());
Assert.assertTrue(listes[5].isElimine());
Assert.assertEquals(0, listes[6].getSieges());
Assert.assertTrue(listes[6].isElimine());
}
/**
* vérification 3 méthode de calcul des sièges on provoque une exception
*/
@Test(expected = ElectionsException.class)
public void calculSieges3() {
// we create a table of 24 candidate lists, each with 1 vote
ListeElectorale[] listes = new ListeElectorale[25];
// all 25 lists will have the same number of votes (4%)
for (int i = 0; i < listes.length; i++) {
listes[i] = new ListeElectorale("Liste" + (i + 1), 1, 0, false);
}
// calculation of seats - normally there should be a ElectionsException
// with an electoral threshold of 5%
electionsMetier.calculerSieges(admin,listes);
}
/**
* enregistrement des résultats de l'élection
*
* @throws JsonProcessingException
*/
@Test
public void ecritureResultatsElections() throws JsonProcessingException {
// create the table of 7 candidate lists
ListeElectorale[] listes = electionsMetier.getListesElectorales(admin);
// the voices are hard-fixed
listes[0].setVoix(32000);
listes[1].setVoix(25000);
listes[2].setVoix(16000);
listes[3].setVoix(12000);
listes[4].setVoix(8000);
listes[5].setVoix(4500);
listes[6].setVoix(2500);
// the seats obtained by each list are calculated
listes = electionsMetier.calculerSieges(admin,listes);
// display results
for (int i = 0; i < listes.length; i++) {
System.out.println(mapper.writeValueAsString(listes[i]));
}
// results are entered into the database
electionsMetier.recordResultats(admin,listes);
// check results
listes = electionsMetier.getListesElectorales(admin);
// display results
for (int i = 0; i < listes.length; i++) {
System.out.println(mapper.writeValueAsString(listes[i]));
}
Assert.assertEquals(2, listes[0].getSieges());
Assert.assertFalse(listes[0].isElimine());
Assert.assertEquals(2, listes[1].getSieges());
Assert.assertFalse(listes[1].isElimine());
Assert.assertEquals(1, listes[2].getSieges());
Assert.assertFalse(listes[2].isElimine());
Assert.assertEquals(1, listes[3].getSieges());
Assert.assertFalse(listes[3].isElimine());
Assert.assertEquals(0, listes[4].getSieges());
Assert.assertFalse(listes[4].isElimine());
Assert.assertEquals(0, listes[5].getSieges());
Assert.assertTrue(listes[5].isElimine());
Assert.assertEquals(0, listes[6].getSieges());
Assert.assertTrue(listes[6].isElimine());
}
}
任务:理解此测试并验证其是否通过。
17.5. 具有 [console] 层的安全服务器的客户端
 |
在 NetBeans 中,我们打开 Maven 项目 [elections-business-dao-security-webjson] 和 [elections-ui-business-dao-webjson],然后通过复制并粘贴 [elections-ui-business-dao-webjson] 项目来创建一个新项目 [elections-console-business-dao-security-webjson]:
 |
新项目 [3] 中的大多数类都来自 [elections-ui-metier-dao-webjson] 项目 [2],该项目曾是未受保护的 Web/JSON 服务器的客户端:
 |
请按照以下步骤构建新的 Maven 项目:
- 将 [elections-ui-metier-dao-webjson] 项目复制并粘贴到 [elections-ui-metier-dao-security-webjson] 项目中;
- 在新项目中:
- 删除 [elections.client.dao、elections.client.metier、elections.client.entities] 包;
- 在 [elections.client.ui] 包中,仅保留控制台类 [ElectionsConsole] 及其接口 [IElectionsUI];
- 按 [3] 中所述重命名包;
- 通过 [右键点击 / 修复导入] 解决各类中的导入问题;
在此阶段,新项目中存在大量错误。
17.5.1. Maven 配置
新项目的 [pom.xml] 文件如下:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>istia.st.elections</groupId>
<artifactId>elections-console-metier-dao-security-webjson</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>elections-console-metier-dao-security-webjson</name>
<description>couche console du client web / jSON</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.2.7.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>istia.st.elections</groupId>
<artifactId>elections-metier-dao-security-webjson</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.18.1</version>
</plugin>
</plugins>
</build>
</project>
- 第 4–8 行:新项目的 Maven ID;
- 第 22–26 行:对第 17.4 节中刚构建的 [elections-metier-dao-security-webjson] 项目的依赖,该项目提供了 [DAO] 和 [business] 层;
17.5.2. Spring 配置
 |
[UiConfig] 类的定义如下:
package elections.security.client.config;
import elections.security.client.entities.User;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Import;
@Import(MetierConfig.class)
@ComponentScan(basePackages = {"elections.security.client.console","elections.security.client.swing"})
public class UiConfig {
// director
private final User ADMIN = new User("admin", "admin");
@Bean
private User admin() {
return ADMIN;
}
}
- 第 8 行:我们从第 17.4 节中讨论的项目 [elections-metier-dao-security-webjson] 中导入类 [elections.security.client.config.MetierConfig];
- 第 9 行:我们声明了 Spring Bean 所在的包;
- 第12–18行:[admin] Bean 对应 [admin, admin] 用户,该用户将由控制台应用程序使用。请注意,这是唯一被授权查询安全 Web/JSON 服务器的用户;
17.5.3. 控制台启动应用程序
 |
[ElectionsConsole] 类的演变过程如下:
package elections.security.client.console;
import java.util.Arrays;
import java.util.Comparator;
import java.util.Scanner;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import elections.security.client.entities.ElectionsException;
import elections.security.client.entities.ListeElectorale;
import elections.security.client.entities.User;
import elections.security.client.metier.IElectionsMetier;
@Component
public class ElectionsConsole implements IElectionsUI {
@Autowired
private IElectionsMetier electionsMetier;
@Autowired
private User admin;
@Override
public void run() {
// competing lists
ListeElectorale[] listes;
// data entry
try (Scanner clavier = new Scanner(System.in)) {
// lists in competition are requested from the [metier] layer
listes = electionsMetier.getListesElectorales(admin);
// we enter the votes
System.out.println("Il y a " + listes.length
+ " listes en compétition. Veuillez indiquer le nombre de voix de chacune d'elles :");
for (int i = 0; i < listes.length; i++) {
boolean saisieOK = false;
while (!saisieOK) {
System.out.print("Nombre de voix de la liste [" + listes[i].getNom() + "] : ");
try {
listes[i].setVoix(Integer.parseInt(clavier.nextLine()));
saisieOK = true;
} catch (ElectionsException | NumberFormatException ex) {
System.out.println("Nombre de voix incorrect. Veuillez recommencer");
}
}
}
}
// we calculate the number of seats
listes=electionsMetier.calculerSieges(admin,listes);
// we record the results
electionsMetier.recordResultats(admin,listes);
// lists sorted in descending order of votes
Arrays.sort(listes, new CompareListesElectorales());
// we display them
System.out.println("\nRésultats de l'élection\n");
for (int i = 0; i < listes.length; i++) {
System.out.println(listes[i]);
}
}
// electoral list comparison class
class CompareListesElectorales implements Comparator<ListeElectorale> {
// comparison of two candidate lists by number of votes
@Override
public int compare(ListeElectorale listeElectorale1, ListeElectorale listeElectorale2) {
// we compare the votes of these two lists
int nbVoix1 = listeElectorale1.getVoix();
int nbVoix2 = listeElectorale2.getVoix();
if (nbVoix1 < nbVoix2) {
return +1;
} else {
if (nbVoix1 > nbVoix2)
return -1;
else
return 0;
}
}
}
}
ElectionsConsole 类的改动非常小。只需记住,现在 [业务] 层中的方法需要将用户作为第一个参数(第 31、49、51 行)。该参数由第 21–22 行的注入提供。被注入的用户是获授权查询 Web 服务器 / jSON 的用户。
任务:测试控制台应用程序(请记住先启动安全服务器)。
17.6. 带有 [swing] 层的加密服务器客户端
 |
我们通过复制并粘贴 [elections-ui-business-dao-webjson] 项目,创建一个新的 NetBeans 项目 [elections-swing-business-dao-security-webjson]:
 |
在新项目 [2] 中:
- 删除 [elections.client.dao、elections.client.metier、elections.client.entities] 包;
- 在 [elections.client.ui] 包中,删除类 [ElectionsConsole, IElectionsUI];
- 按[2]中的说明重命名包;
- 在 [elections.security.client.swing] 包中,将实现图形用户界面的 [AbstractElectionsSwing] 类重命名为 [AbstractElectionsMainForm],并将实现图形用户界面事件处理程序的 [ElectionsSwing] 类重命名为 [ElectionsMainForm];
- 通过右键单击并选择 [Fix Imports] 来修复各个类中的导入问题;
在此阶段,存在大量错误。
17.6.1. Maven 配置
[pom.xml] 文件的修改如下:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>istia.st.elections</groupId>
<artifactId>elections-swing-metier-dao-security-webjson</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>elections-swing-metier-dao-security-webjson</name>
<description>couche swing du client web / jSON</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.2.7.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>istia.st.elections</groupId>
<artifactId>elections-console-metier-dao-security-webjson</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.18.1</version>
</plugin>
</plugins>
</build>
</project>
- 第 4–8 行:新项目的 Maven ID;
- 第 22–26 行:对第 17.5 节中刚分析过的 console 项目的依赖;
17.6.2. Spring 配置
该项目使用其所导入的控制台项目的 Spring 配置(参见第 17.5.2 节)。
17.6.3. Swing 应用程序视图
 |
本项目将使用两个视图:
 |
- [1] 登录视图是新添加的。它用于对希望使用该应用程序的用户进行身份验证。它使用以下类:
- [AbstractElectionsConnectForm],该类实现了视图;
- [ElectionsConnectForm],用于处理视图的事件;
- 视图 [2] 大家已经很熟悉了。这就是迄今为止一直使用的视图。它使用了以下类:
- [AbstractElectionsMainForm],用于实现该视图;
- [ElectionsMainForm],用于处理视图的事件;
17.6.4. 会话
 |
当一个 Swing 应用程序包含多个视图时,需要一种机制来允许一个视图向另一个视图传递信息。我们借鉴了 Web 开发中的一个概念:会话(session),它允许与特定用户关联的视图共享信息。这里将使用一个 Spring 单例来实现这一概念,该单例将被注入到两个负责处理这两个视图事件的类中:
package elections.security.client.swing;
import elections.security.client.entities.User;
import org.springframework.stereotype.Component;
@Component
public class UiSession {
// the connected user
private User user;
// getters and setters
...
}
- 第 6 行:[UiSession] 类是 Spring 组件;
- 第 10 行:它仅有一个用途:存储通过视图 [1] 登录的用户。需要了解该用户的视图 [2] 将从那里获取该用户;
17.6.5. 启动类
 |
该图形化应用程序的启动类如下:
package elections.security.client.boot;
import elections.security.client.console.IElectionsUI;
public class BootElectionsSwing extends AbstractBootElections {
public static void main(String[] arguments) {
new BootElectionsSwing().run();
}
@Override
protected IElectionsUI getUI() {
return ctx.getBean("electionsConnectForm", IElectionsUI.class);
}
}
- 第 5 行:[BootElectionsSwing] 类继承了项目依赖项中包含的 console 项目中定义的 [AbstractBootElections] 类;
- 第 10–13 行:[BootElectionsSwing] 类将显示登录视图 [ElectionsConnectForm];
- 第 6–8 行:将执行该类的 [run] 方法;
17.6.6. [ElectionsMainForm] 类
[ElectionsMainForm] 类即之前称为 [ElectionsSwing] 的类。它负责处理 [AbstractElectionsMainForm] 视图的事件。其代码演变如下:
package elections.security.client.swing;
import elections.security.client.console.IElectionsUI;
import java.awt.Dimension;
import java.awt.Toolkit;
import java.util.ArrayList;
import java.util.List;
import javax.swing.DefaultListModel;
import javax.swing.JLabel;
import javax.swing.JMenuItem;
import javax.swing.JOptionPane;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import elections.security.client.entities.ElectionsException;
import elections.security.client.entities.ListeElectorale;
import elections.security.client.entities.User;
import elections.security.client.metier.IElectionsMetier;
@Component
public class ElectionsMainForm extends AbstractElectionsMainForm implements IElectionsUI {
private static final long serialVersionUID = 1L;
// reference on the [business] layer
@Autowired
private IElectionsMetier metier;
// session UI
@Autowired
private UiSession uiSession;
// logged-in user
private User user;
// list templates JList
private DefaultListModel<String> modèleNomsVoix = null;
private DefaultListModel<String> modèleRésultats = null;
// competing lists
private ListeElectorale[] listes;
// user-entered lists
private final List<ListeElectorale> listesSaisies = new ArrayList<>();
private ListeElectorale[] tListesSaisies;
// initializations
@Override
protected void init() {
// generation of components by the parent class
super.init();
// local initializations
modèleNomsVoix = new DefaultListModel<>();
jListNomsVoix.setModel(modèleNomsVoix);
modèleRésultats = new DefaultListModel<>();
jListResultats.setModel(modèleRésultats);
String info;
boolean erreur = false;
try {
// lists are requested from the [business] layer
listes = metier.getListesElectorales(user);
// associate list names with the jComboBoxNomsListes combo
for (int i = 0; i < listes.length; i++) {
jComboBoxNomsListes.addItem(String.format("%s - %s", listes[i].getId(), listes[i].getNom()));
}
// and election parameters
int nbSiegesAPourvoir = metier.getNbSiegesAPourvoir(user);
double seuilElectoral = metier.getSeuilElectoral(user);
// we initialize the labels linked to these two pieces of information
jLabelSAP.setText(jLabelSAP.getText() + nbSiegesAPourvoir);
jLabelSE.setText(jLabelSE.getText() + seuilElectoral);
// message of success
info = "Source de données lue avec succès";
} catch (ElectionsException ex1) {
// we note the error
info = getInfoForException("Les erreurs suivantes se sont produites :", ex1);
erreur = true;
} catch (RuntimeException ex2) {
// we note the error
info = getInfoForException("Les erreurs suivantes se sont produites :", ex2);
erreur = true;
}
// mistake?
if (erreur) {
// display info
jTextPaneMessages.setText(info);
jTextPaneMessages.setCaretPosition(0);
return;
} else {
jTextPaneMessages.setText("");
}
// form status
Utilitaires.setEnabled(new JLabel[]{jLabelAjouter, jLabelCalculer, jLabelEnregistrer, jLabelSupprimer}, false);
Utilitaires.setEnabled(
new JMenuItem[]{jMenuItemAjouter, jMenuItemCalculer, jMenuItemEnregistrer, jMenuItemSupprimer}, false);
// center window
Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize();
Dimension frameSize = getSize();
if (frameSize.height > screenSize.height) {
frameSize.height = screenSize.height;
}
if (frameSize.width > screenSize.width) {
frameSize.width = screenSize.width;
}
setLocation((screenSize.width - frameSize.width) / 2, (screenSize.height - frameSize.height) / 2);
}
...
@Override
public void run() {
// user memory
user = uiSession.getUser();
// window initialization
init();
setVisible(true);
}
}
- 第 32–33 行:注入应用程序会话;
- 第 112–119 行:视图将像之前一样通过其 [run] 方法被激活;
- 第 115 行:从会话中获取用户。该用户是由登录视图 [ElectionsConnectForm] 中的代码存入会话的。随后修改了代码,使得调用 [business] 层时,其第一个参数即为此用户(例如第 63 行、第 69-70 行);
17.6.7. [AbstractElectionsConnectForm] 视图
 |
使用 NetBeans 构建以下表单:
 |
该类本身不会实现处理 [Login] 菜单选项点击事件的方法。它将调用一个声明为抽象的方法 [doConnecter],而视图类本身也将被声明为抽象类。我们将删除自动生成的静态方法 [main]。
17.6.8. 登录视图的事件处理
 |
[ElectionsConnectForm] 类对登录视图的事件处理实现如下:
package elections.security.client.swing;
import elections.security.client.console.IElectionsUI;
import elections.security.client.entities.ElectionsException;
import elections.security.client.entities.User;
import elections.security.client.metier.IElectionsMetier;
import java.awt.Dimension;
import java.awt.Toolkit;
import javax.swing.SwingUtilities;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@Component
public class ElectionsConnectForm extends AbstractElectionsConnectForm implements IElectionsUI {
private static final long serialVersionUID = 1L;
// reference on the [business] layer
@Autowired
private IElectionsMetier metier;
// logged-in user
private User user;
// main form
@Autowired
private ElectionsMainForm electionsMainForm;
// session UI
@Autowired
private UiSession uiSession;
@Override
protected void doConnect() {
String info = null;
try {
if (isPageValid()) {
// user authentication
metier.authenticate(user);
// the user is saved in the session
uiSession.setUser(user);
// connection view is hidden
setVisible(false);
// the main view is displayed
electionsMainForm.run();
}
} catch (ElectionsException ex1) {
// we note the error
info = getInfoForException("Les erreurs suivantes se sont produites :", ex1);
} catch (RuntimeException ex2) {
// we note the error
info = getInfoForException("Les erreurs suivantes se sont produites :", ex2);
}
// mistake?
if (info != null) {
// display info
jTextPaneErreurs.setText(info);
jTextPaneErreurs.setCaretPosition(0);
}
}
// initializations
@Override
protected void init() {
// generation of components by the parent class
super.init();
// local initializations
...
// center window
...
}
@Override
public void run() {
// the graphical interface is displayed
SwingUtilities.invokeLater(new Runnable() {
public void run() {
init();
setVisible(true);
}
});
}
private boolean isPageValid() {
...
}
private String getInfoForException(String message, ElectionsException ex) {
...
}
private String getInfoForException(String message, RuntimeException ex) {
...
}
}
- 第 73–82 行:[run] 方法,该方法将由启动类 [BootElectionsSwing] 调用;
- 第 26–27 行:注入视图 #2 的引用,如果用户被识别,则应显示该视图;
- 第 30–31 行:注入应用程序会话;
- 第 84 行:[isPageValid] 方法执行两项操作:
- 检查用户名是否为空(密码可以为空);
- 根据输入实例化第 23 行定义的 User 字段;
 |  |
 |  |
任务:完成类代码。
任务:测试该应用程序。