Spring AOP自定义注解实现权限控制

1.创建注解类，controller控制层使用该注解进行权限控制使用

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * 自定义注解类实现aop 权限控制
 * @author sanch
 *
 */
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
@Documented
public @interface PrivilegeAnn {
	
	/**权限名称 **/
	String value() default ""; 
}

2.创建注解解析类 ， 用于返回注解value值在aop切面注解中环绕/前置拦截器中进行权限name判断使用

import java.lang.reflect.Method;

/**
 * 注解解析器
 * @author sanch
 *
 */
public class AnnotationParse {
	
	/**
	 * 解析注解
	 * @param targetClassName
	 * @param methodName
	 * @return 权限注解上的value值
	 * @throws Exception
	 */
	public static String parse(Class targetClassName,String methodName) throws Exception{
		Method method = targetClassName.getMethod(methodName); //获得目标方法
		String methodAccess = "";
		//判断目标方法上面是否存在@PrivilegeAnn注解
		if(method.isAnnotationPresent(PrivilegeAnn.class)){
			PrivilegeAnn annotation = method.getAnnotation(PrivilegeAnn.class);
			methodAccess = annotation.value(); //得到注解上的value值
		}
		return methodAccess;
	}
}

3.spring-mvc.xml 配置文件

<!-- 自动扫描包路径下文件注解 -->
    <context:component-scan base-package="top.lolcl"></context:component-scan>
<!-- 激活自动代理功能  cglib代理-->
    <aop:aspectj-autoproxy proxy-target-class="true"/>

4.创建Controller 层调用自定义注解 实现aop 切面拦截xi

@PrivilegeAnn("user")
	@RequestMapping("/index")
	public String index(Model model) throws Exception{
		List<Slideshow> slideshows = slideshowmapper.selectAll();
		model.addAttribute("model", slideshows);
		model.addAttribute("loadpath","echarts.jsp");
		return "/back/index.jsp";
	}

5.创建interator 类，实现aop 拦截

import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.After;
import org.aspectj.lang.annotation.AfterReturning;
import org.aspectj.lang.annotation.AfterThrowing;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/**
 * 
 * 请求拦截器 切面编程
 * @author sanch
 *
 */
@Aspect // 表示该类是一个通知类
@Component //spring注解方式bean注入 交给spring管理
public class RequestInterceptor {
	private  final static Logger logger = Logger.getLogger(RequestInterceptor.class);
	
	//定义一个空方法 借用其注解抽取切点表达式 
	@Pointcut("execution (* top.lolcl.control.*.*(..)) && @annotation(top.lolcl.annotation.PrivilegeAnn) ")
	public void point() {} 
	
	@Before("point()")
	public void permissCommon(JoinPoint joinPoint) throws Exception{
		System.out.println("进入aop-----------------------");
	}
	
	@Before("")
	public void before(JoinPoint joinPoint){}
	@Around("")
	public void around(ProceedingJoinPoint pjp){}
	@After("")
	public void after(JoinPoint joinPoint){}
	@AfterReturning("")
	public void afterRunning(JoinPoint joinPoint){}
	@AfterThrowing("")
    public void afterThrowing(JoinPoint joinPoint) {}
	
	/** * 在切面中获取http请求 * @return */ 
    private HttpServletRequest getRequest() { 
        return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest(); 
    }

}