springAOP(Aspect)权限访问页面
1、XML进行配置切面
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd"> <bean id="jurisdictionAdvice" class="com.wbg.sums.web.aspect.jurisdictionAdvice"/> <aop:config> <!--定义切面--> <aop:aspect id="authAspect" ref="jurisdictionAdvice"> <!-- 定义切入点--> <aop:pointcut id="jurisdictionPointCut" expression=" execution(* com.wbg.sums.web.*.deleteByPrimaryKey(..)) or execution(* com.wbg.sums.web.*.updateByPrimaryKey(..)) "/> <!--方法环绕--> <aop:around method="readOnly" pointcut-ref="jurisdictionPointCut"/> </aop:aspect> </aop:config> </beans>
2、定义切面和切点
package com.wbg.sums.web.aspect; import com.wbg.sums.dto.Result; import com.wbg.sums.entity.Jurisdiction; import com.wbg.sums.service.JurisdictionService; import com.wbg.sums.service.MemberInformationService; import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.annotation.Aspect; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.stereotype.Component; import javax.servlet.http.HttpSession; @Component @Aspect @EnableAspectJAutoProxy public class jurisdictionAdvice { @Autowired HttpSession httpSession; //用户 @Autowired private MemberInformationService memberInformationService; //权限 @Autowired private JurisdictionService jurisdictionService; public Result readOnly(ProceedingJoinPoint pj){ //方法 String method = pj.getSignature().getName(); System.out.println(method); //获取用户 String user = (String) httpSession.getAttribute("user"); //模拟updateByPrimaryKey if(method.equals("updateByPrimaryKey")){ user="100010003"; }else { user="100010004"; } //查询根据用户查询权限 int jid = memberInformationService.selectJid(user); //获取权限 System.out.println(jid); Jurisdiction jurisdiction = jurisdictionService.selectByPrimaryKey(jid); System.out.println(jurisdiction); //如果是最高管理 if(jid == 1){ try { return (Result) pj.proceed(); } catch (Throwable throwable) { throwable.printStackTrace(); } }//如果是中级管理 并方法是修改 else if( jid == 2 && method.equals("updateByPrimaryKey")){ try { return (Result) pj.proceed(); } catch (Throwable throwable) { throwable.printStackTrace(); } } return new Result().error("权限不足"); } }
3、controller层
Result代码:
package com.wbg.sums.dto; public class Result { // 1203错误编码 // 1224正确编码,有返回数据 // 1028正确编码,无返回数据 // 1222 正确编码 无错误 用于判断删除成功或者失败 /** * 当修改添加删除 成功的时候,统一使用successMessage方法 编码为1028 否则就是没有成功 * */ //状态码 int code; //数据 Object data; //消息提示 String message; public Result() { } public Result(String message) { this.code=1222; this.message = message; } //数量 int count; public int getCount() { return count; } public void setCount(int count) { this.count = count; } public Result(int code, String message, Object data, int count) { this.code = code; this.data = data; this.message = message; this.count = count; } public Result(int code, String message) { this.code = code; this.message = message; } public int getCode() { return code; } public void setCode(int code) { this.code = code; } public Object getData() { return data; } public void setData(Object data) { this.data = data; } public String getMessage() { return message; } public void setMessage(String message) { this.message = message; } /** * successMessage * 正常返回,携带消息 * code:1028 * * @param message 消息 * data:null * count:0 * @return */ public static Result successMessage(String message) { return new Result(1028, message); } /** * success * 成功方法 带数据返回 * code:1224 * * @param data 数据 * @param count 总数 * @return */ public static Result success(Object data, int count) { return new Result(1224, "success", data, count); } /** * success * 成功方法 带数据返回 * code:1224 * message: success * * @param data 数据 * count :0 * @return */ public static Result success(Object data) { return new Result(1224, "success", data, 0); } /** * error * code:203 * data:null * count:0 * * @param message 错误信息 * @return */ public static Result error(String message) { return new Result(1203, message); } }
测试: