本篇文章是Spring-AOP在项目中实际应用,并非AOP的基础知识!!!
AOP的知识点,建议看《Spring实战》这本书!
场景:用户只能对自己创建的团队进行修改、删除和邀请!
解决方案:用户的权限控制,我们可以使用Spring的AOP切面处理!
项目环境:Spring + Thymeleaf+ SpringBoot
实现效果图:
修改、删除和邀请权限效果图:
controller类:
/**
*<p><b>Team相关的Controller类</b></p>
*<p> Team相关的Controller</p>
* @version: 0.1
* @since JDK 1.80_144
*/
@Controller
@RequestMapping("/console/team")
public class TeamController {
@Autowired
private TeamService teamService;
@Autowired
private UserService userService;
@Autowired
private UserTeamService userTeamService;
/**
*<b>编辑</b>
*<p> 对已有的实体进行编辑的页面</p>
* @param model 初始化模型
* @param id 被编辑实体id
* @return java.lang.String
*/
@RequestMapping(value="/edit/{id}", method = {RequestMethod.GET})
public String Edit(Model model,@PathVariable String id) {
Team thisTeam=this.teamService.findbyID(id);
model.addAttribute("thisTeam", thisTeam);
return "team/edit";
}
}
切面类:
/**
*<p><b>切面配置类</b></p>
*<p> 通过该类对方法进行拦截、记录等操作</p>
* @author MengMeng
* @version: 0.1
* @since JDK 1.80_144
*/
@Aspect // 声明这是一个切面。必须的!
@Component // 让此切面成为Spring容器管理的Bean
public class AspectConfig {
@Autowired
private HttpServletRequest request;
@Pointcut("execution( * org.big.controller.rest.TeamRestController.Remove*(..)) " )
public void RemoveTeam(){}
@Pointcut("execution( * org.big.controller.TeamController.Edit(..)) " )
public void EditTeam(){}
@Pointcut("execution( * org.big.controller.MessageController.Add(..)) " )
public void Invite(){}
/**
*<b>团队删除拦截</b>
*<p>团队删除拦截</p>
* @author MengMeng
* @param ProceedingJoinPoint
* @return java.lang.Object
*/
@Around("RemoveTeam()")
public Object RemoveByTeam(ProceedingJoinPoint pjp){
Object result = null;
Object[] method_args = pjp.getArgs(); //获取对应方法的参数
IdentityVote thisIdentityVote=new IdentityVote();
String id = null;
id= String.valueOf(method_args[0]); //由于参与是团队ID,需要转成字符串
String [] ids = id.split("¥"); //获得多个团队的ID
Boolean flag = false;
if(ids.length == 1){
flag = thisIdentityVote.isTeamLeaderByTeamId(id); //权限判断
}else{
for (int i = 0; i < ids.length; i++) {
flag = thisIdentityVote.isTeamLeaderByTeamId(ids[i]);
if(!flag)
break;
}
}
if(!flag){
result = false;
}else{
try {
result = pjp.proceed();
} catch (Throwable e) {
e.printStackTrace();
}
}
return result;
}
/**
*<b>团队修改拦截</b>
*<p>团队修改拦截</p>
* @author MengMeng
* @param ProceedingJoinPoint
* @return java.lang.Object
*/
@Around("EditTeam()")
public Object EditByTeam(ProceedingJoinPoint pjp){
Object result = null;
Object[] method_args = pjp.getArgs();
IdentityVote thisIdentityVote=new IdentityVote();
String id = null;
id= String.valueOf(method_args[1]);
if(!thisIdentityVote.isTeamLeaderByTeamId(id)){
result = "redirect:/console/team/permission";
}else{
try {
result = pjp.proceed();
} catch (Throwable e) {
e.printStackTrace();
}
}
return result;
}
/**
*<b>邀请拦截</b>
*<p>邀请拦截</p>
* @author MengMeng
* @param ProceedingJoinPoint
* @return java.lang.Object
*/
@Around("Invite()")
public Object InviteByTeam(ProceedingJoinPoint pjp){
Object result = null;
Object[] method_args = pjp.getArgs();
IdentityVote thisIdentityVote=new IdentityVote();
String id = null;
id= String.valueOf(method_args[0]);
if(!thisIdentityVote.isTeamLeaderByTeamId(id)){
result = "redirect:/console/team/permission";
}else{
try {
result = pjp.proceed();
} catch (Throwable e) {
e.printStackTrace();
}
}
return result;
}
}
权限判断类:
/**
*<p><b>权限判断</b></p>
*<p> 根据传入的参数判断当前用户是否具有该操作的权限</p>
* @version: 0.1
* @since JDK 1.80_144
*/
public class IdentityVote {
public UserDetail thisUser = (UserDetail) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
/**
*<b>根据TeamId判断是否具有权限</b>
*<p> 根据传入的TeamId判断是否具有权限,超级管理员和该TeamLeader具有权限</p>
* @param teamId Team的id
* @return java.lang.Boolean
*/
public Boolean isTeamLeaderByTeamId(String teamId){
Team thisTeam = teamServiceImpl.findbyID(teamId);
for (GrantedAuthority grantedAuthority : thisUser.getAuthorities()) {
if(grantedAuthority.getAuthority().equals("ROLE_SUPER")){
return true;
}else if(grantedAuthority.getAuthority().equals("ROLE_USER")){
if (thisTeam.getLeader().equals(thisUser.getId())){
return true;
}else{
return false;
}
}else{
return false;
}
}
return false;
}
}
UserDetail类:
/**
*<p><b>UserDetail的Entity类</b></p>
*<p> 此类用于操作SpringSecurity的存储访问用户的重写</p>
* @version: 0.1
* @since JDK 1.80_144
*/
public class UserDetail extends User implements UserDetails {
private static final long serialVersionUID = 7349031122214065665L;
public UserDetail(User user){
super(user);
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
if(this.getRole() == null || this.getRole().length() <1){
return AuthorityUtils.commaSeparatedStringToAuthorityList("");
}
else{
return AuthorityUtils.commaSeparatedStringToAuthorityList(this.getRole());
}
}
@Override
public String getUsername() {
return super.getUserName();
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
@Override
public String getNickname() {
return super.getNickname();
}
}
前端JS:
function removeThisObject(id, type) {
var r = confirm("确定删除该" + type + "?");
if (r == true) {
$.get("/console/" + type + "/rest/remove/" + id, {}, function(data,
status) {
if (status) {
if (data) {
layer.msg('删除成功', {
time : 500,
}, function() {
$('[name="refresh"]').click()
})
} else {
layer.msg('您没有此权限', function() {
})
}
} else {
layer.msg('操作失败', function() {
})
}
})
} else {
layer.msg('操作取消', {
time : 500,
})
}
};
function editThisObject(id, type) {
window.location.href = "/console/" + type + "/edit/" + id
};
function editSelectObject(type) {
var number = 0;
var checkId = "";
$("input:checkbox[id^='sel']:checked").each(function(i) {
number = number + 1;
checkId = $(this).attr('id');
checkId = checkId.substring(4)
});
if (number == 0) {
alert("请选择数据")
} else if (number > 1) {
alert("您选择了" + number + "条数据,只能选择1条数据进行编辑")
} else {
editThisObject(checkId, type)
}
};
function removeSelectObject(type) {
var number = 0;
var checkId = "";
$("input:checkbox[id^='sel']:checked").each(function(i) {
number = number + 1
});
if (number == 0) {
alert("请选择数据")
} else {
var msg = "您确定要删除这" + number + "条记录吗?";
var ids = "";
if (confirm(msg) == true) {
$("input:checkbox[id^='sel']:checked").each(function(i) {
checkId = $(this).attr('id');
checkId = checkId.substring(4);
if (i == 0) {
ids = checkId
} else {
ids = ids + "¥" + checkId
}
});
$.get("/console/" + type + "/rest/removeMany/" + ids, {}, function(data,
status) {
if (status) {
if (data) {
layer.msg('删除成功', {
time : 500,
}, function() {
$('[name="refresh"]').click()
})
} else {
layer.msg('您没有此权限', function() {
})
}
} else {
layer.msg('操作失败', function() {
})
}
})
} else {
layer.msg('操作取消', {
time : 500,
})
}
}
};
function inviteThisObject(id) {
window.location.href = "/console/message/compose/" + id
};
function inviteObject() {
var number = 0;
var checkId = "";
$("input:checkbox[id^='sel']:checked").each(function(i) {
number = number + 1;
checkId = $(this).attr('id');
checkId = checkId.substring(4)
});
if (number == 0) {
alert("请选择数据")
} else if (number > 1) {
alert("您选择了" + number + "条数据,只能选择1条数据进行编辑")
} else {
inviteThisObject(checkId)
}
};