Spring Aop +自定义注解实现用户权限控制
来源:互联网 发布:淘宝美人库 编辑:程序博客网 时间:2024/05/16 17:08
项目结构:
pom.xml:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com</groupId> <artifactId>SpringAop</artifactId> <version>0.0.1-SNAPSHOT</version> <packaging>jar</packaging> <name>SpringAop</name> <url>http://maven.apache.org</url> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <dependencies> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.10</version> <scope>test</scope> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-context</artifactId> <version>4.0.2.RELEASE</version> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> <version>4.0.2.RELEASE</version> </dependency> <!-- https://mvnrepository.com/artifact/org.springframework/spring-aop --><dependency> <groupId>org.springframework</groupId> <artifactId>spring-aop</artifactId> <version>4.0.2.RELEASE</version></dependency> <dependency> <groupId>org.aspectj</groupId> <artifactId>aspectjweaver</artifactId> <version>1.6.12</version> </dependency> <dependency> <groupId>cglib</groupId> <artifactId>cglib</artifactId> <version>2.2.2</version></dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>3.1</version> <configuration> <target>1.8</target> <source>1.8</source> </configuration> </plugin> </plugins> </build></project>
自定义注解:
package com.Quanxian;import java.lang.annotation.*;@Target(ElementType.METHOD)@Retention(RetentionPolicy.RUNTIME)public @interface PrivilegeInfo { String value() default "";}
注解解析器:
package com.Quanxian;import java.lang.reflect.Method;/** * 注解处理器 * @author P1311529 * 这个解析器的主要功能,是解析目标方法上如果有PrivilegeInfo注解,那么解析出这个注解中的value值(权限的值) * */public class PrivilegeAnnotationParse { public static String parse(Class c1 ,String c1methodName)throws Exception{ String methodAccess =""; Method method =c1.getMethod(c1methodName); if(method.isAnnotationPresent(PrivilegeInfo.class)){ PrivilegeInfo privilegeInfo=method.getAnnotation(PrivilegeInfo.class); methodAccess =privilegeInfo.value(); // System.err.println(methodAccess); } return methodAccess; }}
获取用户权限名:
package com.Quanxian;public class FirmPrivilege { /** * 用户权限的名称 */ private String value; public String getValue() { return value; } public void setValue(String value) { this.value = value; } public FirmPrivilege(String value) { this.value = value; } public FirmPrivilege() { }}
service 以及实现类:
package com.Quanxian.service;public interface FirmService { /** * 在需要权限的目标方法上,使用PrivilegeInfo注解,配置权限为save */ public void save(); /** * 在需要权限的目标方法上,使用PrivilegeInfo注解,配置权限为update */ public void update(); /** * 不需要权限的目标方法上,则不添加PrivilegeInfo注解 * 在切面中,默认用户拥有权限 */ public void get();}
package com.Quanxian.serviceImpl;import com.Quanxian.PrivilegeInfo;import com.Quanxian.service.FirmService;public class FirmServiceImpl implements FirmService{ /** * 在需要权限的目标方法上,使用PrivilegeInfo注解,配置权限 */ @Override @PrivilegeInfo("save") public void save() { System.out.println("FirmServiceImpl.save()"); } /** * 在需要权限的目标方法上,使用PrivilegeInfo注解,配置权限 */ @Override @PrivilegeInfo("update") public void update() { System.out.println("FirmServiceImpl.update()"); } /** * 不需要权限的目标方法上,则不添加PrivilegeInfo注解 * 在切面中,默认用户拥有权限 */ @Override public void get() { System.out.println("FirmServiceImpl.get()"); }}
切面类:
package com.Quanxian;import java.util.List;import org.aspectj.lang.ProceedingJoinPoint;public class PrivilegeAspect { private List<FirmPrivilege> privileges;public List<FirmPrivilege> getPrivileges() { return privileges;}public void setPrivileges(List<FirmPrivilege> privileges) { this.privileges = privileges;}/** * aop中的环绕通知 * 在这个方法中检查用户的权限和目标方法的需要的权限是否匹配 * 如果匹配则调用目标方法,不匹配则不调用 * @param joinPoint 连接点 * @throws Throwable */ public void isAccessMethod(ProceedingJoinPoint joinPoint)throws Throwable{ /** * 1.获取访问目标方法应该具备的权限 * 为解析目标方法的PrivilegeInfo注解,根据我们定义的解析器,需要得到:目标类的class形式 方法的名称 */ Class targetClass =joinPoint.getTarget().getClass(); String methodName=joinPoint.getSignature().getName(); System.out.println(targetClass+ " " +methodName); //得到该方法的访问权限 String methodAccess =PrivilegeAnnotationParse.parse(targetClass, methodName); boolean isAccessed =false; /* * 2.遍历用户的权限,看是否拥有目标方法对应的权限 */ System.out.println("privileges :"+privileges); for(FirmPrivilege firmPrivilege :privileges){ /* * 如果目标方法没有使用PrivilegeInfo注解,则解析出来的权限字符串就为空字符串 * 则默认用户拥有这个权限 */ if("".equals(methodAccess)){ isAccessed =true; break; } /* * 用户原有权限列表中有的权限与目标方法上PrivilegeInfo注解配置的权限进行匹配 */ if(firmPrivilege.getValue() !=null && firmPrivilege.getValue().equalsIgnoreCase(methodAccess)){ // System.out.println("not null ------------"); isAccessed =true; break; } /* * 3.如果用户拥有权限,则调用目标方法 ,如果没有,则不调用目标方法,只给出提示 */ } if(isAccessed){ joinPoint.proceed();//调用目标方法 // System.out.println("调用目标方法"); }else{ System.out.println("你没有权限"); } }}
xml文件配置切面:
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:jee="http://www.springframework.org/schema/jee" xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:jpa="http://www.springframework.org/schema/data/jpa" xmlns:batch="http://www.springframework.org/schema/batch" xmlns:mvc="http://www.springframework.org/schema/mvc" xsi:schemaLocation="http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.0.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.0.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/data/jpa http://www.springframework.org/schema/data/jpa/spring-jpa.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/batch http://www.springframework.org/schema/batch/spring-batch.xsd http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.1.7.xsd"> <aop:aspect id="QuanxianAspect" ref="privilegeAspect"> <aop:pointcut id="perform" expression="execution(* com.Quanxian.serviceImpl.FirmServiceImpl.*(..))"/> <aop:around method="isAccessMethod" pointcut-ref="perform"/> </aop:aspect> </aop:config> <bean id="firmService" class="com.Quanxian.serviceImpl.FirmServiceImpl"/> <bean id="privilegeAspect" class="com.Quanxian.PrivilegeAspect"/> </beans>
Tets:
package com.Quanxain;import java.util.ArrayList;import java.util.List;import org.junit.Before;import org.junit.Test;import org.springframework.context.ApplicationContext;import org.springframework.context.support.ClassPathXmlApplicationContext;import com.Quanxian.FirmPrivilege;import com.Quanxian.PrivilegeAspect;import com.Quanxian.service.FirmService;public class TestQuanxian { private FirmService firmService; @Before public void beFore1(){ ApplicationContext ac=new ClassPathXmlApplicationContext("springaop.xml"); firmService = (FirmService)ac.getBean("firmService"); PrivilegeAspect privilegeAspect=(PrivilegeAspect) ac.getBean("privilegeAspect"); List<FirmPrivilege> privileges=new ArrayList<FirmPrivilege>(); privileges.add(new FirmPrivilege("update")); privilegeAspect.setPrivileges(privileges); } @Test public void Test1(){ firmService.save(); firmService.update(); firmService.get(); }}
result:
Oct 10, 2017 9:28:58 AM org.springframework.context.support.ClassPathXmlApplicationContext prepareRefreshINFO: Refreshing org.springframework.context.support.ClassPathXmlApplicationContext@6996db8: startup date [Tue Oct 10 09:28:58 CST 2017]; root of context hierarchyOct 10, 2017 9:28:58 AM org.springframework.beans.factory.xml.XmlBeanDefinitionReader loadBeanDefinitionsINFO: Loading XML bean definitions from class path resource [springaop.xml]class com.Quanxian.serviceImpl.FirmServiceImpl saveprivileges :[com.Quanxian.FirmPrivilege@4b5a5ed1]你没有权限class com.Quanxian.serviceImpl.FirmServiceImpl updateprivileges :[com.Quanxian.FirmPrivilege@4b5a5ed1]FirmServiceImpl.update()class com.Quanxian.serviceImpl.FirmServiceImpl getprivileges :[com.Quanxian.FirmPrivilege@4b5a5ed1]FirmServiceImpl.get()
privileges :[com.Quanxian.FirmPrivilege@4b5a5ed1] 其实就是你给用户加的update权限 为什么要用List 因为可能需要给用户加多个权限
参考博客:http://blog.csdn.net/minhellic/article/details/51919690
阅读全文
0 0
- Spring Aop +自定义注解实现用户权限控制
- Spring AOP自定义注解实现权限控制
- spring AOP + 自定义注解实现权限控制小例子
- spring AOP + 自定义注解实现权限控制小例子
- spring自定义注解AOP实现
- java 自定义注解 spring aop 实现注解
- Spring AOP+自定义注解实现缓存
- Spring AOP 自定义注解的实现
- Spring AOP 自定义注解的实现
- spring aop自定义注解实现日志记录
- spring自定义注解实现AOP日志管理
- spring AOP 自定义注解
- Spring AOP自定义注解
- Spring AOP 实现用户权限验证
- spring(AOP) 注解实现aop
- spring注解实现AOP
- Spring注解实现AOP
- Spring 注解Aop实现
- TCP与udp协议
- 案例分析:基于消息的分布式架构
- c#毫秒级计时
- C# 类型转换
- 设计模式C++实现(6)——建造者模式
- Spring Aop +自定义注解实现用户权限控制
- html的script标签
- mac pip install lxml faild --已解决
- SuperMap iDesktop 9D之统计图表
- 为什么程序员都反感笔试?
- python爬虫乱码问题
- 关于malloc问题的改错-笔试常考
- HTML扫雷实战
- 开源协议 BSD Apache GPL LGPL MIT