@Retention(RetentionPolicy.RUNTIME)
public @interface OnlyAdmin {
}
![](https://img-blog.csdnimg.cn/20190710164020769.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3N1bm55enlx,size_16,color_FFFFFF,t_70)
(2)在后台对应的方法上,打上@OnlyAdmin注解
/**
* 删除博客文章
*/
@OnlyAdmin
@RequestMapping("/delete")
@ResponseBody
public Resp<String> delete(long id) {
bokeService.delete(id);
return Resp.success();
}
![](https://img-blog.csdnimg.cn/20190710165446768.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3N1bm55enlx,size_16,color_FFFFFF,t_70)
(3) 在登陆拦截器中拦截请求,判断当前登陆用户是否拥有该权限(下面那几个方法不用实现)。
package com.zyq.interceptor;
import java.io.PrintWriter;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;<