Spring+Struts 2 實現細粒度許可權控制問題

weir2009發表於2010-04-07
1.新建註解Permission


@Retention(RetentionPolicy.RUNTIME)//指定該註解是在執行期進行
@Target(ElementType.METHOD)//指定該註解要在方法上使用
public @interface Permission {

String model();

String privilegeValue();
}

2.註解解析器:

public class ValidatePermission {
public static Permission parsePermission(Class<?> clazz, String methodName,
Class<?>... parameterTypes) throws NoSuchMethodException {
// 根據方法名,取得方法,如果有則返回
Method method = clazz.getMethod(methodName, parameterTypes);
if (method != null && method.isAnnotationPresent(Permission.class)) {
Permission permission = method.getAnnotation(Permission.class);
if(null!=permission)
return permission;
}
return null;
}
}

3.自定義攔截器

public class PermissionInterceptor extends AbstractInterceptor{

@Override
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext context = invocation.getInvocationContext();
ActionProxy proxy = invocation.getProxy();
String methodName = proxy.getMethod();
Object action = proxy.getAction();
String auth = null;
HttpServletRequest request = ServletActionContext.getRequest();
if(request.getRequestURI().startsWith("/control")){
if(!validate(action.getClass(),methodName,request)){
ActionContext.getContext().put("message", "您沒有執行該操作的許可權");
ActionContext.getContext().put("urladdress", SiteUrl.readUrl("control.control.right"));
return "message";
}
}
return null;
}

private boolean validate(Class<?> clazz, String methodName,
HttpServletRequest request) throws NoSuchMethodException {
Permission permission = ValidatePermission.parsePermission(clazz, methodName, null);

SystemPrivilege methodPrivilege = new SystemPrivilege(
new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
request = ServletActionContext.getRequest();
Employee employee = (Employee) request.getSession().getAttribute("employee");
for (PrivilegeGroup p : employee.getGroups()) {
if(p.getPrivileges().contains(methodPrivilege))
return true;
}
return false;
}

}

4.配置strut.xml

<interceptors>
<interceptor name="permission" class="cn.kugou.web.interceptor.PermissionInterceptor"/>

<interceptor-stack name="employeePermissionStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="permission"/>
</interceptor-stack>
</interceptors>

/**
* 系統許可權
*/
@Entity
public class SystemPrivilege {
private SystemPrivilegePK id;
/* 許可權名稱 */
private String name;

public SystemPrivilege(String model, String privilegeValue, String name) {
this.id = new SystemPrivilegePK(model, privilegeValue);
this.name = name;
}

public SystemPrivilege(SystemPrivilegePK id) {
this.id = id;
}

public SystemPrivilege(){}

@EmbeddedId
public SystemPrivilegePK getId() {
return id;
}
public void setId(SystemPrivilegePK id) {
this.id = id;
}
@Column(length=20,nullable=false)
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((id == null) ? 0 : id.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final SystemPrivilege other = (SystemPrivilege) obj;
if (id == null) {
if (other.id != null)
return false;
} else if (!id.equals(other.id))
return false;
return true;
}
}
@Embeddable//聯合主鍵(好比name有firstname和lastname)
public class SystemPrivilegePK implements Serializable{
private static final long serialVersionUID = 8605550883829066859L;
/* 模組名 */
private String model;
/* 許可權值 */
private String privilegeValue;

public SystemPrivilegePK(){}

public SystemPrivilegePK(String model, String privilegeValue) {
this.model =model;
this.privilegeValue= privilegeValue;
}

@Column(length=25, name="model")
public String getModel() {
return model;
}
public void setModel(String model) {
this.model = model;
}
@Column(length=25, name="privilegeValue")
public String getPrivilegeValue() {
return privilegeValue;
}
public void setPrivilegeValue(String privilegeValue) {
this.privilegeValue = privilegeValue;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((model == null) ? 0 : model.hashCode());
result = prime * result
+ ((privilegeValue == null) ? 0 : privilegeValue.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final SystemPrivilegePK other = (SystemPrivilegePK) obj;
if (model == null) {
if (other.model != null)
return false;
} else if (!model.equals(other.model))
return false;
if (privilegeValue == null) {
if (other.privilegeValue != null)
return false;
} else if (!privilegeValue.equals(other.privilegeValue))
return false;
return true;
}
}
這樣配置完成後,啟動程式卻出錯了。

具體錯誤是:SystemPrivilege methodPrivilege = new SystemPrivilege(
new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
它出錯了。

在也弄不懂了???????
錯誤報告:
Struts Problem Report
Struts has detected an unhandled exception:

Messages:
File: cn/kugou/web/interceptor/PermissionInterceptor.java
Line number: 45


--------------------------------------------------------------------------------

Stacktraces
java.lang.NullPointerException
cn.kugou.web.interceptor.PermissionInterceptor.validate(PermissionInterceptor.java:45)
cn.kugou.web.interceptor.PermissionInterceptor.intercept(PermissionInterceptor.java:31)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
cn.kugou.web.interceptor.EmployeeInterceptor.intercept(EmployeeInterceptor.java:31)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:165)
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept

相關文章