1.新建注解Permission
@Retention(RetentionPolicy.RUNTIME)//指定该注解是在运行期进行
@Target(ElementType.METHOD)//指定该注解要在方法上使用
public @interface Permission { String model(); String privilegeValue();
} 2.注解解析器: public class ValidatePermission {
public static Permission parsePermission(Class<?> clazz, String methodName,
Class<?>... parameterTypes) throws NoSuchMethodException {
// 根据方法名,取得方法,如果有则返回
Method method = clazz.getMethod(methodName, parameterTypes);
if (method != null && method.isAnnotationPresent(Permission.class)) {
Permission permission = method.getAnnotation(Permission.class);
if(null!=permission)
return permission;
}
return null;
}
} 3.自定义拦截器 public class PermissionInterceptor extends AbstractInterceptor{ @Override
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext context = invocation.getInvocationContext();
ActionProxy proxy = invocation.getProxy();
String methodName = proxy.getMethod();
Object action = proxy.getAction();
String auth = null;
HttpServletRequest request = ServletActionContext.getRequest();
if(request.getRequestURI().startsWith("/control")){
if(!validate(action.getClass(),methodName,request)){
ActionContext.getContext().put("message", "您没有执行该操作的权限");
ActionContext.getContext().put("urladdress", SiteUrl.readUrl("control.control.right"));
return "message";
}
}
return null;
} private boolean validate(Class<?> clazz, String methodName,
HttpServletRequest request) throws NoSuchMethodException {
Permission permission = ValidatePermission.parsePermission(clazz, methodName, null);
SystemPrivilege methodPrivilege = new SystemPrivilege(
new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
request = ServletActionContext.getRequest();
Employee employee = (Employee) request.getSession().getAttribute("employee");
for (PrivilegeGroup p : employee.getGroups()) {
if(p.getPrivileges().contains(methodPrivilege))
return true;
}
return false;
} } 4.配置strut.xml <interceptors>
<interceptor name="permission" class="cn.kugou.web.interceptor.PermissionInterceptor"/>
<interceptor-stack name="employeePermissionStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="permission"/>
</interceptor-stack>
</interceptors>
/**
* 系统权限
*/
@Entity
public class SystemPrivilege {
private SystemPrivilegePK id;
/* 权限名称 */
private String name; public SystemPrivilege(String model, String privilegeValue, String name) {
this.id = new SystemPrivilegePK(model, privilegeValue);
this.name = name;
} public SystemPrivilege(SystemPrivilegePK id) {
this.id = id;
} public SystemPrivilege(){} @EmbeddedId
public SystemPrivilegePK getId() {
return id;
}
public void setId(SystemPrivilegePK id) {
this.id = id;
}
@Column(length=20,nullable=false)
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((id == null) ? 0 : id.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final SystemPrivilege other = (SystemPrivilege) obj;
if (id == null) {
if (other.id != null)
return false;
} else if (!id.equals(other.id))
return false;
return true;
}
}
@Embeddable//联合主键(好比name有firstname和lastname)
public class SystemPrivilegePK implements Serializable{
private static final long serialVersionUID = 8605550883829066859L;
/* 模块名 */
private String model;
/* 权限值 */
private String privilegeValue; public SystemPrivilegePK(){} public SystemPrivilegePK(String model, String privilegeValue) {
this.model =model;
this.privilegeValue= privilegeValue;
} @Column(length=25, name="model")
public String getModel() {
return model;
}
public void setModel(String model) {
this.model = model;
}
@Column(length=25, name="privilegeValue")
public String getPrivilegeValue() {
return privilegeValue;
}
public void setPrivilegeValue(String privilegeValue) {
this.privilegeValue = privilegeValue;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((model == null) ? 0 : model.hashCode());
result = prime * result
+ ((privilegeValue == null) ? 0 : privilegeValue.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final SystemPrivilegePK other = (SystemPrivilegePK) obj;
if (model == null) {
if (other.model != null)
return false;
} else if (!model.equals(other.model))
return false;
if (privilegeValue == null) {
if (other.privilegeValue != null)
return false;
} else if (!privilegeValue.equals(other.privilegeValue))
return false;
return true;
}
}
这样配置完成后,启动程序却出错了。 具体错误是:SystemPrivilege methodPrivilege = new SystemPrivilege(
new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
它出错了。 在也弄不懂了???????
错误报告:
Struts Problem Report
Struts has detected an unhandled exception: Messages:
File: cn/kugou/web/interceptor/PermissionInterceptor.java
Line number: 45
-------------------------------------------------------------------------------- Stacktraces
java.lang.NullPointerException
cn.kugou.web.interceptor.PermissionInterceptor.validate(PermissionInterceptor.java:45)
cn.kugou.web.interceptor.PermissionInterceptor.intercept(PermissionInterceptor.java:31)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
cn.kugou.web.interceptor.EmployeeInterceptor.intercept(EmployeeInterceptor.java:31)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:165)
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:252)
org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:68)
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:122)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
@Retention(RetentionPolicy.RUNTIME)//指定该注解是在运行期进行
@Target(ElementType.METHOD)//指定该注解要在方法上使用
public @interface Permission { String model(); String privilegeValue();
} 2.注解解析器: public class ValidatePermission {
public static Permission parsePermission(Class<?> clazz, String methodName,
Class<?>... parameterTypes) throws NoSuchMethodException {
// 根据方法名,取得方法,如果有则返回
Method method = clazz.getMethod(methodName, parameterTypes);
if (method != null && method.isAnnotationPresent(Permission.class)) {
Permission permission = method.getAnnotation(Permission.class);
if(null!=permission)
return permission;
}
return null;
}
} 3.自定义拦截器 public class PermissionInterceptor extends AbstractInterceptor{ @Override
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext context = invocation.getInvocationContext();
ActionProxy proxy = invocation.getProxy();
String methodName = proxy.getMethod();
Object action = proxy.getAction();
String auth = null;
HttpServletRequest request = ServletActionContext.getRequest();
if(request.getRequestURI().startsWith("/control")){
if(!validate(action.getClass(),methodName,request)){
ActionContext.getContext().put("message", "您没有执行该操作的权限");
ActionContext.getContext().put("urladdress", SiteUrl.readUrl("control.control.right"));
return "message";
}
}
return null;
} private boolean validate(Class<?> clazz, String methodName,
HttpServletRequest request) throws NoSuchMethodException {
Permission permission = ValidatePermission.parsePermission(clazz, methodName, null);
SystemPrivilege methodPrivilege = new SystemPrivilege(
new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
request = ServletActionContext.getRequest();
Employee employee = (Employee) request.getSession().getAttribute("employee");
for (PrivilegeGroup p : employee.getGroups()) {
if(p.getPrivileges().contains(methodPrivilege))
return true;
}
return false;
} } 4.配置strut.xml <interceptors>
<interceptor name="permission" class="cn.kugou.web.interceptor.PermissionInterceptor"/>
<interceptor-stack name="employeePermissionStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="permission"/>
</interceptor-stack>
</interceptors>
/**
* 系统权限
*/
@Entity
public class SystemPrivilege {
private SystemPrivilegePK id;
/* 权限名称 */
private String name; public SystemPrivilege(String model, String privilegeValue, String name) {
this.id = new SystemPrivilegePK(model, privilegeValue);
this.name = name;
} public SystemPrivilege(SystemPrivilegePK id) {
this.id = id;
} public SystemPrivilege(){} @EmbeddedId
public SystemPrivilegePK getId() {
return id;
}
public void setId(SystemPrivilegePK id) {
this.id = id;
}
@Column(length=20,nullable=false)
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((id == null) ? 0 : id.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final SystemPrivilege other = (SystemPrivilege) obj;
if (id == null) {
if (other.id != null)
return false;
} else if (!id.equals(other.id))
return false;
return true;
}
}
@Embeddable//联合主键(好比name有firstname和lastname)
public class SystemPrivilegePK implements Serializable{
private static final long serialVersionUID = 8605550883829066859L;
/* 模块名 */
private String model;
/* 权限值 */
private String privilegeValue; public SystemPrivilegePK(){} public SystemPrivilegePK(String model, String privilegeValue) {
this.model =model;
this.privilegeValue= privilegeValue;
} @Column(length=25, name="model")
public String getModel() {
return model;
}
public void setModel(String model) {
this.model = model;
}
@Column(length=25, name="privilegeValue")
public String getPrivilegeValue() {
return privilegeValue;
}
public void setPrivilegeValue(String privilegeValue) {
this.privilegeValue = privilegeValue;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((model == null) ? 0 : model.hashCode());
result = prime * result
+ ((privilegeValue == null) ? 0 : privilegeValue.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final SystemPrivilegePK other = (SystemPrivilegePK) obj;
if (model == null) {
if (other.model != null)
return false;
} else if (!model.equals(other.model))
return false;
if (privilegeValue == null) {
if (other.privilegeValue != null)
return false;
} else if (!privilegeValue.equals(other.privilegeValue))
return false;
return true;
}
}
这样配置完成后,启动程序却出错了。 具体错误是:SystemPrivilege methodPrivilege = new SystemPrivilege(
new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
它出错了。 在也弄不懂了???????
错误报告:
Struts Problem Report
Struts has detected an unhandled exception: Messages:
File: cn/kugou/web/interceptor/PermissionInterceptor.java
Line number: 45
-------------------------------------------------------------------------------- Stacktraces
java.lang.NullPointerException
cn.kugou.web.interceptor.PermissionInterceptor.validate(PermissionInterceptor.java:45)
cn.kugou.web.interceptor.PermissionInterceptor.intercept(PermissionInterceptor.java:31)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
cn.kugou.web.interceptor.EmployeeInterceptor.intercept(EmployeeInterceptor.java:31)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:165)
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:252)
org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:68)
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:87)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:122)
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:237)
解决方案 »
- 想做个网站,大家能给点建议么
- Web Services 教程 推荐
- DB2一个简单但头疼的问题,帮忙看看啊
- 关于Struts的Action重复处理的问题
- 关于Oracle中Clob字段处理的问题(Struts+Hibernate)
- $用struts一段时间了后改到了webwork近1年,这个版块还是集中在struts上,挖墙角写webwork例子$
- java.sql.SQLException: ORA-01000: 超出打开游标的最大数
- struts的奇怪错误啊
- jdbc中,关于statement和connection
- 群发邮件,保存时不能保存多条信息
- 有关浏览器的退格键问题(在线等!!!!!)
- struts2文件下载时候的问题
System.out.println(permission); //看看这里打印的是不是NUll
SystemPrivilege methodPrivilege = new SystemPrivilege(new SystemPrivilegePK(permission.model(), permission.privilegeValue()));
public String addSystemUser(){
……
}
应该在action的方法中这样写吧