📄 abstractrightaction.java
字号:
package com.isoftstone.isscrmweb.web.struts;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.Action;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pontifex.web.mapping.LoginUser;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.ServletContext;
import javax.servlet.ServletConfig;
import java.util.*;
/**
* Created by IntelliJ IDEA.
* User: Songzou
* Date: 2007-4-8
* Time: 11:11:11
*
* 权限控制器 ,主要解决登陆权限验证
*/
public abstract class AbstractRightAction extends Action {
protected static final Log log = LogFactory
.getLog(AbstractRightAction.class);
protected static final String LOGIN_USER_KEY = "loginUser"; // 登录用户在session中的key
protected static final String LOGIN_USER_ACTION_KEY = "rightAction"; // 登录用户动作在session中的key
protected static final String ERROR_PAGE = "error"; // 异常错误页面
protected static final String MESSAGE_PAGE = "message"; // 普通消息页面
protected static final String SUCCESS_PAGE = "success"; // 成功页面
protected static final String ERROE_MESSAGE = "error"; // 错误消息Key值
private boolean checkLogin = true; // 是否判断登录
private boolean checkAction = true; // 是否判断具体权限动作
protected ActionMapping mapping;
protected ActionForm form;
protected HttpServletRequest request;
protected HttpServletResponse response;
protected HttpSession session;
protected ServletConfig servletConfig;
protected ServletContext servletContext;
private String parameter; // 分发方法的KEY值
protected String path; // 请求path
protected String actionPath; // 自己生成的path路径
protected String method; // 具体的方法
private LoginUser loginUser;
protected Map model;
/**
* 主要权限验证方法
* @param mapping
* @param form
* @param request
* @param response
* @return
* @throws Exception
*/
public final ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws Exception {
try {
model = new HashMap();
this.servletConfig = this.getServlet().getServletConfig();
this.servletContext = servletConfig.getServletContext();
this.form = form;
this.mapping = mapping;
this.session = getSession(request);
this.request = request;
this.response = response;
loginUser = getLoginUser();
path = mapping.getPath();
parameter = mapping.getParameter();
method = request.getParameter(parameter); // 取具体方法
StringBuffer str = new StringBuffer();
str.append("/");
String url = getRelativeURI(request);
str.append(url);
str.append("?");
str.append(parameter);
str.append("=");
str.append(method);
actionPath = str.toString();
log.info(actionPath);
if (method == null || method.equals("")) {
log.error("异常: " + path + " 未配置 parameter 参数");
throw new NullPointerException("分发KEY错误");// 方法有误
}
// 是否判断登陆
if (!checkLogin) {
// 不需要验证登陆 直接放行
log.info("不需要登陆验证");
return handRequestLogic(mapping, form, request, response);
} else {
// 需要验证登陆
if (!isLoginUser(loginUser)) {
// 没有登陆
log.info("没有登陆");
return viewAndMessage(
"没有登陆或连接超时",
"loginOut();",
"重新登陆");// 返回到登陆页面
}
}
if (!checkAction) {
// 不判断具体动作 直接放行
log.info("不需要判断具体权限");
return handRequestLogic(mapping, form, request, response);
} else {
// 判断是否有访问权限
if (isActionUser(request)) {// 有-放行
log.info("具有权限通过");
return handRequestLogic(mapping, form, request, response);
}
// 没有权限访问
log.info("没有具体权限");
return viewAndMessage("没有权限访问", null, null);
}
} catch (Exception e) {
e.printStackTrace();
log.error("异常" + e.getCause());
request.setAttribute(ERROE_MESSAGE, e);
return mapping.findForward(ERROR_PAGE);
}
}
/**
* 返回成功页面<br>
* 用于清空重复提交标记
*
* @param message
* @param list
* @return
*/
public ActionForward viewAndSuccess(String message,List list){
request.setAttribute("message", message);
if (list != null&&!list.isEmpty()) {
request.setAttribute("urllist", list);
}
return mapping.findForward(SUCCESS_PAGE);
}
/**
* 返回消息页面
* @param message
* @param url
* @param urlmessage
* @return mapping
*/
public ActionForward viewAndMessage(String message, String url,
String urlmessage) {
request.setAttribute("message", message);
if (url != null) {
List<String> list = new ArrayList<String>();
String url_ = "";
if(url.indexOf("(")>0){
url_ = makeUrl(url,urlmessage);
} else{
url_ = makeHref(url,urlmessage);
}
list.add(url_);
return viewAndMessage(message,list);
}
return mapping.findForward(MESSAGE_PAGE);
}
/**
* 返回消息页 ,支持多个链接
* @param message
* @param list
* @return mapping
*/
public ActionForward viewAndMessage(String message, List list) {
request.setAttribute("message", message);
if (list != null&&!list.isEmpty()) {
request.setAttribute("urllist", list);
}
return mapping.findForward(MESSAGE_PAGE);
}
/**
* 生成调用javascript函数的链接
* @param url
* @param urlMessage
* @return 链接地址
*/
public String makeUrl(String url,String urlMessage){
return "<a href=\"###\" onClick=\"" + url + "\">【" + urlMessage + "】</a>";
}
/**
* 生成超连接
* @param url
* @param urlMessage
* @return 链接地址
*/
public String makeHref(String url,String urlMessage){
return "<a href=\"###\" onClick=\"link('" + url + "');\">【" + urlMessage + "】</a>";
}
/**
* 获得站点的实际路径名
*
* @return String
*/
public final String getRealPath() {
return getApplication().getRealPath("/");
}
/**
* 获得全局对象
*
* @return ServletContext
*/
public final ServletContext getApplication() {
return servletContext;
}
/**
* 获得站点的实际路径名
*
* @param character
* @return String
*/
public final String getRealPath(String character) {
return getApplication().getRealPath(character);
}
/**
* 获得站点上下文的path
*
* @param request
* @return String
*/
public final String getContextPath(HttpServletRequest request) {
return request.getContextPath();
}
/**
* 获得实际请求动作 如:/project/budgetOrgAdd.c2
*
* @param request
* @return String
*/
public final String getRequestURI(HttpServletRequest request) {
return request.getRequestURI();
}
/**
* 获得相对请求动作 如:budgetOrgAdd.c2
*
* @param request
* @return String
*/
public final String getRelativeURI(HttpServletRequest request) {
return request.getPathInfo() == null ? request.getServletPath()
.substring(1) : request.getPathInfo().substring(1);
}
/**
* 获得全部的请求动作字符串 如:http://localhost/project/budgetOrgAdd.c2
*
* @param request
* @return String
*/
public final String getRequestURL(HttpServletRequest request) {
return request.getRequestURL().toString();
}
/**
* 获得实际请求动作的前缀 如 http://localhost/project
*
* @param request
* @return String
*/
public final String getRequestPreURL(HttpServletRequest request) {
String requestURL = getRequestURL(request);
String contextPath = getContextPath(request);
String requestURI = getRequestURI(request);
return requestURL.substring(0, requestURL.length()
- requestURI.length())
+ contextPath;
}
/**
* 判断用户是否具有该权限
*
* @param request2
* @return boolean
*/
private boolean isActionUser(HttpServletRequest request2) {
Set set = (Set) request2.getSession().getAttribute(
LOGIN_USER_ACTION_KEY);
if (set == null)
return false;
return set.contains(actionPath);
}
/**
* 判断用户是否登录
*
* @param loginUser
* @return boolean
*/
private boolean isLoginUser(LoginUser loginUser) {
return loginUser != null;
}
/**
* 获得会话中的登录用户对象
*
* @return LoginUser
*/
public final LoginUser getLoginUser() {
return (LoginUser) session.getAttribute(LOGIN_USER_KEY);
}
/**
* 获得会话中的登录用户对象
*
* @return LoginUser
*/
public final LoginUser getLoginUser(HttpSession session) {
return (LoginUser) session.getAttribute(LOGIN_USER_KEY);
}
/**
* 获得服务器类型和版本
*
* @return String
*/
public final String getServerInfo() {
return getApplication().getServerInfo();
}
public final boolean isCheckAction() {
return checkAction;
}
public final void setCheckAction(boolean checkAction1) {
checkAction = checkAction1;
}
public final boolean isCheckLogin() {
return checkLogin;
}
public final void setCheckLogin(boolean checkLogin1) {
checkLogin = checkLogin1;
}
public final HttpSession getSession() {
return session;
}
public final void setSession(HttpSession session) {
this.session = session;
}
public final HttpSession getSession(HttpServletRequest request) {
return request.getSession(true);
}
/**
* 抽象方法:逻辑验证 权限验证过后 执行各个模块的功能
*
* @param mapping
* @param form
* @param request
* @param response
* @return mapping
*/
protected abstract ActionForward handRequestLogic(ActionMapping mapping,
ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -