权限 例子
@Component
@Aspect
public class powerCheckAspect {
@Pointcut("@annotation(Power)")
public void pointCut() {
}
@Around(value = "pointCut() && @annotation(power)", argNames = "power")
public Object doAround(ProceedingJoinPoint pjp, Power power) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getResponse();
Employee user = (Employee) request.getSession().getAttribute("user");
if (user == null) {
// response.sendRedirect("login.html");
return new JsonResult(506, "请先登录");
//todo:login
} else if (user.getPower() == null) {
return new JsonResult(500, "权限设置错误");
} else if ((power.value().getValue() & user.getPower()) >= power.value().getValue() || user.getPower() >= 0b100000) {
return pjp.proceed();
} else
return new JsonResult(504, "缺少权限");
}
}
// 销售退货
@Power(PowerType.xsth)
@PostMapping("/xsth/{order_total}/total")
public JsonResult xiaoShouTuiHuo(@RequestBody List<Cgdetail> detail_list, @PathVariable int order_total) {
System.out.println(detail_list);
return cgdetailService.AddDetailAndOrder(detail_list, order_total, true);
}
@Documented
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Power {
PowerType value();
}
public enum PowerType {
admin(0b10_0000),
user(0b01_0000),
cg(0b00_1000),
cgth(0b00_0100),
xs(0b00_0010),
xsth(0b00_0001);
private final short value;
PowerType(int value) {
this.value = (short) value;
}
public short getValue() {
return value;
}
}
原理
•
动态代理(优先选择)
•
cglib代理
就是如何在所有的Service类加上公共方法。
/*
* 前置通知 --目标方法之前执行
* 后置通知 --目标方法之后执行(如果方法发生异常,不会执行)
* 环绕通知--在目标方法之前和之后执行
* 异常拦截通知--如果发生异常,就会调用
* 后置通知--目标方法之后执行(如果,目标方法发生异常,还会执行)
*/
评论区