1.Service层
public interface PersonService {
void savePerson();
void updatePerson();
}
public class PersonServiceImpl implements PersonService {
@PrivilegeInfo(name="savePerson")
public void savePerson() {
System.out.println("savePerson");
}
@PrivilegeInfo(name="updatePerson")
public void updatePerson() {
System.out.println("updatePerson");
}
}
2.写一个注解PrivilegeInfo 和 注解解析器AnnotationParse
@Target(ElementType.METHOD)//这注解只作用在方法上面
@Retention(RetentionPolicy.RUNTIME)//作用的范围
public @interface PrivilegeInfo {
String name() default "";//定义一个属性,它的默认值时空字符串
}
/**
* 这是一个注解解析器
*
*/
public class AnnotationParse {
/**
* 在这里传入一个目标类,和一个方法的名字,就返回一个 PrivilegeInfo 中name属性的值
*/
public static String parse(Class targetClass,String methodName) throws SecurityException, NoSuchMethodException{
String methodAccess = "";
Method method = targetClass.getMethod(methodName);
//判断method上面有没有PrivilegeInfo注解
if(method.isAnnotationPresent(PrivilegeInfo.class)){
//得到PrivilegeInfo注解
PrivilegeInfo annotation = method.getAnnotation(PrivilegeInfo.class);
//获得PrivilegeInfo注解中name属性的值
methodAccess = annotation.name();
}
return methodAccess;
}
}
3.写一个权限Privilege 只有name属性
public class Privilege {
private String name;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}
4.写一个切面PrivilegeAspect,切面里面用list装着权限,写一个环绕通知isAccessMethod
/**
* 这是一个切面,作用是查看用户是否有权限执行目标方法
*/
public class PrivilegeAspect {
List<Privilege> privileges = new ArrayList<Privilege>();
public List<Privilege> getPrivileges() {
return privileges;
}
public void setPrivileges(List<Privilege> privileges) {
this.privileges = privileges;
}
/**
* 这是一个环绕通知
*/
public void isAccessMethod(ProceedingJoinPoint joinPoint) throws Throwable{
//获取目标类
Class targetClass = joinPoint.getTarget().getClass();
//获取目标方法的名称
String methodName = joinPoint.getSignature().getName();
//获取目标方法上面PrivilegeInfo注解中name属性的值
String privilegeInfoName = AnnotationParse.parse(targetClass, methodName);
//获取用户的权限
boolean flag = false;
//判断该用户是不是拥有与要访问的目标方法的权限
for (Privilege privilege : privileges) {
if(privilegeInfoName.equals(privilege.getName())){
flag = true;
}
}
if(flag){
joinPoint.proceed();//执行目标方法
}else{
System.out.println("对不起,你没有访问权限");
}
}
}
5.Spring的配置文件中配置
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-2.5.xsd">
<!-- 这是目标类 -->
<bean id="personService" class="com.mo.service.PersonServiceImpl"></bean>
<!-- 这是一个切面 -->
<bean id="privilegeAspect" class="com.mo.privilegeAspect.PrivilegeAspect"></bean>
<aop:config>
<!-- 这是一个切入点 -->
<aop:pointcut expression="execution(* com.mo.service.PersonServiceImpl.*(..))"
id="perform"/>
<!-- 定义切面 -->
<aop:aspect ref="privilegeAspect">
<!-- 这是一个环绕通知 -->
<aop:around method="isAccessMethod" pointcut-ref="perform"/>
</aop:aspect>
</aop:config>
</beans>
6.测试单元
@Test
public void test(){
ApplicationContext context = new ClassPathXmlApplicationContext("applicationContext.xml");
PrivilegeAspect privilegeAspect = (PrivilegeAspect)context.getBean("privilegeAspect");
//创建用户的去权限
Privilege privilege1 = new Privilege();
privilege1.setName("savePerson");
Privilege privilege2 = new Privilege();
privilege2.setName("updatePerson");
List<Privilege> privileges = privilegeAspect.getPrivileges();
privileges.add(privilege1);
privileges.add(privilege2);
PersonService personService = (PersonService)context.getBean("personService");
personService.savePerson();
personService.updatePerson();
}