packagecom.ilas.bookcase.filter;importcom.ilas.bookcase.controller.admin.AdminController;importcom.ilas.bookcase.entity.Permission;importorg.springframework.web.filter.OncePerRequestFilter;importjavax.servlet.FilterChain;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjavax.servlet.http.HttpSession;importjava.io.IOException;importjava.util.HashMap;importjava.util.Iterator;importjava.util.List;importjava.util.Map;/*** @Author zzx
* @Date 2019/5/8 9:17*/
public class AdminLoginFilter extendsOncePerRequestFilter {privateString[] publicUrl;private MapfileterUrlMap;publicAdminLoginFilter() {
publicUrl= newString[]{"/admin/css/\\S*","/admin/fonts/\\S*","/admin/img/\\S*","/admin/js/\\S*","/public/\\S*","/admin/signIn","/admin/signOut","/admin/Sign-in.jsp"};
fileterUrlMap= new HashMap();
fileterUrlMap.put("1001", "/admin/OperatorMgt.jsp");
fileterUrlMap.put("1002", "/admin/SysteamLog.jsp");
fileterUrlMap.put("2001", "/admin/ReadWriterMgt.jsp");
fileterUrlMap.put("2002", "/admin/BookcaseMgt.jsp");
fileterUrlMap.put("3001", "/admin/BookPutOnShelf.jsp");
fileterUrlMap.put("3002", "/admin/BookOutforShelf.jsp");
fileterUrlMap.put("3003", "/admin/BookMaintenance.jsp");
fileterUrlMap.put("3004", "/admin/ReaderInfo.jsp");
fileterUrlMap.put("3005", "/admin/SysteamLog.jsp");
fileterUrlMap.put("3006", "/admin/OpeAbnormalLog.jsp");
fileterUrlMap.put("4001", "/admin/LinkParamConfig.jsp");
}
@Overrideprotected void doFilterInternal(HttpServletRequest Request, HttpServletResponse Response, FilterChain filterChain) throwsServletException, IOException {
String requestURI=Request.getRequestURI();
String contextPath=Request.getContextPath();boolean state=false;if(!contextPath.equals("/")){
requestURI=requestURI.substring(contextPath.length());
}for(String url:publicUrl){if(requestURI.matches(url)){
filterChain.doFilter(Request,Response);return;
}
}
HttpSession session=Request.getSession();
Object attribute=session.getAttribute(AdminController.CURRENT_LOGIN_ADMIN);
List permissions = (List)session.getAttribute(AdminController.CURRENT_ROLE_PERMISSION);
String menuUrl="/admin/MenuList.jsp";if(attribute!=null){if(permissions!=null && permissions.size()>0){//查看角色是否有该页面的权限
Iterator> iterator =fileterUrlMap.entrySet().iterator();while(iterator.hasNext()) {
Map.Entry next =iterator.next();if(next.getValue().matches(requestURI)) {for(Permission permission : permissions) {if(next.getKey().equals(permission.getCode())) {
filterChain.doFilter(Request, Response);return;
}
}//角色没有该权限
state=false;break;
}
state=true;
}//找不到需要权限校验的页面放行
if(state){
filterChain.doFilter(Request, Response);return;
}
}if(requestURI.equals(menuUrl)){
filterChain.doFilter(Request,Response);return;
}
Response.sendRedirect(Request.getContextPath()+ "/admin/MenuList.jsp");
}else{
Response.sendRedirect(Request.getContextPath()+"/admin/Sign-in.jsp");
}
}
}