通過命名規則規定action類名對應模塊標示名, action中方法名對應模塊的crud 權限值,
add*對應添加權限,del*對應刪改,update*對應更改,其它方法爲查詢權限。
及時認證權限的時候有的action命名難以對應,需要配置xml 或者 定義註解 通過攔截器解析轉換
一、註解類源碼
@Retention(RetentionPolicy.RUNTIME)//運行時解析
@Target(ElementType.METHOD)//在方法中定義
public @interface AuthPermission {
public String moduleSn() default "";
public int permission() default -1;
public boolean ignore() default false;
}
二、被註解的類ignore=true 不需要及時認證
@Controller("loginAction")
@Scope("prototype")
public class LoginAction {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Resource
private UserManager userManager;
@Resource
private AclManager aclManager;
//執行登錄操作
public String execute(){
User user = userManager.login(username, password);
ServletActionContext.getRequest().getSession().setAttribute("login", user);
return "back_index";
}
@AuthPermission(ignore=true)
public String outlook(){
User user = (User)ServletActionContext.getRequest().getSession().getAttribute("login");
List modules = aclManager.searchModules(user.getId());
ActionContext.getContext().put("modules", modules);
return "outlook";
}
@AuthPermission(ignore=true)
public String main(){
return "main";
}
}
三、定義及時認證的攔截器
public class AuthInterceptor extends AbstractInterceptor {
@Override
public String intercept(ActionInvocation invocation) throws Exception {
//從http session中獲取用戶的ID
int userId = ((User)ServletActionContext.getRequest()
.getSession().getAttribute("login")).getId();
//取出action的名稱,作爲當前正在請求的模塊的唯一標識
String actionName = invocation.getProxy().getActionName();
String moduleSn = actionName;
int permission = Permission.READ;
//根據請求的方法的名稱,來判斷要執行的操作
String methodName = invocation.getProxy().getMethod();
if(methodName != null){
if(methodName.startsWith("add")){
permission = Permission.CREATE;
}
if(methodName.startsWith("update")){
permission = Permission.UPDATE;
}
if(methodName.startsWith("del")){
permission = Permission.DELETE;
}
}
boolean ignore = false;
//如果定義了註解,則使用註解中的配置信息
Method method = invocation.getAction().getClass().getMethod(methodName);
AuthPermission ap = method.getAnnotation(AuthPermission.class);
if(ap != null){
if(!ap.moduleSn().equals("")){
moduleSn = ap.moduleSn();
}
if( ap.permission() != -1){
permission = ap.permission();
}
ignore = ap.ignore();
}
if(!ignore){
BeanFactory factory = WebApplicationContextUtils.getRequiredWebApplicationContext(ServletActionContext.getServletContext());
AclManager aclManager = (AclManager)factory.getBean("aclManager");
if(!aclManager.hasPermissionByModuleSn(userId, moduleSn, permission)){
throw new RuntimeException("您無權執行本操作,請聯繫系統管理員!");
}
}
return invocation.invoke();
}
}