MVC button Permission Control

Source: Internet
Author: User

Need to develop a button permission control, thinking: Intercept All button paths, and user-owned 3-level button permissions comparison,

All validation is a method to solve, only need to modify the JS parameters, parameter is the button corresponding to the permission code

If there is any problem please remind, thank you!

Xml:

<mvc:interceptors>        <Mvc:interceptor>            <mvc:mappingPath="/**"/>            <BeanID= "Buttoninterceptor"class= "Sls.interceptor.buttonInterceptor"/>        </Mvc:interceptor>    </mvc:interceptors> 

Buttoninterceptor:

Importjava.util.List;ImportJava.util.logging.Logger;Importjavax.servlet.http.HttpServletRequest;ImportJavax.servlet.http.HttpServletResponse;ImportOrg.springframework.web.servlet.ModelAndView;ImportOrg.springframework.web.servlet.handler.HandlerInterceptorAdapter;ImportSls.system.vo.UserInfoVo;/*** Button Permission control intercept *@authorAdministrator **/ Public classButtoninterceptorextendsHandlerinterceptoradapter {Private Static FinalString[] Ignore_uri = {"/download"}; PrivateLogger log = Logger.getlogger ( This. GetClass (). GetName ());  Public BooleanPrehandle (HttpServletRequest request, httpservletresponse response, Object handler)throwsException {BooleanFlag =false;         Response.reset (); String URL=Request.getrequesturl (). toString (); String parameter= Request.getparameter ("parameter"); Log.info ("&GT;&GT;&GT;:" +URL); Booleanret=false; if(Url.contains ("button") && parameter!=NULL) {Log.info ("Access path contained in button collection is blocked"); Userinfovo Userinfovo= (Userinfovo) request.getsession (). getattribute ("Userinfovo"); String authoritybuttons=Userinfovo.getauthoritybutton (); if(authoritybuttons!=NULL) {string[] Authoritybutton=authoritybuttons.split (",");  for(String String:authoritybutton) {//Log.info (string);                     if(string.equals (parameter)) {Log.info ("Have permission" +parameter); RET=true; }                }             }             if(!ret) {Java.io.PrintWriter out=Response.getwriter (); Out.println (false);                 Out.flush ();             Out.close (); }         }Else{ret=true; }         returnret; } @Override Public voidPosthandle (HttpServletRequest request, httpservletresponse response, Object handler, Modelandview Modelandview)throwsException {Super. Posthandle (Request, response, Handler, Modelandview); }                                    }

Js:

function Downloadproductinfo () {$.post ("Jurisdiction/button.action?parameter=downloadproductinfo", function (e) {if (E.indexof ("false")!=-1) {Alert ("You do not have permission to manipulate this button")}else{$ ("#searchForm"). attr ("Action", "Basicdata/downloadproductinfo.action"); $ ("# Searchform "). Submit ();}})}

Controller

/** * Button Permissions control public method * @return */@RequestMapping ("button") @ResponseBody the publicly String  button () {System.out.println (" Button permissions control public method access successful "); return" ";}

MVC button Permission Control

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.