Individual case columns:
package com.ilas.bookcase.filter; import com.ilas.bookcase.controller.admin.AdminController; import com.ilas.bookcase.entity.Permission; import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; /** * @Author zzx * @Date 2019/5/8 9:17 */ public class AdminLoginFilter extends OncePerRequestFilter { private String[] publicUrl; private Map<String, String> fileterUrlMap; public AdminLoginFilter() { publicUrl = new String[]{ "/admin/css/\\S*", "/admin/fonts/\\S*", "/admin/img/\\S*", "/admin/js/\\S*", "/public/\\S*", "/admin/signIn", "/admin/signOut", "/admin/Sign-in.jsp" }; fileterUrlMap = new HashMap<String, String>(); fileterUrlMap.put("1001", "/admin/OperatorMgt.jsp"); fileterUrlMap.put("1002", "/admin/SysteamLog.jsp"); fileterUrlMap.put("2001", "/admin/ReadWriterMgt.jsp"); fileterUrlMap.put("2002", "/admin/BookcaseMgt.jsp"); fileterUrlMap.put("3001", "/admin/BookPutOnShelf.jsp"); fileterUrlMap.put("3002", "/admin/BookOutforShelf.jsp"); fileterUrlMap.put("3003", "/admin/BookMaintenance.jsp"); fileterUrlMap.put("3004", "/admin/ReaderInfo.jsp"); fileterUrlMap.put("3005", "/admin/SysteamLog.jsp"); fileterUrlMap.put("3006", "/admin/OpeAbnormalLog.jsp"); fileterUrlMap.put("4001", "/admin/LinkParamConfig.jsp"); } @Override protected void doFilterInternal(HttpServletRequest Request, HttpServletResponse Response, FilterChain filterChain) throws ServletException, IOException { String requestURI = Request.getRequestURI(); String contextPath = Request.getContextPath(); boolean state=false; if(!contextPath.equals("/")){ requestURI=requestURI.substring(contextPath.length()); } for(String url:publicUrl){ if(requestURI.matches(url)){ filterChain.doFilter(Request,Response); return; } } HttpSession session = Request.getSession(); Object attribute = session.getAttribute(AdminController.CURRENT_LOGIN_ADMIN); List<Permission> permissions = (List<Permission>)session.getAttribute(AdminController.CURRENT_ROLE_PERMISSION); String menuUrl="/admin/MenuList.jsp"; if(attribute!=null){ if(permissions!=null && permissions.size()>0){ //查看角色是否有该页面的权限 Iterator<Map.Entry<String, String>> iterator = fileterUrlMap.entrySet().iterator(); while (iterator.hasNext()) { Map.Entry<String, String> next = iterator.next(); if (next.getValue().matches(requestURI)) { for (Permission permission : permissions) { if (next.getKey().equals(permission.getCode())) { filterChain.doFilter(Request, Response); return; } } //角色没有该权限 state=false; break; } state=true; } //找不到需要权限校验的页面放行 if(state){ filterChain.doFilter(Request, Response); return; } } if(requestURI.equals(menuUrl)){ filterChain.doFilter(Request,Response); return; } Response.sendRedirect(Request.getContextPath() + "/admin/MenuList.jsp"); }else{ Response.sendRedirect(Request.getContextPath()+"/admin/Sign-in.jsp"); } } }