基于spring aop 权限管理系统原型
?
此权限管理系统把待访问的业务层方法做为权限管理中的资源,通过spring?aop?对接口方法进行拦截,来实现权限的管理,可以实现细粒度的权限控制。在上文体验了spring?aop?一些特性,aop?接口:MethodBeforeAdvice,?AfterReturningAdvice,?ThrowsAdvice?实现这三个接口分别对方法执行前,后,执行中抛异常等情况进行的,我们要是想做overload?这样的操作时,要用MethodInterceptor?接口,此接口好在有返回值,
public?Object?invoke(
??????MethodInvocation?invocation)?
??????throws?Throwable
???{
//.
}
上文做法有些牵强业务逻辑还有throws?PermissionDeniedException?感觉不爽,现在用MethodInterceptor?接口,来写这个demo,把权限与业务分开。
advice?如下:
public?class?PermissionCheckAroundAdvice?implements?MethodInterceptor?{
????SecurityManager?securityMgr?=?new?SecurityManager();
????
????/**//**
?????*?@param?securityMgr?The?securityMgr?to?set.
?????*/
????public?void?setSecurityMgr(SecurityManager?securityMgr)?{
????????this.securityMgr?=?securityMgr;
????}
????public?Object?invoke(MethodInvocation?invocation)?throws?Throwable?{
????????System.out.println("(被调用方法接口类名:?"
????????????????+?invocation.getMethod().getDeclaringClass().getName()?+?")");
????????System.out.println("(被调用方法名:"?+?invocation.getMethod().getName()+?")");
????????String?methodName?=?invocation.getMethod().getDeclaringClass()
????????????????.getName()?+?"."?+?invocation.getMethod().getName();
????????System.out.println("(被调用方法全名:"?+?methodName?+?")");
????????System.out.println("有否权限:("?+?securityMgr.checkPermission(methodName)+?")");
????????if(securityMgr.checkPermission(methodName))
????????????return?invocation.proceed();
?????????System.out.println("Goodbye!?NO?Permission!(by?"?+?this.getClass().getName()?+?")");
????????return?"--";
????}
}
服务层业务接口修改如下:
public?interface?Service?{
????public?String?getBeanInfo();
}
服务层业务实现类如下:
public?class?ServiceBean?implements?Service?{
????ResourceBean?bean;
????/**//**
?????*?@param?bean?The?bean?to?set.
?????*/
????public?void?setBean(ResourceBean?bean)?{
????????this.bean?=?bean;
????}
????public?String?getBeanInfo(){
????????String?result="";
????????
????????result+=?bean.getMethod1();
????????result+=?bean.getMethod2();
????????result+=?bean.getMethod3();
????????return?result;
????}
}
资源层,接口?,类如下:
public?interface?Resource?{
}
public?interface?ResourceBean?extends?Resource{
????public?void?theMethod();
????public?String?getMethod1();
????public?String?getMethod2();
????public?String?getMethod3();
}
public?class?ResourceBeanImpl?implements?ResourceBean,InitializingBean{
????public?void?theMethod(){
????????System.out.println(this.getClass().getName()
????????????????+?"."?+?new?Exception().getStackTrace()[0].getMethodName()
????????????????+?"()"
????????????????+?"?says?HELLO!");
????}
????public?String?getMethod1(){
????????return?"张三";
????}
????public?String?getMethod2(){
????????return?"李四";
????}
????public?String?getMethod3(){
????????return?"王五";
????}
????public?void?afterPropertiesSet()?throws?Exception?{
????????System.out.println("事件监听:类ResourceBeanImpl属性设置完毕");
????????
????}
}
权限管理类:
public?class?User?{
????List?privilages?=?new?java.util.ArrayList();
????String?name;
????public?User(){
????}
????
????/**//**
?????*?@param?privilages?The?privilages?to?set.
?????*/
????public?void?setPrivilages(List?privilages)?{
????????this.privilages?=?privilages;
????}
????public?String?getName(){
????????return?name;
????}
????public?void?setName(String?name){
????????this.name=name;
????}
????public?boolean?isPermission(String?pri){
????????java.util.Iterator?it?=?privilages.iterator();
????????String?p?=?"";
????????boolean?pass=false;
????????while(it.hasNext()){
????????????
????????????p=(String)it.next();
????????????System.out.println(p);
????????????if(p.equals(pri)){
????????????????pass?=?true;
????????????????break;
????????????}
????????}
????????return?pass;
????}
}
public?class?SecurityManager?{
????User?user;
????public?void?setUser(User?user){
????????this.user?=?user;
????}
????public?boolean?checkPermission(String?privilege){
????????return?checkPermission(user,privilege);
????}
????public?boolean?checkPermission(User?user,?String?privilege){
????????return?user.isPermission(privilege);
????}
}
配置文件:
<?xml?version="1.0"?encoding="UTF-8"?>
<!DOCTYPE?beans?PUBLIC??"-//SPRING//DTD?BEAN//EN"?"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
??<!--CONFIG-->
??<bean?id="bean"?style="text-indent: 21.0000pt; margin-bottom: 0pt; margin-top: 0pt;">?