SSM和Spring Security的整合后台权限基础框架的代码详情-代码-最代码

首页>代码>SSM和Spring Security的整合后台权限基础框架>/mis/src/main/java/com/haoyu/security/MyInvocationSecurityMetadataSource.java
package com.haoyu.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;

import com.haoyu.system.dao.UserMapper;
import com.haoyu.system.domain.Role;
import com.haoyu.system.domain.Webresdb;
import com.haoyu.system.service.UserServiceImpl;

public class MyInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

	private static Map<String, Collection<ConfigAttribute>> resourceMap = null;

	@Autowired
	private UserMapper userMapper;
	
	// 加载所有资源与角色的关系
    public void loadResourceDefine() {
		resourceMap = null;
        resourceMap = new ConcurrentHashMap<String, Collection<ConfigAttribute>>();
        List<Webresdb> metaDataSourceList = this.userMapper.findWebresdbList();
        if(!metaDataSourceList.isEmpty()){
        	
        	Collection<ConfigAttribute> configAttributes;
        	ConfigAttribute configAttribute;
        	List<Role> roleslist;
        	String roles_;
        	String[] roles;
        	for(Webresdb metaDataSource : metaDataSourceList){
        		// 以权限名封装为Spring的security Object
        		configAttributes = new ArrayList<ConfigAttribute>();
        		//roleslist = userMapper.findRoleList();
        		roles_ = metaDataSource.getRoles();
        		if(!"".equals(roles_)) {
        			configAttributes.add(new SecurityConfig("ROLE_TEMP"));
        			roles = roles_.split(",");
        			for(String role : roles) {
        				configAttribute = new SecurityConfig(role);
        				configAttributes.add(configAttribute);
        			}
        			resourceMap.put(metaDataSource.getProtect(), configAttributes);
        		}else {
        			//处理没有对应角色的资源，防止没有角色对应的资源被所有用户访问   陈蹦   20140801
        			configAttributes.add(new SecurityConfig("ROLE_TEMP"));
        			resourceMap.put(metaDataSource.getProtect(), configAttributes);
        		}
        	}
        }
    }
	
	public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
		
		if (resourceMap == null) {
            loadResourceDefine();
        }
		
        HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
        String requestUrl = ((FilterInvocation) object).getRequestUrl();
        int index = requestUrl.lastIndexOf("/");
        if(index > -1){
        	
        	requestUrl = requestUrl.substring(index);
        	
        	Pattern p = Pattern.compile("\\s*|\t|\r|\n");      
            Matcher m = p.matcher(requestUrl);      
            requestUrl = m.replaceAll("");
        	int inp = requestUrl.indexOf("?");
        	if(inp > -1){
        		requestUrl = requestUrl.substring(0, inp);
        	}
        	Collection<ConfigAttribute> configAttributes = resourceMap.get(requestUrl);
        	System.out.println(configAttributes);
        	if(configAttributes != null && !configAttributes.isEmpty()){
        		return configAttributes;
        	}
        }
		
//        return SecurityConfig.createList("ROLE_TEMP");
        return null;
	}

	public Collection<ConfigAttribute> getAllConfigAttributes() {
		return null;
	}

	public boolean supports(Class<?> clazz) {
		return true;
	}
	
	
}