org.springframework.web.bind.annotation.RequestMethod#toString ( )源码实例Demo

下面列出了org.springframework.web.bind.annotation.RequestMethod#toString ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。

源代码1 项目: disconf   文件: RoleResourceAspect.java
/**
 * 判断当前用户对访问的方法是否有权限
 *
 * @param pjp            方法
 * @param requestMapping 方法上的annotation
 *
 * @return
 *
 * @throws Throwable
 */
@Around("anyPublicMethod() && @annotation(requestMapping) && [email protected](com.baidu.dsp.common.annotation.NoAuth)")
public Object decideAccess(ProceedingJoinPoint pjp, RequestMapping requestMapping) throws Throwable {

    // 获取method上的url,若未标注value则默认为空字符串
    String[] values = requestMapping.value();
    String methodUrl = "";
    if (values.length != 0) {
        methodUrl = values[0];
    }

    String clsUrl = pjp.getTarget().getClass().getAnnotation(RequestMapping.class).value()[0];

    // 拼接method和class上标注的url
    if (!clsUrl.endsWith(RoleResourceConstant.URL_SPLITOR) &&
            !methodUrl.startsWith(RoleResourceConstant.URL_SPLITOR)) {
        clsUrl += RoleResourceConstant.URL_SPLITOR;
    }

    String urlPattarn = clsUrl + methodUrl;
    if (!urlPattarn.endsWith(RoleResourceConstant.URL_SPLITOR)) {
        urlPattarn += RoleResourceConstant.URL_SPLITOR;
    }

    if (noAuthCheckUrl != null && noAuthCheckUrl.contains(urlPattarn)) {

        LOG.info("don't need to check this url: " + urlPattarn);
    } else {

        // 获取method上标注的http method,若未标注method则默认为GET
        RequestMethod[] methods = requestMapping.method();
        RequestMethod methodType = RequestMethod.GET;
        if (methods.length != 0) {
            methodType = methods[0];
        }

        String urlInfo = urlPattarn + ", method:" + methodType.toString();

        // 获取用户角色
        Visitor visitor = ThreadContext.getSessionVisitor();
        if (visitor == null) {
            LOG.warn("No session visitor!");
            throw new AccessDeniedException("No session visitor! " + urlInfo);
        }
        Integer roleId = visitor.getRoleId();
        String visitorInfo = ", UserId:" + visitor.getId() + ", RoleId:" + roleId;

        Boolean isPriviledged = true;
        // 判断用户是否有权限访问方法
        if (!this.isMethodAccessible(urlPattarn, methodType, roleId)) {
            isPriviledged = false;
            throw new AccessDeniedException("Access Denied: " + urlInfo + visitorInfo);
        }
        LOG.info("Accessing URL:" + urlInfo + visitorInfo + ", Is priviledged:" + isPriviledged.toString());
    }

    Object rtnOb = null;

    try {
        // 执行方法
        rtnOb = pjp.proceed();
    } catch (Throwable t) {
        LOG.info(t.getMessage());
        throw t;
    }

    return rtnOb;
}
 
源代码2 项目: disconf   文件: RoleResourceAspect.java
/**
 * 判断当前用户对访问的方法是否有权限
 *
 * @param pjp            方法
 * @param requestMapping 方法上的annotation
 *
 * @return
 *
 * @throws Throwable
 */
@Around("anyPublicMethod() && @annotation(requestMapping) && [email protected](com.baidu.dsp.common.annotation.NoAuth)")
public Object decideAccess(ProceedingJoinPoint pjp, RequestMapping requestMapping) throws Throwable {

    // 获取method上的url,若未标注value则默认为空字符串
    String[] values = requestMapping.value();
    String methodUrl = "";
    if (values.length != 0) {
        methodUrl = values[0];
    }

    String clsUrl = pjp.getTarget().getClass().getAnnotation(RequestMapping.class).value()[0];

    // 拼接method和class上标注的url
    if (!clsUrl.endsWith(RoleResourceConstant.URL_SPLITOR) &&
            !methodUrl.startsWith(RoleResourceConstant.URL_SPLITOR)) {
        clsUrl += RoleResourceConstant.URL_SPLITOR;
    }

    String urlPattarn = clsUrl + methodUrl;
    if (!urlPattarn.endsWith(RoleResourceConstant.URL_SPLITOR)) {
        urlPattarn += RoleResourceConstant.URL_SPLITOR;
    }

    if (noAuthCheckUrl != null && noAuthCheckUrl.contains(urlPattarn)) {

        LOG.info("don't need to check this url: " + urlPattarn);
    } else {

        // 获取method上标注的http method,若未标注method则默认为GET
        RequestMethod[] methods = requestMapping.method();
        RequestMethod methodType = RequestMethod.GET;
        if (methods.length != 0) {
            methodType = methods[0];
        }

        String urlInfo = urlPattarn + ", method:" + methodType.toString();

        // 获取用户角色
        Visitor visitor = ThreadContext.getSessionVisitor();
        if (visitor == null) {
            LOG.warn("No session visitor!");
            throw new AccessDeniedException("No session visitor! " + urlInfo);
        }
        Integer roleId = visitor.getRoleId();
        String visitorInfo = ", UserId:" + visitor.getId() + ", RoleId:" + roleId;

        Boolean isPriviledged = true;
        // 判断用户是否有权限访问方法
        if (!this.isMethodAccessible(urlPattarn, methodType, roleId)) {
            isPriviledged = false;
            throw new AccessDeniedException("Access Denied: " + urlInfo + visitorInfo);
        }
        LOG.info("Accessing URL:" + urlInfo + visitorInfo + ", Is priviledged:" + isPriviledged.toString());
    }

    Object rtnOb = null;

    try {
        // 执行方法
        rtnOb = pjp.proceed();
    } catch (Throwable t) {
        LOG.info(t.getMessage());
        throw t;
    }

    return rtnOb;
}