SpringAOP实现的用户权限管理【修改了别人的代码，感谢原作者！】

最新推荐文章于 2024-06-24 06:15:05 发布

rainertop

最新推荐文章于 2024-06-24 06:15:05 发布

阅读量4k

点赞数 2

文章标签： user string class service exception bean

两种不不同的用户:User和Administrator

User类：

package com.jhalo.jsecurity.aop; import java.util.List; public class User { public List privilages = new java.util.ArrayList(); public String name; public User(){ name="alphaclick tester "; privilages.add("com.jhalo.jsecurity.aop.ServiceBean.getBeanInfo"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod1"); // privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod2"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod3"); } public String getName(){ return name; } public boolean isPermission(String pri){ java.util.Iterator it = privilages.iterator(); String p = ""; boolean pass=false; while(it.hasNext()){ p=(String)it.next(); System.out.println(p); if(p.equals(pri)){ pass = true; break; } } return pass; } }

Administrator类：

package com.jhalo.jsecurity.aop; import java.util.List; public class Administrator extends User{ public Administrator(){ name="alphaclick Administrator "; privilages.add("com.jhalo.jsecurity.aop.ServiceBean.getBeanInfo"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod1"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod2"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod3"); } }

ResourceBean接口：

public interface ResourceBean { public void theMethod(); public String getMethod1(User user)throws PermissionDeniedException; public String getMethod2(User user)throws PermissionDeniedException; public String getMethod3(User user)throws PermissionDeniedException; }

ResourceBeanImpl类：

package com.jhalo.jsecurity.aop; public class ResourceBeanImpl implements ResourceBean{ /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#theMethod() */ public void theMethod(){ System.out.println(this.getClass().getName() + "." + new Exception().getStackTrace()[0].getMethodName() + "()" + " theMethod!"); } /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#getMethod1() */ public String getMethod1(User user) throws PermissionDeniedException{ return "[张三 Method1 ]"; } /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#getMethod2() */ public String getMethod2(User user) throws PermissionDeniedException{ return "[李四 Method2 ]"; } /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#getMethod3() */ public String getMethod3(User user) throws PermissionDeniedException{ return "[王五 Method3 ]"; } }

Service接口：

package com.jhalo.jsecurity.aop; public interface Service { public String getBeanInfo(User user) throws PermissionDeniedException; }

ServiceBean类：

package com.jhalo.jsecurity.aop; public class ServiceBean implements Service{ /***/ ResourceBean bean; /** * * @param bean */ public void setBean(ResourceBean bean) { this.bean = bean; } /** * */ public String getBeanInfo(User user){ String result=""; try{ //调用method1 result+= bean.getMethod1(user); }catch(PermissionDeniedException pde){ result+="PermissionDeniedException:Method1"; } try{ //调用method2 result+= bean.getMethod2(user); }catch(PermissionDeniedException pde){ result+="PermissionDeniedException:Method2"; } try{ //调用method3 result+= bean.getMethod3(user); }catch(PermissionDeniedException pde){ result+="PermissionDeniedException:Method3"; } return result; } }

PermissionCheckAdvice（AOP实现的核心）

public class PermissionCheckAdvice implements MethodBeforeAdvice { public void before(Method m, Object[] args, Object target) throws Throwable { String privilege=target.getClass().getName()+"." +m.getName(); //新建用户 // User user = new User(); System.out.println("打印参数开始======================="); User user=(User) args[0]; System.out.println(user.getName()); System.out.println("打印参数结束======================="); if (!user.isPermission(privilege)) { throw new PermissionDeniedException(user, privilege); } System.out.println("by " + this.getClass().getName()+"::" + "Target:"+target.getClass().getName()+"." +"Method:"+m.getName() +")"); } }

PermissionDeniedException类：

package com.jhalo.jsecurity.aop; public class PermissionDeniedException extends Exception { /** * */ public PermissionDeniedException(){ super(); } /** * * @param user * @param pri */ public PermissionDeniedException(User user,String pri){ super("User:"+user+"don't have the Permission to Operate:"+pri); } }

PermissionThrowsAdvice类：

package com.jhalo.jsecurity.aop; import java.lang.reflect.Method; import org.springframework.aop.ThrowsAdvice; public class PermissionThrowsAdvice implements ThrowsAdvice{ public void afterThrowing(Method method, Object[] args, Object target, Throwable subclass) { System.out.println("Logging that a " + subclass + "Exception was thrown."); } }

SpringAopTest测试类：

package com.jhalo.jsecurity.aop; import java.util.Iterator; import java.util.List; import org.springframework.context.ApplicationContext; import org.springframework.context.support.FileSystemXmlApplicationContext; public class SpringAopTest { public static void main(String[] args) { //Read the configuration file ApplicationContext ctx = new FileSystemXmlApplicationContext("src/applicationContext.xml"); //Instantiate an object //ResourceBean x = (ResourceBean) ctx.getBean("bean"); //Execute the public method of the bean (the test) //1 //x.theMethod(); //2 String name = ""; /**//* name = x.getMethod1(); System.out.println("test result::" +name); name = x.getMethod2(); System.out.println("test result::" +name); name = x.getMethod3(); System.out.println("test result::" +name);*/ User user=new User(); //3 Service sb = (Service)ctx.getBean("service"); try{ name = sb.getBeanInfo(user); }catch(PermissionDeniedException pde){} System.out.println("User Test results::" +name); // User admin=new Administrator(); try{ name = sb.getBeanInfo(admin); }catch(PermissionDeniedException pde){} System.out.println("Administrator Test results::" +name); } }

applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> <bean id="bean" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="proxyInterfaces"> <value>com.jhalo.jsecurity.aop.ResourceBean</value> </property> <property name="target"> <ref local="beanTarget"/> </property> <property name="interceptorNames"> <list> <value>permissionCheckBeforeAdvisor</value> <value>permissionThrowAdvisor</value> </list> </property> </bean> <bean id="service" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="proxyInterfaces"> <value>com.jhalo.jsecurity.aop.Service</value> </property> <property name="target"> <ref local="serviceBean"/> </property> </bean> <bean id="beanTarget" class="com.jhalo.jsecurity.aop.ResourceBeanImpl"></bean> <bean id="serviceBean" class="com.jhalo.jsecurity.aop.ServiceBean"> <property name="bean"> <ref local="bean"/> </property> </bean> <bean id="permissionCheckBeforeAdvisor" class="org.springframework.aop.support.RegexpMethodPointcutAdvisor"> <property name="advice"> <ref local="thePermissionCheckBeforeAdvice"/> </property> <property name="pattern"> <value>.*</value> </property> </bean> <bean id="permissionThrowAdvisor" class="org.springframework.aop.support.RegexpMethodPointcutAdvisor"> <property name="advice"> <ref local="thePermissionThrowsAdvice"/> </property> <property name="pattern"> <value>.*</value> </property> </bean> <bean id="thePermissionCheckBeforeAdvice" class="com.jhalo.jsecurity.aop.PermissionCheckAdvice"></bean> <bean id="thePermissionThrowsAdvice" class="com.jhalo.jsecurity.aop.PermissionThrowsAdvice"></bean> </beans>

代码虽然简单，但是基本实现了为不同的用户赋予不同的权限的功能。

rainertop

关注

2
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
SpringAOP实现的用户权限管理【修改了别人的代码，感谢原作者！】

两种不不同的用户:User和AdministratorUser类：package com.jhalo.jsecurity.aop;import java.util.List;public class User { public List privilages = new java.util.ArrayList(); public String name; p
复制链接

扫一扫