| « | August 2025 | » | | 日 | 一 | 二 | 三 | 四 | 五 | 六 | | | | | | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | | | | | | | |
|
公告 |
| 本博客在此声明所有文章均为转摘,只做资料收集使用。并无其他商业用途。 |
| Blog信息 |
|
blog名称:
日志总数:210
评论数量:205
留言数量:-19
访问次数:918449
建立时间:2007年5月10日 |
| |
|
 [acegi权限认证]Acegi+hibernate 动态实现基于角色的权限管理(3)
文章收藏, 网上资源, 软件技术, 电脑与网络
李小白 发表于 2007/7/19 16:48:17 |
|
lhwork 发表于 2006-6-13 11:36:06
以下是我的标志实现,大致思路是 根据 页面 的传来的 方法名(即 FunctionName)查询出对应的Functions,并且包装成grantedFunctions ,然后根据用户的角色查询出用户对应的Functions ,再取这两个集合的交集,最后再根据这个集合是否为空判断是否显示标志体的内容。
1 package sample.auth; 2 import java.util.Arrays; 3 import java.util.Collection; 4 import java.util.Collections; 5 import java.util.HashSet; 6 import java.util.Iterator; 7 import java.util.List; 8 import java.util.Set; 9 10 import javax.servlet.jsp.JspException; 11 import javax.servlet.jsp.tagext.Tag; 12 import javax.servlet.jsp.tagext.TagSupport; 13 14 import org.acegisecurity.Authentication; 15 import org.acegisecurity.GrantedAuthority; 16 import org.acegisecurity.context.SecurityContextHolder; 17 import org.springframework.util.StringUtils; 18 import org.springframework.web.util.ExpressionEvaluationUtils; 19 20 import sample.web.action.AppContext; 21 /** 22 * 23 * @author limq 24 * 25 */ 26 public class AuthorizeActionTag extends TagSupport{ 27 28 private String ifAllGranted = ""; 29 private String ifAnyGranted = ""; 30 private String ifNotGranted = ""; 31 32 public void setIfAllGranted(String ifAllGranted) throws JspException { 33 this.ifAllGranted = ifAllGranted; 34 } 35 36 public String getIfAllGranted() { 37 return ifAllGranted; 38 } 39 40 public void setIfAnyGranted(String ifAnyGranted) throws JspException { 41 this.ifAnyGranted = ifAnyGranted; 42 } 43 44 public String getIfAnyGranted() { 45 return ifAnyGranted; 46 } 47 48 public void setIfNotGranted(String ifNotGranted) throws JspException { 49 this.ifNotGranted = ifNotGranted; 50 } 51 52 public String getIfNotGranted() { 53 return ifNotGranted; 54 } 55 56 public int doStartTag() throws JspException { 57 if (((null == ifAllGranted) || "".equals(ifAllGranted)) 58 && ((null == ifAnyGranted) || "".equals(ifAnyGranted)) 59 && ((null == ifNotGranted) || "".equals(ifNotGranted))) { 60 return Tag.SKIP_BODY; 61 } 62 63 final Collection granted = getPrincipalFunctionByAuthorities(); 64 65 final String evaledIfNotGranted = ExpressionEvaluationUtils 66 .evaluateString("ifNotGranted", ifNotGranted, pageContext); 67 68 if ((null != evaledIfNotGranted) && !"".equals(evaledIfNotGranted)) { 69 Set grantedCopy = retainAll(granted, 70 parseSecurityString(evaledIfNotGranted)); 71 72 if (!grantedCopy.isEmpty()) { 73 return Tag.SKIP_BODY; 74 } 75 } 76 77 final String evaledIfAllGranted = ExpressionEvaluationUtils 78 .evaluateString("ifAllGranted", ifAllGranted, pageContext); 79 80 if ((null != evaledIfAllGranted) && !"".equals(evaledIfAllGranted)) { 81 if (!granted.containsAll(parseSecurityString(evaledIfAllGranted))) { 82 return Tag.SKIP_BODY; 83 } 84 } 85 86 final String evaledIfAnyGranted = ExpressionEvaluationUtils 87 .evaluateString("ifAnyGranted", ifAnyGranted, pageContext); 88 89 if ((null != evaledIfAnyGranted) && !"".equals(evaledIfAnyGranted)) { 90 Set grantedCopy = retainAll(granted, 91 parseSecurityString(evaledIfAnyGranted)); 92 93 if (grantedCopy.isEmpty()) { 94 return Tag.SKIP_BODY; 95 } 96 } 97 98 return Tag.EVAL_BODY_INCLUDE; 99 } 100 /** 101 * 得到用户的Authentication,并且从Authentication中获得 Authorities,进而得到 授予用户的 Function 102 * @return 103 */ 104 private Collection getPrincipalFunctionByAuthorities() { 105 106 107 Authentication currentUser = SecurityContextHolder.getContext() 108 .getAuthentication(); 109 if (null == currentUser) { 110 return Collections.EMPTY_LIST; 111 } 112 113 if ((null == currentUser.getAuthorities()) 114 || (currentUser.getAuthorities().length < 1)) { 115 return Collections.EMPTY_LIST; 116 } 117 // currentUser.getAuthorities() 返回的是 GrantedAuthority[] 118 List granted = Arrays.asList(currentUser.getAuthorities()); 119 AuthDao authDao =(AuthDao) AppContext.getInstance().getAppContext().getBean("authDao"); 120 Collection grantedFunctions = authDao.getFunctionsByRoles(granted); 121 return grantedFunctions; 122 } 123 124 /** 125 * 得到用户功能(Function)的集合,并且验证是否合法 126 * @param c Collection 类型 127 * @return Set类型 128 */ 129 private Set SecurityObjectToFunctions(Collection c) { 130 Set target = new HashSet(); 131 132 for (Iterator iterator = c.iterator(); iterator.hasNext();) { 133 GrantedFunction function = (GrantedFunction) iterator.next(); 134 135 if (null == function.getFunction()) { 136 throw new IllegalArgumentException( 137 "Cannot process GrantedFunction objects which return null from getFunction() - attempting to process " 138 + function.toString()); 139 } 140 141 target.add(function.getFunction()); 142 } 143 144 return target; 145 } 146 147 /** 148 * 处理页面标志属性 ,用' ,'区分 149 */ 150 private Set parseSecurityString(String functionsString) { 151 final Set requiredFunctions = new HashSet(); 152 final String[] functions = StringUtils 153 .commaDelimitedListToStringArray(functionsString); 154 155 for (int i = 0; i < functions.length; i++) { 156 String authority = functions[i]; 157 158 // Remove the role's whitespace characters without depending on JDK 1.4+ 159 // Includes space, tab, new line, carriage return and form feed. 160 String function = StringUtils.replace(authority, " ", ""); 161 function = StringUtils.replace(function, "\t", ""); 162 function = StringUtils.replace(function, "\r", ""); 163 function = StringUtils.replace(function, "\n", ""); 164 function = StringUtils.replace(function, "\f", ""); 165 166 requiredFunctions.add(new GrantedFunctionImpl(function)); 167 } 168 169 return |
|
|