adminpermissioninterceptor.java

一个jsp写的bbs

package com.laoer.bbscs.web.interceptor;

import net.sf.struts.saif.ActionHaveForwardInterceptor;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionForm;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpSession;
import com.laoer.bbscs.web.servlet.UserSession;
import com.laoer.bbscs.comm.Constant;
import com.laoer.bbscs.bean.Permission;
import org.apache.commons.lang.StringUtils;
import com.laoer.bbscs.comm.AjaxMessagesXML;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.apache.struts.action.ActionMessage;
import com.laoer.bbscs.web.action.ActionUtils;
import org.apache.struts.action.ActionMessages;

/**
 * <p>Title: Tianyi BBS</p>
 *
 * <p>Description: BBSCS</p>
 *
 * <p>Copyright: Copyright (c) 2006</p>
 *
 * <p>Company: Laoer.com</p>
 *
 * @author Gong Tianyi
 * @version 7.0
 */
public class AdminPermissionInterceptor
    implements ActionHaveForwardInterceptor {

  public AdminPermissionInterceptor() {
  }

  /**
   * beforeAction
   *
   * @param action Action
   * @param actionMapping ActionMapping
   * @param actionForm ActionForm
   * @param httpServletRequest HttpServletRequest
   * @param httpServletResponse HttpServletResponse
   * @return ActionForward
   * @throws IOException
   * @throws ServletException
   * @todo Implement this net.sf.struts.saif.ActionHaveForwardInterceptor method
   */
  public ActionForward beforeAction(Action action, ActionMapping actionMapping,
                                    ActionForm actionForm, HttpServletRequest httpServletRequest,
                                    HttpServletResponse httpServletResponse) throws IOException,
      ServletException {
    HttpSession session = httpServletRequest.getSession();
    String ajax = httpServletRequest.getParameter("ajax");
    if (StringUtils.isBlank(ajax)) {
      ajax = "html";
    }
    boolean havePermission = false;
    String saction = StringUtils.trimToEmpty(httpServletRequest.getParameter("action"));
    UserSession us = (UserSession) session.getAttribute(Constant.ADMIN_SESSION_KEY);
    String actionURI = httpServletRequest.getRequestURI();
    //System.out.println(actionURI);
    Permission permission = (Permission) us.getUserPermission().get(actionURI + "?action=*");
    if (permission != null) {
      havePermission = true;
    }
    else {
      permission = (Permission) us.getUserPermission().get(actionURI + "?action=" + saction);
      if (permission != null) {
        havePermission = true;
      }
      else {
        havePermission = false;
      }
    }
    /*
    if (permission != null) {
      if (permission.getAction().equalsIgnoreCase("*")) {
        havePermission = true;
      }
      else {
        if (StringUtils.equalsIgnoreCase(saction, permission.getAction())) {
          havePermission = true;
        }
        else {
          havePermission = false;
        }
      }
    }
    else {
      havePermission = false;
    }*/
    if (havePermission) {
      return null;
    }
    else {
      //System.out.println(ajax);
      if (ajax.equalsIgnoreCase("html")) {
        //System.out.println("html");
        ActionMessages errors = new ActionMessages();
        errors.add("error.noPermission", new ActionMessage("error.noPermission"));
        ActionUtils.addErrors(httpServletRequest, errors);

        return actionMapping.findForward("error");
      }
      else if (ajax.equalsIgnoreCase("shtml")) {
        ActionMessages errors = new ActionMessages();
        errors.add("error.noPermission", new ActionMessage("error.noPermission"));
        ActionUtils.addErrors(httpServletRequest, errors);

        return actionMapping.findForward("htmlError");
      }
      else {
        //System.out.println("xml");
        WebApplicationContext wc = WebApplicationContextUtils.getWebApplicationContext(action.
            getServlet().getServletContext());
        AjaxMessagesXML ajaxMessagesXML = (AjaxMessagesXML) wc.getBean("ajaxMessagesXML");
        ajaxMessagesXML.setMessage(Constant.CODEID_NO_PERMISSION,
                                   Constant.MESSAGE.getMessage(httpServletRequest.getLocale(),
            "error.noPermission"));
        httpServletRequest.setAttribute("xmlo", ajaxMessagesXML.getXmlo());
        httpServletRequest.setAttribute("messagesDocument", ajaxMessagesXML.getMessagesDocument());
        return actionMapping.findForward("ajaxjsp");
      }
    }
  }

  /**
   * afterAction
   *
   * @param action Action
   * @param actionMapping ActionMapping
   * @param actionForm ActionForm
   * @param httpServletRequest HttpServletRequest
   * @param httpServletResponse HttpServletResponse
   * @return ActionForward
   * @throws IOException
   * @throws ServletException
   * @todo Implement this net.sf.struts.saif.ActionHaveForwardInterceptor method
   */
  public ActionForward afterAction(Action action, ActionMapping actionMapping,
                                   ActionForm actionForm, HttpServletRequest httpServletRequest,
                                   HttpServletResponse httpServletResponse) throws IOException,
      ServletException {
    return null;
  }
}