自定义权限注解

发表于 分类于 阅读次数: 阅读次数: Changyan: 本文字数: 3.8k 阅读时长 ≈ 3 分钟
请添加个描述吧
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
public class PermissionConstants {
    /**
     * 无需权限
     */
    public static final String PERMISSION_TYPE_NONE = "none";

    /**
     * 链路升级
     */
    public static final String PERMISSION_TYPE_GETUPGRADEPACKAGEDETAIL = "getUpgradePackageDetail";
    /**
     * 返回json,无权限
     */
    public static final String PERMISSION_HANDLE_WAY_NORMAL = "normal";
}

1
2
3
4
5
6
7
8
9
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface RequiredPermission {
    String permissionType() default PermissionConstants.PERMISSION_TYPE_NONE;//权限类型
    String handleWay() default PermissionConstants.PERMISSION_HANDLE_WAY_NORMAL;//对应的处理方式
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

public class PermissionInterceptor implements HandlerInterceptor {
    @Autowired
    private RequiredPermissionRepository requiredPermissionRepository;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        boolean retFlag = false;
        if (this.hasPermission(handler)) {
            retFlag = true;
        }else{//没有权限,按照对应处理办法处理返回值
            this.handleNoPermissionPre(handler,response);
            retFlag = false;
        }
        return retFlag;
    }
    /**
     * 是否有权限
     *
     * @param handler
     * @return
     */
    private boolean hasPermission(Object handler) {
        String loginUser = SessionOperationUtil.getLoginUser();
        if (handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;
            // 获取方法上的注解
            RequiredPermission requiredPermission = handlerMethod.getMethod().getAnnotation(RequiredPermission.class);
            // 如果方法上的注解为空 则获取类的注解
            if (requiredPermission == null) {
                requiredPermission = handlerMethod.getMethod().getDeclaringClass().getAnnotation(RequiredPermission.class);
            }
            // 如果标记了注解,则判断权限
            if (requiredPermission != null && !PermissionConstants.PERMISSION_TYPE_NONE.equals(requiredPermission.permissionType())) {
                List<TRequiredPermission> byUserNameAndPermissionType = requiredPermissionRepository.findByUserNameAndPermissionType(loginUser, requiredPermission.permissionType());
                if(ObjectUtils.isEmpty(byUserNameAndPermissionType)){
                    return false;
                }else{
                    return true;
                }

            }
        }
        return true;
    }
    /**
     * 处理无权限(预处理)
     *
     * @param handler
     * @return
     */
    private void handleNoPermissionPre(Object handler,HttpServletResponse response) {
        XHRmsg res = new XHRmsg();
        if (handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;
            // 获取方法上的注解
            RequiredPermission requiredPermission = handlerMethod.getMethod().getAnnotation(RequiredPermission.class);
            // 如果方法上的注解为空 则获取类的注解
            if (requiredPermission == null) {
                requiredPermission = handlerMethod.getMethod().getDeclaringClass().getAnnotation(RequiredPermission.class);
            }
            String handleWay = requiredPermission.handleWay();
            // 如果标记了注解,则判断权限
            if (requiredPermission != null) {
                switch (handleWay) {
                    case PermissionConstants.PERMISSION_HANDLE_WAY_NORMAL:
                        res.setCode(XHRmsgConstant.XHRCODE4396);
                        res.setMsg(XHRmsgConstant.XHRMSG4396);
                        returnJson(response,res.toString());
                        break;
                    default:
                        break;
                }

            }
        }
    }
    private void returnJson(HttpServletResponse response, String json){
        PrintWriter writer = null;
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json;charset=UTF-8");
        try {
            writer = response.getWriter();
            writer.print(json);

        } catch (IOException e) {
            e.printStackTrace();
        } finally {
            if (writer != null)
                writer.close();
        }
    }
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }

}