Jun 10

Java serverlet url 权限控制

admin , 15:04 , 编程 » 编程(Java基础) , 评论(0) , 引用(0) , 阅读(3087) , Via 本站原创 | |
搜索
我已经获得阿里云幸运券,准备分享给您。请点击获取  

package com.sizer.webapp.filter;

import java.io.IOException;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.sizer.hygl.webapp.model.Manager;
import com.sizer.qxgl.webapp.model.ActionDetail;
import com.sizer.qxgl.webapp.model.ManagerDetail;

/**
 *功能:
 *创建人:huaxin
 *创建时间:Oct 10, 2008 1:43:29 PM
 *修改者:
 *修改时间:
 */
public class ActionFilter extends HttpServlet implements Filter {

 public void doFilter(ServletRequest request, ServletResponse response,
   FilterChain chain) throws IOException, ServletException {
  HttpServletRequest hreq = (HttpServletRequest) request;
  HttpServletResponse hres = (HttpServletResponse) response;
  String url = hreq.getRequestURI().toString();
  String que = hreq.getQueryString();
  String detail = url + "?" + que;
  ServletContext application = hreq.getSession().getServletContext();
  List<ActionDetail> allList = (List<ActionDetail>)application.getAttribute("allList");
  Manager manager = (Manager)hreq.getSession().getAttribute("manager");
  List<ManagerDetail> detailList = (List<ManagerDetail>)application.getAttribute("detailList");
  boolean bAction = false;
  boolean bAllAction = false;
  if(manager!=null){
   if(manager.getAdmin().equals("0")){
    chain.doFilter(request, response);
   }else{
    if (detailList != null && allList != null) {
     for (ManagerDetail managerDetail : detailList) {
      if (detail.indexOf(managerDetail.getActionDetail().getActionUrl()) >= 0) {
       bAction = true;
       break;
      }
     }
     for (ActionDetail action : allList) {
      if (detail.indexOf(action.getActionUrl()) >= 0) {
       bAllAction = true;
       break;
      }
     }
     if (bAllAction) {
      if (bAction) {
       chain.doFilter(request, response);
      } else {
       hres.sendRedirect("/admin/actionErrors.jsp");
      }
     } else {
      chain.doFilter(request, response);
     }
    }else{
     for (ActionDetail action : allList) {
      if (detail.indexOf(action.getActionUrl()) >= 0) {
       bAllAction = true;
       break;
      }
     }
     if(bAllAction){
      hres.sendRedirect("/admin/actionErrors.jsp");
     }else{
      chain.doFilter(request, response);
     }
    }
   }
  }else{
   for (ActionDetail action : allList) {
    if (detail.indexOf(action.getActionUrl()) >= 0) {
     bAllAction = true;
     break;
    }
   }
   if(bAllAction){
    hres.sendRedirect("/admin/actionErrors.jsp");
   }else{
    chain.doFilter(request, response);
   }
   
  }
 }
 public void init(FilterConfig arg0) throws ServletException {

 }

}