利用AOP为Spring Data Jpa的接口Repository添加全局自定义过滤

安子我最近在做一个权限控制模块,大抵是有权限的人能从数据库中查到的信息比权限低的人查的多一些。工程用的是JPA hibernate,想做一个过滤器来设置条件过滤。
一开始安子我想过直接用aspectj来做过滤,但是不知道为啥:
@Around("this(net.risesoft.repository.DyGroupRepository)")
不太好使,也不知道为啥不好使比较尴尬,这个问题留给路过的大牛来指导吧。
废话到此,言归正传~
首先研习了一下源码,发现jpaRepositoryFactory父类RepositoryFactorySupport里面代理建立repository的时候有这么一段:
	@SuppressWarnings({ "unchecked" })
	public <T> T getRepository(Class<T> repositoryInterface, Object customImplementation) {
		RepositoryMetadata metadata = getRepositoryMetadata(repositoryInterface);
		Class<?> customImplementationClass = null == customImplementation ? null : customImplementation.getClass();
		RepositoryInformation information = getRepositoryInformation(metadata, customImplementationClass);
		validate(information, customImplementation);
		Object target = getTargetRepository(information);
		// Create proxy
		ProxyFactory result = new ProxyFactory();
		result.setTarget(target);
		result.setInterfaces(new Class[] { repositoryInterface, Repository.class });
		result.addAdvice(ExposeInvocationInterceptor.INSTANCE);
		if (TRANSACTION_PROXY_TYPE != null) {
			result.addInterface(TRANSACTION_PROXY_TYPE);
		}
		for (RepositoryProxyPostProcessor processor : postProcessors) {
			processor.postProcess(result, information);
		}
		if (IS_JAVA_8) {
			result.addAdvice(new DefaultMethodInvokingMethodInterceptor());
		}
		result.addAdvice(new QueryExecutorMethodInterceptor(information, customImplementation, target));
		return (T) result.getProxy(classLoader);
	}

着重注意这里:
	for (RepositoryProxyPostProcessor processor : postProcessors) {
		processor.postProcess(result, information);
	}

发现这里有一个List<RepositoryProxyPostProcessor> postProcessors 
这个是用来为用ProxyFactory生成的Repository绑定一系列advice(MethodInterceptor拦截器)的一个封装list。
接下来安子就有思路了,只需要把我们 自己的拦截器添加到这个list里面就好了。
无巧不成书,很快发现RepositoryFactorySupport里有这个方法:
public void addRepositoryProxyPostProcessor(RepositoryProxyPostProcessor processor) {
		Assert.notNull(processor, "RepositoryProxyPostProcessor must not be null!");
		this.postProcessors.add(processor);
}


接下来就可以开始行动了!
写自己的 自定义拦截器逻辑
public abstract class SubSecrecyFilter {
	public static Object dofilter(MethodInvocation Invocation) throws Throwable{
		 System.out.println("将要执行方法:"+Invocation.getMethod().getName());
	        Object obj=Invocation.proceed();
	        System.out.println(Invocation.getMethod().getName()+"已经被执行");
	        return obj;
	}
}
RepositoryProxyPostProcessor实现
public class SecurecyPostProcessor implements RepositoryProxyPostProcessor{
	@Override
	public void postProcess(ProxyFactory factory,RepositoryInformation repositoryInformation) {
		factory.addAdvice(SecurecyAdvice.instance);
	}
	static enum SecurecyAdvice implements MethodInterceptor{
		instance;	
		@Override
		public Object invoke(MethodInvocation invocation) throws Throwable {
			return SubSecrecyFilter.dofilter(invocation);
		} 
	}
}
改一下默认的JpaRepositoryFactoryBean来把我们自己定义的 SecurecyPostProcessor
插入 List<RepositoryProxyPostProcessor> postProcessors 
public class SubRepositoryFactoryBean<R extends JpaRepository<T, I>, T, I extends Serializable> 
extends JpaRepositoryFactoryBean<R, T, I> {
	protected RepositoryFactorySupport createRepositoryFactory(EntityManager entityManager) {
		JpaRepositoryFactory jpaFac = new JpaRepositoryFactory(entityManager);
		jpaFac.addRepositoryProxyPostProcessor(new SecurecyPostProcessor());
		return jpaFac;
	}
}
最后一步也最关键更改 xml配置
<jpa:repositories factory-class="net.risesoft.repository.factory.SubRepositoryFa

至此大功告成!
安子实测:
将要执行方法:getBindUserBydpmiid
Hibernate: select dybinduser0_.bindid as bindid1_3_, dybinduser0_.dpmiid as dpmiid2_3_, dybinduser0_.personid as personid3_3_ from dy_binduser dybinduser0_ where dybinduser0_.dpmiid=?
getBindUserBydpmiid已经被执行
Hibernate: select acrolenode0_.ID as ID1_3_, acrolenode0_.DN as DN2_3_, acrolenode0_.CREATETIME as CREATETI3_3_, acrolenode0_.CUSTOMID as CUSTOMID4_3_, acrolenode0_.DESCRIPTION as DESCRIPT5_3_, acrolenode0_.NAME as NAME6_3_, acrolenode0_.PARENT_ID as PARENT_I7_3_, acrolenode0_.PROPERTIES as PROPERTI8_3_, acrolenode0_.SHORTDN as SHORTDN9_3_, acrolenode0_.systemCnName as systemC10_3_, acrolenode0_.systemName as systemN11_3_, acrolenode0_.TABINDEX as TABINDE12_3_, acrolenode0_.TYPE as TYPE13_3_ from RC8_AC_ROLENODE acrolenode0_ where acrolenode0_.PARENT_ID=? order by acrolenode0_.TABINDEX asc
Hibernate: select acrolenode0_.ID as ID1_3_, acrolenode0_.DN as DN2_3_, acrolenode0_.CREATETIME as CREATETI3_3_, acrolenode0_.CUSTOMID as CUSTOMID4_3_, acrolenode0_.DESCRIPTION as DESCRIPT5_3_, acrolenode0_.NAME as NAME6_3_, acrolenode0_.PARENT_ID as PARENT_I7_3_, acrolenode0_.PROPERTIES as PROPERTI8_3_, acrolenode0_.SHORTDN as SHORTDN9_3_, acrolenode0_.systemCnName as systemC10_3_, acrolenode0_.systemName as systemN11_3_, acrolenode0_.TABINDEX as TABINDE12_3_, acrolenode0_.TYPE as TYPE13_3_ from RC8_AC_ROLENODE acrolenode0_ where acrolenode0_.PARENT_ID=? order by acrolenode0_.TABINDEX asc
将要执行方法:findgroupbydpmiidandflag
Hibernate: select dygroup0_.groupid as groupid1_5_, dygroup0_.dpmiid as dpmiid2_5_, dygroup0_.dysecrecyid as dysecrec5_5_, dygroup0_.flag as flag3_5_, dygroup0_.senddate as senddate4_5_ from dy_group dygroup0_ where dygroup0_.flag=? and dygroup0_.dpmiid=? order by dygroup0_.groupid asc
findgroupbydpmiidandflag已经被执行
将要执行方法:getArticleBygroup
Hibernate: select dyarticle0_.articleid as articlei1_1_, dyarticle0_.creatdate as creatdat2_1_, dyarticle0_.groupid as groupid3_1_, dyarticle0_.hotnum as hotnum4_1_, dyarticle0_.img as img5_1_, dyarticle0_.num as num6_1_, dyarticle0_.text as text7_1_, dyarticle0_.title as title8_1_, dyarticle0_.zy as zy9_1_ from dy_article dyarticle0_ where dyarticle0_.groupid=?
getArticleBygroup已经被执行



到这里就结束了,如果有不同意见最好留言,因为安子之前在网上也没找到其他方法,倒是有一篇文章:
http://blog.csdn.net/zhongzh86/article/details/54313706
给了我很大的灵感。
接下来附镇文图T-54:

AOP Jpa Hibernate Repository 自定义 过滤 权限控制

 AOP Jpa Hibernate Repository 自定义 过滤

评论 4
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值