package com.oasystem.annotation;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import com.oasystem.filter.RoleType;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface FireAuthority {
RoleType[] value();
}
package com.oasystem.interceptor;
import java.io.IOException;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.oasystem.annotation.FireAuthority;
import com.oasystem.bo.UserBean;
import com.oasystem.constants.Constants;
import com.oasystem.filter.RoleType;
import com.oasystem.push.model.Message;
import com.oasystem.util.JsonUtil;
/**
* 許可權攔截器
*/
@Component
public class RoleInterceptor extends HandlerInterceptorAdapter{
private static Logger log = Logger.getLogger(RoleInterceptor.class);
/* 該方法會在Controller的方法執行前會被呼叫,可以使用這個方法來中斷或者繼續執行鏈的處理,
* 當返回true時,處理執行鏈會繼續,當返回false時,則不會去執行Controller的方法。
* (驗證使用者是否登陸就是使用preHandleAction方法的最好例子)*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object handler) throws Exception {
UserBean user = (UserBean) request.getSession().getAttribute(Constants.ACCOUNT_USER);
if(user == null) {
return true;
}
// 許可權驗證
HandlerMethod handlerMethod;
if(handler instanceof HandlerMethod ){
handlerMethod = (HandlerMethod) handler;
} else {
return true;
}
FireAuthority authority = handlerMethod.getMethodAnnotation(FireAuthority.class);
if(authority == null || authority.value()==null || authority.value().length <=0) {
return true;
}
log.info("user.getRoleCodeList() : " + JsonUtil.ObjectToString(user.getRoleCodeList()));
List<String> roleLIst = user.getRoleCodeList();
if(roleLIst == null || roleLIst.size() <=0) {
return true;
}
for(RoleType role: authority.value()){
// log.info("role.getName() : " + role.getName() );
if( roleLIst.contains(role.getName())){
log.info(" 通過 。。。 " );
return true;
}
}
return unauthorized(response);
}
private boolean unauthorized(HttpServletResponse response) throws IOException {
Message message = new Message();
message.sysError( " 許可權不足,請聯絡管理員。。。。。 " );
message.setStatus(Constants.RESULT_ERROR);
String str = JsonUtil.ObjectToJson(message);
log.warn(str);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().append(str);
response.getWriter().flush();
response.getWriter().close();
return false;
}
}
package com.oasystem.filter;
public enum RoleType{
STUDENT("student",1),
TEACHER("teacher",2),
private String name;
private int index;
private RoleType(String name, int index) {
this.name = name;
this.index = index;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public int getIndex() {
return index;
}
public void setIndex(int index) {
this.index = index;
}
}