本文介绍了在项目中如何处理空属性赋值问题,通过自定义BeanUtils避免null值覆盖。同时,讲解了日志打印的实现,通过创建Aspect包并在运行时记录日志。此外,详细阐述了Shiro的配置步骤,包括角色属性定义、Realm的创建以及配置文件的编写,以增强项目的安全性。
空属性的赋值
在更新新闻对象的时候,我们是将一个new对象赋值到目标对象中,但是其中的属性值有可能为null,而原对象当中是存在的,被null覆盖掉了,所以需要对空属性进行赋值问题的解决。
1.考虑到copy是在beanutils内,这里创建mybeanutils对空值打包提取出来
public class MyBeanUtils {
public static String[] getNullPropertyNames(Object source){
BeanWrapper beanWrapper = new BeanWrapperImpl(source);
PropertyDescriptor[] pds = beanWrapper.getPropertyDescriptors();
List<String> nullPropertyNames = new ArrayList<>();
for(PropertyDescriptor pd:pds){
String propertyName = pd.getName();
if(beanWrapper.getPropertyValue(propertyName)==null){
nullPropertyNames.add(propertyName);
}
}
return nullPropertyNames.toArray(new String[nullPropertyNames.size()]);
}
}
2.重新编写更新对象
@Override
public News updateNew(Long id, News news) {
News news1 = newRepository.findById(id).orElse(null);
if(news1==null){
// System.out.println("未获得更新对象");
throw new NotFoundException("该新闻不存在");
}
BeanUtils.copyProperties(news,news1, MyBeanUtils.getNullPropertyNames(news));
news1.setUpdateTime(new Date());
return newRepository.save(news1);
}
日志的打印
建立aspect包,将java文件写入,运行时打印日志
@Aspect
@Component
public class LogAspect {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@Pointcut("execution(* com.lin.news.web.*.*(..))")
public void log(){
}
@Before("log()")
public void deBefore(JoinPoint joinPoint){
//获取request
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request =attributes.getRequest();
//获得url和ip
// String url =request.getRequestURI().toString(); //不打印localhost:8080
String url =request.getRequestURL().toString(); //打印localhost:8080
String ip = request.getRemoteAddr();
String classMethod =joinPoint.getSignature().getDeclaringTypeName()+".";
Object[] args = joinPoint.getArgs();
RequestLog requestLog = new RequestLog(url,ip,classMethod,args);
logger.info("Request:{}",requestLog);
logger.info("-------doBefore-------");
}
@After("log()")
public void doAfter(){
logger.info("-------doAfter-------");
}
@AfterReturning(returning = "result",pointcut = "log()")
public void adAfterReturn(Object result){
logger.info("result:{}"+result);
}
private class RequestLog{
private String url;
private String ip;
private String classMethod;
private Object[] args;
public RequestLog(String url, String ip, String classMethod, Object[] args) {
this.url = url;
this.ip = ip;
this.classMethod = classMethod;
this.args = args;
}
@Override
public String toString() {
return "RequestLog{" +
"url='" + url + '\'' +
", ip='" + ip + '\'' +
", classMethod='" + classMethod + '\'' +
", args=" + Arrays.toString(args) +
'}';
}
}
}
shiro配置
1.对象和属性类的定义和配置,这里定义用户的角色属性
@Entity
@Table(name = "t_role")
public class Role implements Serializable {
private static final long serialVersionUID = -2029476744633434524L;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
private String name;
private String description;
@ManyToMany(mappedBy = "roles")
private Set<User> users = new HashSet<>(0);
@ManyToMany(fetch = FetchType.EAGER)
private Set<Permission> permissions =new HashSet<>(0);
}
2.用户数据存储在realm里面,这里建立newrealm
public class NewsRealm extends AuthorizingRealm {
public void setName(String name){setName("newsRealm");}
@Autowired
private UserService userService;
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken)authenticationToken;
String username = upToken.getUsername();
String password = new String(upToken.getPassword());
User user = userService.checkUsers(username,password);
if(user!=null){
return new SimpleAuthenticationInfo(user,user.getPassword(),this.getName());
}
return null;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//获取认证用户数据
User user =(User)principalCollection.getPrimaryPrincipal();
//构造认证数据
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Set<Role> roles = user.getRoles();
for(Role role:roles){
//添加角色信息
info.addRole(role.getName());
for(Permission permission:role.getPermissions()){
//添加权限信息
info.addStringPermission(permission.getCode());
}
}
return info;
}
}
3.在news下创建shiro配置java文件,并配置相关依赖
@Configuration
public class ShiroConfiguration {
//创建realm
@Bean
public NewsRealm getRealm(){return new NewsRealm();}
//创建安全管理器
@Bean
public SecurityManager securityManager(NewsRealm realm){
//使用默认的安全管理器
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realm);
//将自定义的realm交给安全管理器统一调度
return securityManager;
}
//配置shiro过滤工厂
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
ShiroFilterFactoryBean shiroFilterFactory =new ShiroFilterFactoryBean();
shiroFilterFactory.setSecurityManager(securityManager);
//通用配置
shiroFilterFactory.setLoginUrl("/admin");
shiroFilterFactory.setUnauthorizedUrl("/admin");
/*
* key:请求路径
* value:过滤器类型
*/
Map<String,String> filterMap = new LinkedHashMap<>();
filterMap.put("/admin/login","anon");
filterMap.put("/admin/**","authc");
shiroFilterFactory.setFilterChainDefinitionMap(filterMap);
return shiroFilterFactory;
}
//开启shiro注解支持
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
}
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.3.2</version>
</dependency>
小结:今天还是对项目存在的一些不足进行修补,学习了shiro的相关配置,进行了过滤器的相关操作,可以将其运用到以后的项目当中。
263
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
