您的位置:首页 > 编程语言 > Java开发

struts 拦截器来过滤用户的权限

2014-12-01 09:56 232 查看 
package com.cstc.web.interceptor;

import java.util.Set;

import org.apache.commons.lang3.StringUtils;
import org.apache.struts2.ServletActionContext;

import com.cstc.common.Constants;
import com.cstc.entity.AppAccount;
import com.cstc.entity.Privilege;
import com.cstc.entity.Role;
import com.cstc.service.AppAccountService;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

//权限拦截器
public class PrivilegeInterceptor  extends  AbstractInterceptor{

private static final long serialVersionUID = 6417931165996137903L;

private AppAccountService appAccountService;

@Override
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("privilegeInterceptor"+appAccountService);

AppAccount acc =   (AppAccount) ActionContext.getContext().getSession().get(Constants.KEY_SESSION_CURR_USER);
boolean flag = false;

if(acc != null){

String uri =  ServletActionContext.getRequest().getRequestURI();

String resource = StringUtils.substringBetween(uri, "/mng/", "_");
String action = StringUtils.substringBetween(uri, "_", ".action");

System.out.println(acc);
System.out.println("account.Role:"+acc.getRole());
Role r  = acc.getRole();
Set<Privilege> set =  r.getSetPrivilege();
for (Privilege p : set) {
System.out.println("p::+++++"+p);
if(p.getResources().equalsIgnoreCase(resource)){
if(p.getAction().equals(action)){
flag=true;
}
}

}

if(flag){
return invocation.invoke();
}else{
return "fail";
}

}else{
return invocation.invoke();
}

}

public AppAccountService getAppAccountService() {
return appAccountService;
}

public void setAppAccountService(AppAccountService appAccountService) {
this.appAccountService = appAccountService;
}

}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航