DBFilterInvocationDefinationSource 实现AbstractFilterInvocationDefinitionSource ,从db获取资源信息
code:
public class DBFilterInvocationDefinationSource extends AbstractFilterInvocationDefinitionSource { private boolean convertUrlToLowercaseBeforeComparison = false; private boolean useAntPath = false; private AcegiCacheManager acegiCacheManager; //ant path private final PathMatcher pathMatcher=new AntPathMatcher(); //perl5 path private final PatternMatcher patternMatcher = new Perl5Matcher(); /** * 返回当前的url对应的role */ @SuppressWarnings("unchecked") @Override public ConfigAttributeDefinition lookupAttributes(String url) { // TODO 自动生成方法存根 acegiCacheManager.initResourceCache(); if(isUseAntPath()){ //第一个?标记索引 int firstQuestionMarkIndex = url.lastIndexOf("?"); if(firstQuestionMarkIndex != -1){ url = url.substring(0, firstQuestionMarkIndex); } } //获取所有的url List urls=acegiCacheManager.getUrlResString(); //先顺序排列 Collections.sort(urls); //然后倒叙排列 Collections.reverse(urls); //将url在比较前都转换为小写 if(convertUrlToLowercaseBeforeComparison){ url = url.toLowerCase(); } //授予权限操作 GrantedAuthority authorities []= new GrantedAuthority[0]; for (Iterator iter = urls.iterator(); iter.hasNext();) { String resString = (String) iter.next(); boolean matched = false; //使用ant匹配url if(isUseAntPath()){ matched = pathMatcher.match(resString, url); }else{ //perl5编译url Pattern compiledPattern; Perl5Compiler compiler=new Perl5Compiler(); try { compiledPattern = compiler.compile(resString, Perl5Compiler.READ_ONLY_MASK); } catch (MalformedPatternException e) { // TODO 自动生成 catch 块 throw new IllegalArgumentException("资源字符串参数格式错误:"+resString,e); } matched = patternMatcher.matches(url, compiledPattern); } //匹配正确 if(matched){ ResourceDetails rd = acegiCacheManager.getAuthorityFromCache(resString); authorities = rd.getAuthorities(); break; } } //配置res,role,权限大于0 if(authorities.length>0){ String authoritiesStr = " "; for (int i = 0; i < authorities.length; i++) { authoritiesStr += authorities[i].getAuthority()+","; } String authStr = authoritiesStr.substring(0,authoritiesStr.length()-1); ConfigAttributeEditor configAttrEditor = new ConfigAttributeEditor(); configAttrEditor.setAsText(authStr.trim()); return (ConfigAttributeDefinition) configAttrEditor.getValue(); } return null; } public Iterator getConfigAttributeDefinitions() { // TODO 自动生成方法存根 return null; } setter..... |
学习springside的implements.
主要实现ConfigAttributeDefinition getAttributes(Object object),从db获取,
acegi默认从配置文件从取.
在更新users,role,authorities时,更新cache中的内容,需要自己实现cache策略,
为了使用hibernate的eventListener,把init的acegiCacheManager和update的acegiCacheManager分开写.
<!-- set acegiCacheManagerTarget --> <bean id="acegiCacheManagerTarget" class="com.runsa.components.acegi.cache.impl.AcegiCacheManagerImpl"> <property name="authoritiesService" ref="authoritiesService"/> <property name="usersService" ref="usersService"/> <property name="detailsServiceInCache" ref="detailsServiceInCache"/> </bean> |
acegiCacheManager code:
public class AcegiCacheManagerImpl implements AcegiCacheManager { private static final Log logger = LogFactory.getLog(AcegiCacheManagerImpl.class); private boolean cacheInitialized = false; private UsersService usersService; private AuthoritiesService authoritiesService; private DetaisServiceInCache detailsServiceInCache; private ResourceCache resourceCache; /** * 根据资源串获取资源 */ public ResourceDetails getAuthorityFromCache(String resString) { // TODO 自动生成方法存根 return resourceCache.getAuthorityFromCache(resString); } /** * 获取所有的url资源 */ public List getUrlResString() { // TODO 自动生成方法存根 return resourceCache.getUrlResStrings(); } /** * 获取所有的function资源 */ public List getFunctions(){ return resourceCache.getFunctions(); } /** * 获取所有的Components资源 */ public List getComponents(){ return resourceCache.getComponents(); } /** * 初始化resourceCache */ @SuppressWarnings("unchecked") public void initResourceCache() { // TODO 自动生成方法存根 if(!cacheInitialized){ synchronized (this) { List<Authorities> resources=authoritiesService.findAll(); for (Iterator iter = resources.iterator(); iter.hasNext();) { Authorities auth = (Authorities) iter.next(); detailsServiceInCache.resourceDetailsInCache(auth); } cacheInitialized = true; } } } /** * 初始化userCache */ @SuppressWarnings("unchecked") public void initUserCache(){ List <Users>users = usersService.findAll(); for (Iterator iter = users.iterator(); iter.hasNext();) { Users user = (Users) iter.next(); detailsServiceInCache.userDetailsInCache(user); } } /** * 刷新cache缓存 */ public void refreshResourceCache(){ cacheInitialized = false; try { detailsServiceInCache.removeAllResourceInCache(); } catch (Exception e) { // TODO 自动生成 catch 块 logger.error("remove cache from resourceCache error", e); } initResourceCache(); } setter........... |
update的acgeiCacheManager,更新缓存信息
<!-- set hibernate listener --> <!-- set updateAcegiCache --> <bean id="updateAcegiCache" class="com.runsa.components.acegi.cache.impl.UpdateAcegiCachempl"> <property name="detailsServiceInCache" ref="detailsServiceInCache"/> </bean> |
code:
/** * @author 叶天兵 * */ public class UpdateAcegiCachempl implements UpdateAcegiCache{ private DetaisServiceInCache detailsServiceInCache; private ResourceCache resourceCache; private UserCache userCache; /** * 修改User时修改userCache * @return */ public void modifyUserInCache(Users user,String orgUserName){ UserDetails ud=userCache.getUserFromCache(orgUserName); if(ud!=null){ userCache.removeUserFromCache(orgUserName); detailsServiceInCache.userDetailsInCache(user); } } /** * 修改Authorities时修改resourceCache */ public void modifyAuthritiesInCache(Authorities auth,String orgResource){ ResourceDetails rd = resourceCache.getAuthorityFromCache(orgResource); if(rd!=null){ resourceCache.removeAuthorityFromCache(orgResource); detailsServiceInCache.resourceDetailsInCache(auth); } } /** * 修改Role 时修改userCache和resourceCahce */ @SuppressWarnings("unchecked") public void modifyRoleInCache(Role role,String orgRoleName){ Set <Users>users = new HashSet<Users>(0); for (Iterator iter = role.getUserRoles().iterator(); iter.hasNext();) { UserRole userRole = (UserRole) iter.next(); users.add(userRole.getUsers()); } for (Iterator iter = users.iterator(); iter.hasNext();) { Users user = (Users) iter.next(); detailsServiceInCache.userDetailsInCache(user); } for (Iterator iter = users.iterator(); iter.hasNext();) { Authorities auth = (Authorities) iter.next(); detailsServiceInCache.resourceDetailsInCache(auth); } } /** * User授予角色时修改userCache */ public void addRoleInCache(Users user){ detailsServiceInCache.userDetailsInCache(user); } /** * Role授予资源权限时更改resourceCache */ public void addAuthInCache(Authorities auth){ detailsServiceInCache.resourceDetailsInCache(auth); } /** * 移除User时修改userCahce */ public void removeUserInCache(String userName){ userCache.removeUserFromCache(userName); } /** * 移除Resource时修改resourceCache */ public void removeResourceInCache(String orgResource){ resourceCache.removeAuthorityFromCache(orgResource); } /** * 移除Role修改userCache和ResourceCache */ public void removeRole(Role role){ for (Iterator iter = role.getUserRoles().iterator(); iter.hasNext();) { Users user = (Users) iter.next(); userCache.removeUserFromCache(user.getUserName()); } for (Iterator iter = role.getRoleAuths().iterator(); iter.hasNext();) { Authorities auth = (Authorities) iter.next(); resourceCache.removeAuthorityFromCache(auth.getAuthProtected()); } } /** * @param detailsServiceInCache 要设置的 detailsServiceInCache */ public void setDetailsServiceInCache(DetaisServiceInCache detailsServiceInCache) { this.detailsServiceInCache = detailsServiceInCache; this.resourceCache = detailsServiceInCache.getResourceCache(); this.userCache = detailsServiceInCache.getUserCache(); } |
缓存实现者:
<!-- set detailsServiceInCache --> <bean id="detailsServiceInCache" class="com.runsa.components.acegi.cache.impl.DetailsServiceInCacheImpl"> <property name="resourceCache" ref="resourceCache"/> <property name="userCache" ref="userCache"/> </bean> |
code:
public class DetailsServiceInCacheImpl implements DetaisServiceInCache { private ResourceCache resourceCache; private UserCache userCache; /** * 获取响应的resource(authorities)放置于resourceCache中 * @param auth */ @SuppressWarnings({ "unchecked", "unused" }) public void resourceDetailsInCache(Authorities auths) { // TODO 自动生成方法存根 //获取authorities中的role集合 List <Role>roleList=new ArrayList<Role>(); for (Iterator iter = auths.getRoleAuths().iterator(); iter.hasNext();) { RoleAuth roleAuth = (RoleAuth) iter.next(); roleList.add(roleAuth.getRole()); } GrantedAuthority authorities[] = roleToAuthorities(roleList); ResourceDetails rd=new Resource(auths.getAuthProtected(),auths.getAuthtype().getTypeId(),authorities); resourceCache.putAuthorityInCache(rd); } /** * 获取user相应的权限并放置于userCache中 * @param user */ @SuppressWarnings({ "unchecked", "unused" }) public void userDetailsInCache(Users user) { // TODO 自动生成方法存根 //获取users中的role集合 List <Role>roleList=new ArrayList<Role>(); for (Iterator iter = user.getUserRoles().iterator(); iter.hasNext();) { UserRole userRole = (UserRole) iter.next(); roleList.add(userRole.getRole()); } GrantedAuthority authorities[]=roleToAuthorities(user.getUserRoles()); UserDetails ud=new User(user.getUserName(),user.getUserPass(),user.isEnabled(), true,true,true,authorities); userCache.putUserInCache(ud); } /** * 将角色role转换为权限数组GrantedAuthority * @param roles * @return */ public GrantedAuthority[] roleToAuthorities(Collection roles) { // TODO 自动生成方法存根 List<GrantedAuthority> authorities =new ArrayList<GrantedAuthority>(); for (Iterator iter = roles.iterator(); iter.hasNext();) { Role role = (Role) iter.next(); GrantedAuthority ga=new GrantedAuthorityImpl(role.getRoleName()); authorities.add(ga); } return authorities.toArray(new GrantedAuthority[0]); } setter.... |