继续潜水

导航

 
mvc 按钮权限控制

 需要开发一个按钮权限的控制,思路:拦截所有按钮路径,和用户拥有的3级按钮权限对比,

所有验证都一个方法解决,只需要修改js后的参数,参数就是按钮对应的权限码

如果有什么问题请提醒,谢谢!

xml:

<mvc:interceptors>
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <bean id="buttonInterceptor" class="sls.interceptor.buttonInterceptor"/>
        </mvc:interceptor>
    </mvc:interceptors>

buttonInterceptor:

import java.util.List;
import java.util.logging.Logger;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import sls.system.vo.UserInfoVo;


/**
 * 按钮权限控制 拦截
 * @author Administrator
 *
 */
public class buttonInterceptor extends HandlerInterceptorAdapter {
    private static final String[] IGNORE_URI = {"/download"};
    private Logger log = Logger.getLogger(this.getClass().getName());
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         boolean flag = false;
         response.reset();
         String url = request.getRequestURL().toString();
         String parameter = request.getParameter("parameter");
         log.info(">>>: " + url);
         boolean ret=false;
         if (url.contains("button") && parameter!=null){
             log.info("访问路径包含在button集合中被拦截");
             UserInfoVo userInfoVo =(UserInfoVo) request.getSession().getAttribute("userInfoVo");
             String  authorityButtons =userInfoVo.getAuthorityButton();
             if(authorityButtons!=null){
                 String[] authorityButton =authorityButtons.split(",");
                 for (String string : authorityButton) {
                     //log.info(string);
                     if(string.equals(parameter)){ 
                         log.info("有权限"+parameter);
                         ret= true;
                     }
                }
             }
             if(!ret){ 
                 java.io.PrintWriter out = response.getWriter();
                 out.println(false);
                 out.flush();
                 out.close();
             }
         }else{
             ret =true;
         }
         return ret;
    }    
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        super.postHandle(request, response, handler, modelAndView);
    }
    
    
    
    
    
    
    
    
    
}

 

js:

function downloadProductInfo(){
		$.post("jurisdiction/button.action?parameter=downloadProductInfo",function (e){
			if(e.indexOf("false")!=-1){
				alert("您没有操作此按钮的权限")
			}else{
				$("#searchForm").attr("action","basicData/downloadProductInfo.action");
				$("#searchForm").submit();	
			}
		})
	}

controller:

/**
	 * 按钮权限控制公共方法
	 * @return
	 */
	@RequestMapping("button")
	@ResponseBody 
	public String  button(){
		System.out.println("按钮权限控制公共方法访问成功");
		return "";
	}

 

posted on 2016-10-06 19:07  继续潜水  阅读(2533)  评论(0编辑  收藏  举报
 
Powered by:
博客园
Copyright © 2024 继续潜水
Powered by .NET 8.0 on Kubernetes