1. interceptor 调用Spring容器中的bean
在interceptor中常有需要调用Spring Bean的需要,其实很简单和Struts2的Action一样配置即可.
Spring中的配置
<!--spring配置 -->
1 <bean id="authorityInterceptor" class="com.xxx.interceptor.AuthorityInterceptor"/> <bean id="operationInterceptor" class="com.xxx.interceptor.OperationInterceptor">
<property name="defectService" ref="sysDefectService"/>
<property name="projectService" ref="projectService" />
<property name="includeMethods">
<value>*Modify,*Delete</value>
</property>
</bean>
Struts2中的配置
<interceptors>
<interceptor name="loginInterceptor" class="authorityInterceptor"/>
<interceptor name="operationInterceptor" class="operationInterceptor"/>
</interceptors>
2. 如何获得当前Action名字
public String intercept(ActionInvocation aInvocation) throws Exception {
// 获取请求的action名称
String actionName = aInvocation.getInvocationContext().getName();
//获取参数集合
Map parameters = aInvocation.getInvocationContext().getParameters();
....
}
3. 方法拦截器黑白名单可以使用通配符
拦截器代码:
package xx.interceptor;
import xx.action.ProjectAction;
import xx.action.SysDefectAction;
import xx.po.Project;
import xx.po.SysDefect;
import xx.po.User;
import xx.service.IProjectService;
import xx.service.ISysDefectService;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;
import java.util.List; public class OperationInterceptor extends MethodFilterInterceptor {
private ISysDefectService defectService;
private IProjectService projectService; protected String doIntercept(ActionInvocation actionInvocation) throws Exception {
boolean hasAuth = false;
String cunrrentId = "";
Object currentActon =actionInvocation.getAction();
ActionContext actionContext = actionInvocation.getInvocationContext();
User currentUser = (User)actionContext.getSession().get("currentUser");
if(currentUser == null
|| currentUser.getEmployer()==null
|| currentUser.getGroup() == null
|| currentUser.getEmployer().getEmpId()+""==null
)
{
return Action.LOGIN;
}
//获取当前用户的epmId
String empId = currentUser.getEmployer().getEmpId() + ""; if(currentActon instanceof ProjectAction){
//是否第二次检查权限
List<Project> projectList = currentUser.getProjectList();
if (projectList==null || projectList.size()<1){
ProjectAction projectAction = (ProjectAction)currentActon;
cunrrentId = projectAction.getProjId();
projectList = projectService.getProjectsByEmpId(empId);
} //如果获取列表失败,则提示无权限
if(projectList==null || projectList.size()<1){
return "deny";
}else {
currentUser.setProjectList(projectList);
}
for(Project project:projectList){
if(cunrrentId.equals(project.getProjId()+"")){
hasAuth = true;
}
}
if(hasAuth){
return actionInvocation.invoke();
} }else if(currentActon instanceof SysDefectAction){
SysDefectAction sysDefectAction = (SysDefectAction)currentActon;
List<SysDefect> sysDefectList = defectService.getSysDefectsByEmpId(empId);
if(sysDefectList==null || sysDefectList.size()<1){
return "deny";
}else {
currentUser.setSysDefectList(sysDefectList);
}
for(SysDefect sysDefect:sysDefectList){
if(cunrrentId.equals(sysDefect.getDefId()+"")){
hasAuth = true;
}
}
if(hasAuth){
return actionInvocation.invoke();
}
}
return "deny"; //To change body of implemented methods use File | Settings | File Templates.
} public ISysDefectService getDefectService() {
return defectService;
} public void setDefectService(ISysDefectService defectService) {
this.defectService = defectService;
} public IProjectService getProjectService() {
return projectService;
} public void setProjectService(IProjectService projectService) {
this.projectService = projectService;
}
}
Spring配置:
<bean id="authorityInterceptor" class="xx.interceptor.AuthorityInterceptor"/> <bean id="operationInterceptor" class="xx.interceptor.OperationInterceptor">
<property name="defectService" ref="sysDefectService"/>
<property name="projectService" ref="projectService" />
<!-- 白名单属性配置,注意*的用法 -->
<property name="includeMethods">
<value>*Modify,*Delete</value>
</property>
</bean>
struts2配置:
<interceptors>
<interceptor name="loginInterceptor" class="authorityInterceptor"/>
<interceptor name="operationInterceptor" class="operationInterceptor"/> <interceptor-stack name="authInterceptor-stack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="loginInterceptor"/>
<interceptor-ref name="operationInterceptor"/> </interceptor-stack> </interceptors>