每個軟件中都有權限這個功能,搞了個通過tag實現的方法,復用性很強,
psy-operation.tld
Xml代碼
<?xml version="1.0" encoding="UTF-8" ?>?
<taglib xmlns="??? xmlns:xsi="??? xsi:schemaLocation="http://www.blog.com.cn/http://java.sun.com/xml/ns/j2ee??? version="? <description>?
?psychcn 標記庫 1.0??
? </description>?
? <tlib-version>1.0</tlib-version>?
? <short-name>psydict</short-name>?
? <uri>http://www.psychcn.com/taglibs</uri>?
??? <tag>?
??? <name>op</name>?
??? <description>權限標簽</description>?
??? <tag-class>com.psychcn.web.tags.OperationTag</tag-class>?
?<body-content>scriptless</body-content>?
??????
??? <attribute>?
?????? <name>code</name>?
?????? <required>true</required>?
?????? <rtexprvalue>true</rtexprvalue>?
??? </attribute>?
??? <attribute>?
?????? <name>opset</name>?
?????? <required>false</required>?
?????? <rtexprvalue>true</rtexprvalue>?
??? </attribute>??????
? </tag>?
</taglib>?
<?xml version="1.0" encoding="UTF-8" ?>
<taglib xmlns="??? xmlns:xsi="??? xsi:schemaLocation="http://www.blog.com.cn/http://java.sun.com/xml/ns/j2ee??? version="? <description>
?psychcn 標記庫 1.0
? </description>
? <tlib-version>1.0</tlib-version>
? <short-name>psydict</short-name>
? <uri>http://www.psychcn.com/taglibs</uri>
??? <tag>
??? <name>op</name>
??? <description>權限標簽</description>
??? <tag-class>com.psychcn.web.tags.OperationTag</tag-class>
?<body-content>scriptless</body-content>
???
??? <attribute>
?????? <name>code</name>
?????? <required>true</required>
?????? <rtexprvalue>true</rtexprvalue>
??? </attribute>
??? <attribute>
?????? <name>opset</name>
?????? <required>false</required>
?????? <rtexprvalue>true</rtexprvalue>
??? </attribute>???
? </tag>
</taglib>
OperationTag.java
Java代碼
import javax.servlet.jsp.JspException;??
import javax.servlet.jsp.tagext.SimpleTagSupport;??
?
import java.io.IOException;??
import java.util.*;??
?
public class OperationTag extends SimpleTagSupport {??
?private Set operation_set;??
?private String default_operation_set_name = "ops";??
?private String code;??
???
?public void setCode(String code) {??
? this.code = code;??
?}??
?public void setOpset(Set operation_set) {??
? this.operation_set = operation_set;??
?}??
?public void setOpsetName(String name) {??
? this.default_operation_set_name= name;??
?}??
???
?public void doTag() throws JspException, IOException{??
? //session中沒有設置權限HashSet,給默認值??
? if (operation_set==null) {??
?? Object o = this.getJspContext().findAttribute(default_operation_set_name);??
?? if (o instanceof Set)??
??? operation_set = (Set)o;??
? }??
????
? if (code == null || operation_set == null)??
?? throw new JspException("標簽屬性無效,無法執行!");??
????
? //這里支持多個code,用','分割,有一個符合條件就輸出,全部不滿足則不輸出(注意不能有空格,區分大小寫)??
? String[] codes = code.split(",");??
? for (String s : codes) {??
?? if (operation_set.contains(s)) {??
??? this.getJspBody().invoke(this.getJspContext().getOut());??
??? return;??
?? }??
? }??
?}??
}?
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.SimpleTagSupport;
import java.io.IOException;
import java.util.*;
public class OperationTag extends SimpleTagSupport {
?private Set operation_set;
?private String default_operation_set_name = "ops";
?private String code;
?
?public void setCode(String code) {
? this.code = code;
?}
?public void setOpset(Set operation_set) {
? this.operation_set = operation_set;
?}
?public void setOpsetName(String name) {
? this.default_operation_set_name= name;
?}
?
?public void doTag() throws JspException, IOException{
? //session中沒有設置權限HashSet,給默認值
? if (operation_set==null) {
?? Object o = this.getJspContext().findAttribute(default_operation_set_name);
?? if (o instanceof Set)
??? operation_set = (Set)o;
? }
?
? if (code == null || operation_set == null)
?? throw new JspException("標簽屬性無效,無法執行!");
?
? //這里支持多個code,用','分割,有一個符合條件就輸出,全部不滿足則不輸出(注意不能有空格,區分大小寫)
? String[] codes = code.split(",");
? for (String s : codes) {
?? if (operation_set.contains(s)) {
??? this.getJspBody().invoke(this.getJspContext().getOut());
??? return;
?? }
? }
?}
}
?
?
底層查找權限接口:
OperationService.java
Java代碼
public java.util.HashSet<String> findByUserId(String userId) throws Exception;??
實現接口類:(//通過USERID找到對應的operation的code)??
?
OperationServiceImpImp.java??
?
?public java.util.HashSet<String> findByUserId(String userId) throws Exception{??
? Session s = getSession();??
? Transaction tx = s.beginTransaction();??
????
? String sql = "select DISTINCT o.code from users u " +??
????? "inner join groupmember gm on u.userId=gm.user_Id " +???
????? "inner join groupacl ga on gm.group_id=ga.group_id " +??
????? "inner join operation o on ga.op_id = o.id " +??
????? "where u.userId=?";??
? Query q = s.createSQLQuery(sql).setString(0,userId);??
? List<Object> ls = q.list();??
? HashSet ops = new HashSet();??
? for(Object object : ls){??
?? ops.add(object);??
? }??
? tx.commit();??
? releaseSession(s);??
????
? return ops;??
?}?
public java.util.HashSet<String> findByUserId(String userId) throws Exception;
實現接口類:(//通過USERID找到對應的operation的code)
OperationServiceImpImp.java
?public java.util.HashSet<String> findByUserId(String userId) throws Exception{
? Session s = getSession();
? Transaction tx = s.beginTransaction();
?
? String sql = "select DISTINCT o.code from users u " +
????? "inner join groupmember gm on u.userId=gm.user_Id " +
????? "inner join groupacl ga on gm.group_id=ga.group_id " +
????? "inner join operation o on ga.op_id = o.id " +
????? "where u.userId=?";
? Query q = s.createSQLQuery(sql).setString(0,userId);
? List<Object> ls = q.list();
? HashSet ops = new HashSet();
? for(Object object : ls){
?? ops.add(object);
? }
? tx.commit();
? releaseSession(s);
?
? return ops;
?}
這樣,在用戶登錄時,可以把該用戶的權限HashSet裝載到Session中
?
//把當前用戶的權限添加到HashSet
??
Java代碼
HashSet ops = AppResource.operationService.findByUserId(user.getUserId());??
session.setAttribute("ops",ops);?
HashSet ops = AppResource.operationService.findByUserId(user.getUserId());
session.setAttribute("ops",ops);
最后,在JSP中就可以簡單的使用標簽來判斷有沒有某個權限,沒有則不顯示
Xml代碼
<%@ taglib prefix="psy" uri="<psy:op code="Finance_Payment">看你有沒有權限讓我顯示</psy:op>?
<%@ taglib prefix="psy" uri="<psy:op code="Finance_Payment">看你有沒有權限讓我顯示</psy:op>
?
OK!可以根據需要修改。