标签:
需要开发一个按钮权限的控制,思路:拦截所有按钮路径,和用户拥有的3级按钮权限对比,
所有验证都一个方法解决,只需要修改js后的参数,参数就是按钮对应的权限码
如果有什么问题请提醒,谢谢!
xml:
<mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/**"/> <bean id="buttonInterceptor" class="sls.interceptor.buttonInterceptor"/> </mvc:interceptor> </mvc:interceptors>
buttonInterceptor:
import java.util.List; import java.util.logging.Logger; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import sls.system.vo.UserInfoVo; /** * 按钮权限控制 拦截 * @author Administrator * */ public class buttonInterceptor extends HandlerInterceptorAdapter { private static final String[] IGNORE_URI = {"/download"}; private Logger log = Logger.getLogger(this.getClass().getName()); public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { boolean flag = false; response.reset(); String url = request.getRequestURL().toString(); String parameter = request.getParameter("parameter"); log.info(">>>: " + url); boolean ret=false; if (url.contains("button") && parameter!=null){ log.info("访问路径包含在button集合中被拦截"); UserInfoVo userInfoVo =(UserInfoVo) request.getSession().getAttribute("userInfoVo"); String authorityButtons =userInfoVo.getAuthorityButton(); if(authorityButtons!=null){ String[] authorityButton =authorityButtons.split(","); for (String string : authorityButton) { //log.info(string); if(string.equals(parameter)){ log.info("有权限"+parameter); ret= true; } } } if(!ret){ java.io.PrintWriter out = response.getWriter(); out.println(false); out.flush(); out.close(); } }else{ ret =true; } return ret; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { super.postHandle(request, response, handler, modelAndView); } }
js:
function downloadProductInfo(){
$.post("jurisdiction/button.action?parameter=downloadProductInfo",function (e){
if(e.indexOf("false")!=-1){
alert("您没有操作此按钮的权限")
}else{
$("#searchForm").attr("action","basicData/downloadProductInfo.action");
$("#searchForm").submit();
}
})
}
controller:
/**
* 按钮权限控制公共方法
* @return
*/
@RequestMapping("button")
@ResponseBody
public String button(){
System.out.println("按钮权限控制公共方法访问成功");
return "";
}
标签:
原文地址:http://www.cnblogs.com/mytzq/p/5934348.html
