需要开发一个按钮权限的控制,思路:拦截所有按钮路径,和用户拥有的3级按钮权限对比,
所有验证都一个方法解决,只需要修改js后的参数,参数就是按钮对应的权限码
如果有什么问题请提醒,谢谢!
xml:
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean id="buttonInterceptor" class="sls.interceptor.buttonInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
buttonInterceptor:
import java.util.List;
import java.util.logging.Logger; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import sls.system.vo.UserInfoVo; /**
* 按钮权限控制 拦截
* @author Administrator
*
*/
public class buttonInterceptor extends HandlerInterceptorAdapter {
private static final String[] IGNORE_URI = {"/download"};
private Logger log = Logger.getLogger(this.getClass().getName());
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
boolean flag = false;
response.reset();
String url = request.getRequestURL().toString();
String parameter = request.getParameter("parameter");
log.info(">>>: " + url);
boolean ret=false;
if (url.contains("button") && parameter!=null){
log.info("访问路径包含在button集合中被拦截");
UserInfoVo userInfoVo =(UserInfoVo) request.getSession().getAttribute("userInfoVo");
String authorityButtons =userInfoVo.getAuthorityButton();
if(authorityButtons!=null){
String[] authorityButton =authorityButtons.split(",");
for (String string : authorityButton) {
//log.info(string);
if(string.equals(parameter)){
log.info("有权限"+parameter);
ret= true;
}
}
}
if(!ret){
java.io.PrintWriter out = response.getWriter();
out.println(false);
out.flush();
out.close();
}
}else{
ret =true;
}
return ret;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
super.postHandle(request, response, handler, modelAndView);
} }
js:
function downloadProductInfo(){
$.post("jurisdiction/button.action?parameter=downloadProductInfo",function (e){
if(e.indexOf("false")!=-1){
alert("您没有操作此按钮的权限")
}else{
$("#searchForm").attr("action","basicData/downloadProductInfo.action");
$("#searchForm").submit();
}
})
}
controller:
/**
* 按钮权限控制公共方法
* @return
*/
@RequestMapping("button")
@ResponseBody
public String button(){
System.out.println("按钮权限控制公共方法访问成功");
return "";
}