power_cz/power-admin/src/main/java/com/manage/controller/PermissionsController.java

package com.manage.controller;

import com.manage.annotation.RequiresPermissions;
import com.manage.entity.Power_User;
import com.manage.service.User_Dept_MenuService;
import com.manage.vo.Power_UserVo;
import com.manage.vo.User_Dept_Menu;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.List;
import java.util.Set;

/**
 * @ProjectName:
 * @Description:
 * @Param 传输参数
 * @Return
 * @Author: 曾文和
 * @CreateDate: 2019/8/13 16:13
 * @UpdateUser: 曾文和
 * @UpdateDate: 2019/8/13 16:13
 * @UpdateRemark: 更新说明
 * @Version: 1.0
 */
@Aspect
@Component
public class PermissionsController {
    @Resource
    private User_Dept_MenuService userDeptMenuService;
    // 配置接入点，即为所要记录的action操作目录
    @Pointcut("@annotation(com.manage.annotation.RequiresPermissions)")
    private void controllerAspect() {
    }

    @Around("controllerAspect()")
    public Object around(ProceedingJoinPoint pjp) throws Throwable{
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
                .getRequest();
        // 拦截的实体类，就是当前正在执行的controller
        Object target = pjp.getTarget();
        // 拦截的方法名称。当前正在执行的方法
        String methodName = pjp.getSignature().getName();
        // 拦截的方法参数
        Object[] args = pjp.getArgs();
        // 拦截的放参数类型
        Signature sig = pjp.getSignature();
        MethodSignature msig = null;
        if (!(sig instanceof MethodSignature)) {
            throw new IllegalArgumentException("该注解只能用于方法");
        }
        msig = (MethodSignature) sig;
        Class[] parameterTypes = msig.getMethod().getParameterTypes();
        Object object = null;
        // 获得被拦截的方法
        Method method = null;
        try {
            method = target.getClass().getMethod(methodName, parameterTypes);
        } catch (NoSuchMethodException e1) {
            e1.printStackTrace();
        } catch (SecurityException e1) {
            e1.printStackTrace();
        }

        if (null != method) {
            // 获取方法（此为自定义注解）
            RequiresPermissions op = method.getAnnotation(RequiresPermissions.class);
            //获取注解的值
            String value1 = op.value();
            // 从session获取用户名
            Power_UserVo user = (Power_UserVo) request.getSession().getAttribute("CURRENT_USER");
            //查询用户权限
            if (user.getRoleId() == 0 && user.getRoleId() != -100) {
                object = pjp.proceed();
            }else{
                Boolean flag = false;
                Set<String> menus = user.getMenus();
                if (null != menus && !menus.isEmpty()) {
                    for (String menuUrl : menus) {
                        if (StringUtils.isNoneBlank(menuUrl) && menuUrl.equals(value1)) {
                            flag = true;
                            break;
                        }
                    }
                }
                if (!flag) {
                    throw new PermissionsException();
                } else {
                    object = pjp.proceed();
                }
            }
        }
                /*object = pjp.proceed();
                //接受客户端的数据
                Map<String,String[]> map = request.getParameterMap();
                // 解决获取参数乱码
                Map<String,String[]> newmap = new HashMap<String,String[]>();
                for(Map.Entry<String, String[]> entry : map.entrySet()){
                    String name = entry.getKey();
                    String values[] = entry.getValue();

                    if(values==null){
                        newmap.put(name, new String[]{});
                        continue;
                    }
                    String newvalues[] = new String[values.length];
                    for(int i=0; i<values.length;i++){
                        String value = values[i];
                        value = new String(value.getBytes("iso8859-1"),request.getCharacterEncoding());
                        newvalues[i] = value; //解决乱码后封装到Map中
                    }

                    newmap.put(name, newvalues);*/

                //logBo.setContent(MapperUtil.toJsonStr(newmap));
                //1为执行成功
                //logBo.setCommite((byte) 1);
                // 添加到数据库

                //接受客户端的数据
              /*  Map<String,String[]> map = request.getParameterMap();
                // 解决获取参数乱码
                Map<String,String[]> newmap = new HashMap<String,String[]>();
                for(Map.Entry<String, String[]> entry : map.entrySet()){
                    String name = entry.getKey();
                    String values[] = entry.getValue();
                    if(values==null){
                        newmap.put(name, new String[]{});
                        continue;
                    }
                    String newvalues[] = new String[values.length];
                    for(int i=0; i<values.length;i++){
                        String value = values[i];
                        value = new String(value.getBytes("iso8859-1"),request.getCharacterEncoding());
                        newvalues[i] = value; //解决乱码后封装到Map中
                    }
                    newmap.put(name, newvalues);*/

                //MapperUtil.toJsonStr为自定义的转换工具类
                //logBo.setContent(MapperUtil.toJsonStr(newmap));
                //2为执行失败
                //logBo.setCommite((byte) 2);
                //添加到数据库
        return object;
    }
}