spring 权限角色管理
程序员文章站
2022-05-08 08:07:51
...
public class IniRightListener implements ApplicationListener,ServletContextAware {
@Resource
private RightService rs ;
private ServletContext sc;
public void onApplicationEvent(ApplicationEvent arg0) {
if(arg0 instanceof ContextRefreshedEvent){
List<Right> rights = rs.findAllEntities();
Map<String, Right> map = new HashMap<String, Right>();
for(Right r : rights){
map.put(r.getRightUrl(), r);
}
if(sc != null){
sc.setAttribute("all_rights_map", map);
}
}
}
public void setServletContext(ServletContext servletContext) {
this.sc = servletContext ;
}
}
public class User extends BaseEntity {
private static final long serialVersionUID = -1225161383656943938L;
private Integer id;
private String email;
private String name;
private String password;
private String nickName;
private Date regDate = new Date();
private long[] rightSum;
private boolean superAdmin;
private Set<Role> roles = new HashSet<Role>();
public void calculateRightSum() {
int pos = 0;
long code = 0;
for (Role role : roles) {
if ("-1".equals(role.getRoleValue())) {
this.superAdmin = true;
roles = null;
return;
}
for (Right r : role.getRights()) {
pos = r.getRightPos();
code = r.getRightCode();
rightSum[pos] = rightSum[pos] | code;
}
}
roles = null;
}
public boolean hasRight(Right r) {
int pos = r.getRightPos();
long code = r.getRightCode();
return !((rightSum[pos] & code) == 0);
}
}
public class Role extends BaseEntity{
private static final long serialVersionUID = 8666491125061113331L;
private Integer id;
private String roleName;
private String roleValue;
private String roleDesc;
private Set<Right> rights = new HashSet<Right>();
}
public class Right extends BaseEntity {
private static final long serialVersionUID = 4066371171928834726L;
private Integer id;
private String rightName = "";
private String rightUrl;
private String rightDesc;
private long rightCode;
private int rightPos;
private boolean common ;
}
public void saveOrUpdateRight(Right r){
int pos = 0 ;
long code = 1L ;
if(r.getId() == null){
String hql = "select max(r.rightPos),max(r.rightCode) from Right r "
+ "where r.rightPos = (select max(rr.rightPos) from Right rr)" ;
Object[] arr = (Object[]) this.uniqueResult(hql);
Integer topPos = (Integer) arr[0];
Long topCode = (Long) arr[1];
if(topPos == null){
pos = 0 ;
code = 1L ;
}
else{
if(topCode >= (1L << 60)){
pos = topPos + 1 ;
code = 1L ;
}
else{
pos = topPos ;
code = topCode << 1 ;
}
}
r.setRightPos(pos);
r.setRightCode(code);
}
this.saveOrUpdateEntity(r);
}
public void appendRightByURL(String url){
String hql = "select count(*) from Right r where r.rightUrl = ?" ;
Long count = (Long) this.uniqueResult(hql,url);
if(count == 0){
Right r = new Right();
r.setRightUrl(url);
this.saveOrUpdateRight(r);
}
}
public class RightFilterInterceptor implements Interceptor {
private static final long serialVersionUID = 4230211839075439660L;
public void destroy() {
}
public void init() {
}
public String intercept(ActionInvocation arg0) throws Exception {
BaseAction action = (BaseAction) arg0.getAction();
ActionProxy proxy = arg0.getProxy();
String ns = proxy.getNamespace();
String actionName = proxy.getActionName();
if(ValidateUtil.hasRight(ns, actionName, ServletActionContext.getRequest(),action)){
return arg0.invoke();
}
return "login" ;
}
}
public static boolean hasRight(String namespace,String actionName,HttpServletRequest req,BaseAction action){
if(!ValidateUtil.isValid(namespace)
|| "/".equals(namespace)){
namespace = "" ;
}
if(actionName.contains("?")){
actionName = actionName.substring(0, actionName.indexOf("?"));
}
String url = namespace + "/" + actionName ;
HttpSession session = req.getSession();
ServletContext sc = session.getServletContext();
Map<String, Right> map = (Map<String, Right>) sc.getAttribute("all_rights_map");
Right r = map.get(url);
if(r == null || r.isCommon()){
return true ;
}
else{
User user = (User) session.getAttribute("user");
if(user == null){
return false ;
}
else{
if(action != null && action instanceof UserAware){
((UserAware)action).setUser(user);
}
if(user.isSuperAdmin()){
return true ;
}
else{
if(user.hasRight(r)){
return true ;
}
else{
return false ;
}
}
}
}
}
public class ExtractAllRightsUtil {
public static void main(String[] args) throws Exception {
ApplicationContext ac = new ClassPathXmlApplicationContext("beans.xml");
RightService rs = (RightService) ac.getBean("rightService");
ClassLoader loader = ExtractAllRightsUtil.class.getClassLoader();
URL url = loader.getResource("com/surveypark/struts2/action");
File dir = new File(url.toURI());
File[] files = dir.listFiles();
String fname = "" ;
for(File f : files){
fname = f.getName();
if(fname.endsWith(".class")
&& !fname.equals("BaseAction.class")){
processAction(fname,rs);
}
}
}
@SuppressWarnings("rawtypes")
private static void processAction(String fname,RightService rs) {
try {
String pkgName = "com.surveypark.struts2.action" ;
String simpleClassName = fname.substring(0, fname.indexOf(".class"));
String className = pkgName + "." + simpleClassName ;
//�õ�������
Class clazz = Class.forName(className);
Method[] methods = clazz.getDeclaredMethods();
Class retType = null ;
String mname = null ;
Class[] paramType = null ;
String url = null ;
for(Method m : methods){
retType = m.getReturnType();
mname = m.getName();
paramType = m.getParameterTypes();
if(retType == String.class
&& !ValidateUtil.isValid(paramType)
&& Modifier.isPublic(m.getModifiers())){
if(mname.equals("execute")){
url = "/" + simpleClassName ;
}
else{
url = "/" + simpleClassName + "_" + mname ;
}
rs.appendRightByURL(url);
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
捐助开发者
在兴趣的驱动下,写一个免费的东西,有欣喜,也还有汗水,希望你喜欢我的作品,同时也能支持一下。 当然,有钱捧个钱场(右上角的爱心标志,支持支付宝和PayPal捐助),没钱捧个人场,谢谢各位。
谢谢您的赞助,我会做的更好!
上一篇: linux centos 下创建用户
下一篇: “敏捷开发”之白话篇