权限管理和日志拦截器.docx

日志拦截器package erceptor;import java.util.Date;import java.util.Map;import com.opensymphony.xwork2.ActionContext;import com.opensymphony.xwork2.ActionInvocation;import erceptor.AbstractInterceptor;import com.yuanit.app.action.AdminAction;import com.yuanit.app.model.Log;import com.yuanit.app.model.Member;import com.yuanit.app.model.Permission;import com.yuanit.app.model.Role;import com.yuanit.app.service.ILogService;import com.yuanit.app.service.IMemberService;import com.yuanit.app.service.IPermissionService;import com.yuanit.app.util.AppConstants;import com.yuanit.sys.action.GenericAction;import com.yuanit.sys.util.EEMediaBeanFactory;public class LogInterceptor extends AbstractInterceptor Overridepublic String intercept(ActionInvocation invocation) throws Exception / TODO Auto-generated method stubString result = invocation.invoke();ActionContext ctx = invocation.getInvocationContext();Map session = ctx.getSession();Member member = (Member) session.get(AppConstants.LOGIN_MEMBER);Role role = (Role) session.get(AppConstants.LOGIN_ROLE);String url = /;StringBuffer urlStringBuffer = new StringBuffer(url);String actionName = invocation.getInvocationContext().getName(); String args = actionName.split(AppConstants.ACTION_SPLIT_CHAR);urlStringBuffer.append(actionName);urlStringBuffer.append(.action); if(args1.indexOf(AppConstants.ACTION_INDEXOF_DO) = 0) if(args1.indexOf(doEdit) = 0) GenericAction genericAction = (GenericAction)invocation.getAction(); int id = genericAction.getId(); if(id != 0) urlStringBuffer.append(?id=); url = urlStringBuffer.toString(); IPermissionService permissionService = EEMediaBeanFactory.getService(IPermissionService.class); /IMemberService memberService = EEMediaBeanFactory.getService(IMemberService.class); /IRoleService roleService = EEMediaBeanFactory.getService(IRoleService.class); Permission permission = permissionService.getPermission(url); ILogService logService = EEMediaBeanFactory.getService(ILogService.class); Log log = new Log(); if(permission != null) String operateDescription = permission.getPermissionDesc(); int operateRole = role.getId(); int operateMember = member.getId(); Long operateDate = new Date().getTime(); log.setOperateDate(operateDate); log.setOperateDescription(operateDescription); log.setOperateMember(operateMember); log.setOperateRole(operateRole); logService.createLog(log); return result;权限拦截器package erceptor;import java.util.Map;import com.opensymphony.xwork2.Action;import com.opensymphony.xwork2.ActionContext;import com.opensymphony.xwork2.ActionInvocation;import erceptor.AbstractInterceptor;import com.yuanit.app.dao.IRoleDAO;import com.yuanit.app.model.Permission;import com.yuanit.app.model.Role;import com.yuanit.app.service.IPermissionService;import com.yuanit.app.util.AppConstants;import com.yuanit.sys.util.EEMediaBeanFactory;public class PermissionValidateInterceptor extends AbstractInterceptor Overridepublic String intercept(ActionInvocation invocation) throws Exception ActionContext ctx = invocation.getInvocationContext();String actionName = invocation.getProxy().getActionName();if (AppConstants.ADMIN_GOLOGIN_ACTION.equals(actionName)| AppConstants.ADMIN_DOLOGIN_ACTION.equals(actionName)| AppConstants.ADMIN_GOINDEX_ACTION.equals(actionName)| AppConstants.ADMIN_GOLEFT_ACTION.equals(actionName)| AppConstants.PERMISSION_GETSUBPERMISSIONS_ACTION.equals(actionName) return invocation.invoke();String args = actionName.split(AppConstants.ACTION_SPLIT_CHAR);if (args1.indexOf(AppConstants.ACTION_INDEXOF_GO) = 0) Map session = ctx.getSession();Role role_login = (Role) session.get(AppConstants.LOGIN_ROLE);if (role_login = null) session.put(AppConstants.INTERCEPTOR_MESSAGE, 您还没有登录，请先登录!);return Action.ERROR;IRoleDAO roleDAO = EEMediaBeanFactory.getService(IRoleDAO.class);Role role = roleDAO.findRole(role_login.getId();String role_permission = role.getRolePermissions();String url = /;StringBuffer urlStringBuffer = new StringBuffer(url);urlStringBuffer.append(actionName);urlStringBuffer.append(.action);url = urlStringBuffer.toString();IPermissionService permissionService = EEMediaBeanFactory.getService(IPermissionService.class);Permission permission = permissionService.getPermission(url);if (role_permission.contains(permission.getId().toString() return invocation.invoke(); else session.put(AppConstants.INTERCEPTOR_MESSAGE, 您没有权限访问此页面!);return Action.ERROR; else return invocation.invoke();Struts中的配置!- - 日志拦截器的辅助调用方法一：package com.yuanit.sys.utilpublic static T getService(Class clz) if (ctx = null) throw new RuntimeException(application context wasnt intialized); String beanName = clz.getSimpleName(); if (beanName.startsWith(I) beanName = beanName.substring(1); beanName = beanName.substring(0, 1).toLowerCase() + beanName.substring(1); return (T)ctx.getBean(beanName);二：package com.yuanit.app.service.impl;/* * 根据权限URL取得权限信息 * param permissionURL 权限URL * return permission 权限对象 */Permission getPermission(String permissionURL) throws ServiceException;tryreturn permissionDAO.findPermission(permissionURL);catch(DAOException de)throw new ServiceException(de.getMessage();catch(Exception ex)logger.error(ex.getMessage();ex.printStackTrace();throw new ServiceException(根据权限URL取得权限信息发生错误.);权限拦截器的辅助方法一：package com.yuanit.sys.util; public static T getService(Class clz) if (ctx = null) throw new RuntimeException(application context wasnt intialized); String beanName = clz.getSimpleName(); if (beanName.startsWith(I) beanName = beanName.substring(1); beanName = beanName.substring(0, 1).toLowerCase() + beanName.substring(1); return (T)ctx.getBean(beanName);二：/* * 根据角色ID获取权限对象 * param roleId * return * throws DAOException */public Role findRole(int roleId) throws DAOException tryreturn super.getObject(roleId);catch(DAOException ex)logger.error(取得 roleId( + roleId + ) 对应的信息发生错误，该信息可能被删除！);throw new DAOException(取得 roleId( + roleId + ) 对应的信息发生错误，该信息可能被删除！);catch(Exception exception)logger.error(取得 roleId( + roleId + ) 对应的信息发生错误: + exception.getMessage();throw new DAOException(取得 roleId( + roleId + ) 对应的信息发生错误！);其中APPConstantspackage com.yuanit.app.util;public class AppConstants public static int SUCCESS_YES = 1;/是否操作成功：是public static int SUCCESS_NO = 0;/是否操作成功：否public static String LOGIN_MEMBER = loginMember;/登录用户public static String LOGIN_ROLE = loginRole;/登录角色public static int PAGINATION_RANGE = 10;/默认分页大小：10public static String RETURN_TYPE_JSON = json;/Action返回类型：Jsonpublic static St