ユーザー、ロール、パーミッションの一般的な実装方法
3291 ワード
POJO
import java.util.Set;
public class UserVo {
private Integer id;
private String uname;
private String password;
private Level level;
public Level getLevel() {
return level;
}
public void setLevel(Level level) {
this.level = level;
}
public String getUname() {
return uname;
}
public void setUname(String uname) {
this.uname = uname;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
}
public class Level {
private Integer id;
private String levelName;
private Set<Quanxian> qx = new HashSet<Quanxian>(0);
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getLevelName() {
return levelName;
}
public void setLevelName(String levelName) {
this.levelName = levelName;
}
public Set<Quanxian> getQx() {
return qx;
}
public void setQx(Set<Quanxian> qx) {
this.qx = qx;
}
}
public class Quanxian {
private Integer id;
private String quanxian;
private Integer fatherid;
private String url;
public Integer getFatherid() {
return fatherid;
}
public void setFatherid(Integer fatherid) {
this.fatherid = fatherid;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getQuanxian() {
return quanxian;
}
public void setQuanxian(String quanxian) {
this.quanxian = quanxian;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
}
public class AdminLoginCheck extends HttpServlet implements Filter {
// Filter
private FilterConfig filterConfig;
//Handle the passed-in FilterConfig
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
//Process the request/response pair
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) {//System.out.println(this.getClass()+": doFilter()");
HttpServletRequest req = (HttpServletRequest)request;
//System.out.println(req.getServletPath());
HttpServletResponse res = (HttpServletResponse)response;
HttpSession ses = req.getSession();
Uservo uervo =ses.getAttribute("user")
try {//System.out.println("in Adminloginf........");
if(uervo ==null)
{
res.sendRedirect(req.getContextPath());
}else{
Boolean allow= false ;
Set<Quanxian> qxs = uservo.getLevel().getQx();
For(Quanxian o:qxs){
If(o.getUrl().equals(req.getServletPath())){
allow=true;
}
}
If(allow){
filterChain.doFilter(request, response);}
}
} catch (ServletException sx) {
filterConfig.getServletContext().log(sx.getMessage());
} catch (IOException iox) {
filterConfig.getServletContext().log(iox.getMessage());
}
}
//Clean up resources
public void destroy() {
}
}