1、创建PermissionHandlerChain 抽象类
package com.shsxt.crm.core.framework.annotation.factory;
import com.shsxt.crm.core.framework.annotation.CheckType;
import javax.servlet.http.HttpServletRequest;
/**
* 责任链模式
* 权限校验处理链
*/
public abstract class PermissionHandlerChain {
//本身的对象引用
protected PermissionHandlerChain successor;
//权限校验方法
public abstract boolean permissionCherkHandler(HttpServletRequest request, CheckType type,String[] optValue );
//设置处理对象的方法
protected void setSuccessor(PermissionHandlerChain successor){
this.successor=successor;
}
}
《2-4是整个链状的3种状态自拦截》
2、不需要拦截的状态(NONE)
package com.shsxt.crm.core.framework.annotation.factory;
import com.shsxt.crm.core.framework.annotation.CheckType;
import javax.servlet.http.HttpServletRequest;
/**
* 责任链模式
* 权限校验处理链
*/
public abstract class PermissionHandlerChain {
//本身的对象引用
protected PermissionHandlerChain successor;
//权限校验方法
public abstract boolean permissionCherkHandler(HttpServletRequest request, CheckType type,String[] optValue );
//设置处理对象的方法
protected void setSuccessor(PermissionHandlerChain successor){
this.successor=successor;
}
}
3、对是否登录进行拦截(LOGIN)
package com.shsxt.crm.core.framework.annotation.factory;
import com.shsxt.crm.core.common.util.VerificationLoginUtil;
import com.shsxt.crm.core.framework.annotation.CheckType;
import com.shsxt.crm.core.framework.annotation.handler.PermissionHandlerBeanFactory;
import javax.servlet.http.HttpServletRequest;
public class PermissionLoginHandler extends PermissionHandlerChain {
@Override
public boolean permissionCherkHandler(HttpServletRequest request, CheckType type, String[] optValue) {
if (type == CheckType.LOGIN) {
return VerificationLoginUtil.isUserLogin(request);
}else {
setSuccessor(PermissionHandlerBeanFactory.createPermissionLoginHandler());
return successor.permissionCherkHandler(request,type,optValue);
}
}
}
4、对每个用户的操作权限进行拦截(ROLE)
package com.shsxt.crm.core.framework.annotation.factory;
import com.shsxt.crm.core.framework.annotation.CheckType;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
/**
* 角色校验
*/
public class PermissionRoleHandler extends PermissionHandlerChain {
@Override
public boolean permissionCherkHandler(HttpServletRequest request, CheckType type, String[] optValue) {
if (type == CheckType.ROLE){
//获取用户权限值
Object userPermission = request.getSession().getAttribute("userPermission");
//验证用户权限值(Acl)是否包含操作模块的操作权限值(optAcl)
List<String> aclList = (List<String>) userPermission;
for (String oacl:optValue) {
boolean c = aclList.contains(oacl);
if (!c){
return false;
}
}
return true;
}else {
return false;
}
}
}
5、在处理拦截的流转过程中要不断的new下一个类的对象,所以将每个相同的部分提取出来,用一个简单的工厂模式进行代替(PermissionHandlerBeanFactory)。
package com.shsxt.crm.core.framework.annotation.factory;
import com.shsxt.crm.core.framework.annotation.handler.PermissionHandlerChain;
import com.shsxt.crm.core.framework.annotation.handler.PermissionLoginHandler;
import com.shsxt.crm.core.framework.annotation.handler.PermissionNoneHandler;
import com.shsxt.crm.core.framework.annotation.handler.PermissionRoleHandler;
/**
* 简单工厂模式
*/
public class PermissionHandlerBeanFactory {
public static PermissionHandlerChain createPermissionNoneHandler (){
return new PermissionNoneHandler();
}
public static PermissionHandlerChain createPermissionLoginHandler (){
return new PermissionLoginHandler();
}
public static PermissionHandlerChain createPermissionRoleHandler (){
return new PermissionRoleHandler();
}
}
如对本文有疑问, 点击进行留言回复!!
HashMap、Hashtable、ConcurrentHashMap三者间的异同
解决RecycleView 中Item包含Edittext时,滑动view复用导致数据错乱的问题
多线程、同步工作原理、死锁案例、Lock接口、线程的生命周期的讲解及实现
我要评论
网友评论