|
1 | 1 | package com.glaum.login.configuration; |
2 | 2 |
|
3 | 3 | import java.io.IOException; |
4 | | -import java.lang.reflect.Field; |
5 | 4 | import java.lang.reflect.Method; |
6 | | -import java.util.Arrays; |
7 | 5 | import java.util.List; |
8 | 6 |
|
9 | 7 | import javax.servlet.http.HttpServletRequest; |
|
14 | 12 | import org.aspectj.lang.annotation.Aspect; |
15 | 13 | import org.aspectj.lang.annotation.Before; |
16 | 14 | import org.aspectj.lang.reflect.MethodSignature; |
17 | | -import org.springframework.beans.factory.annotation.Autowired; |
18 | 15 | import org.springframework.stereotype.Component; |
| 16 | +import org.springframework.web.context.request.RequestAttributes; |
| 17 | +import org.springframework.web.context.request.RequestContextHolder; |
| 18 | +import org.springframework.web.context.request.ServletRequestAttributes; |
19 | 19 |
|
20 | | -import com.glaum.login.entity.permission; |
| 20 | +import com.glaum.login.entity.Permission; |
21 | 21 | import com.google.common.collect.Lists; |
22 | 22 |
|
23 | 23 | import groovy.util.logging.Slf4j; |
|
27 | 27 | @Component |
28 | 28 | public class AuthAspect { |
29 | 29 |
|
| 30 | + @Before("@annotation(Authorized) && args() ") |
| 31 | + public static void before(JoinPoint jointpoint) { |
30 | 32 |
|
| 33 | + boolean authallowuser = false; |
| 34 | + int roleid = 0; |
| 35 | + List<Permission> lstofpermission = Lists.newArrayList(); |
| 36 | + int bit = -1; |
31 | 37 |
|
32 | | - |
33 | | - @Before("@annotation(Authorized) && args(httpSession,request,res) ") |
34 | | - public static void before(JoinPoint jt,HttpSession httpSession,HttpServletRequest request,HttpServletResponse res){ |
35 | | - |
36 | | - boolean authper=false; |
37 | | - String roleid=""; |
38 | | - List<permission> lstobj=Lists.newArrayList(); |
39 | | - int bit=-1; |
40 | | - |
41 | | - MethodSignature signature = (MethodSignature) jt.getSignature(); |
42 | | - Method method = signature.getMethod(); |
43 | | - |
44 | | - Authorized objauth=method.getAnnotation(Authorized.class); |
45 | | - String[] arrofpermission = objauth.keys(); |
46 | | - System.out.println("printing aspect val"+((Arrays.toString(arrofpermission)))); |
47 | | - |
48 | | - |
| 38 | + MethodSignature signature = (MethodSignature) jointpoint.getSignature(); |
| 39 | + Method method = signature.getMethod(); |
| 40 | + Authorized objauthorized = method.getAnnotation(Authorized.class); |
| 41 | + String[] arrayofpermission = objauthorized.keys(); |
49 | 42 |
|
50 | | - |
51 | | - for (Field f : httpSession.getClass().getDeclaredFields()) { |
52 | | - f.setAccessible(true); |
53 | | - Object o; |
54 | | - try { |
55 | | - HttpSession s= (HttpSession) f.get(httpSession); |
56 | | - lstobj= (List<com.glaum.login.entity.permission>) s.getAttribute("permissionval"); |
57 | | - roleid=s.getAttribute("roleid").toString(); |
58 | | - } catch (Exception e) { |
59 | | - o = e; |
60 | | - } |
61 | | - } |
62 | | - // System.out.println("role"+roleid); |
63 | | - for(String s:arrofpermission) |
64 | | - { |
65 | | - for (permission per : lstobj) { |
66 | | - if (per.getname().equalsIgnoreCase(s)) { |
67 | | - bit=per.getbit(); |
68 | | - if((Integer.parseInt(roleid) & bit) == bit) |
69 | | - { |
70 | | - authper=true; |
71 | | - } |
72 | | - } |
73 | | - } |
74 | | - } |
75 | | -// System.out.println((Integer.parseInt(roleid) & bit) == bit); |
76 | | -// authper=((Integer.parseInt(roleid) & bit) == bit); |
77 | | - if(!authper) |
78 | | - try { |
79 | | - res.sendRedirect(request.getContextPath() + "/accessdenied"); |
80 | | - } catch (IOException e) { |
81 | | - // TODO Auto-generated catch block |
82 | | - e.printStackTrace(); |
83 | | - } |
| 43 | + RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes(); |
| 44 | + HttpServletRequest httprequest = ((ServletRequestAttributes) requestAttributes).getRequest(); |
| 45 | + HttpServletResponse httpresponse = ((ServletRequestAttributes) requestAttributes).getResponse(); |
| 46 | + HttpSession session = httprequest.getSession(); |
84 | 47 |
|
85 | | - } |
86 | | -// |
| 48 | + roleid = (int) session.getAttribute("roleid"); |
| 49 | + lstofpermission = (List<com.glaum.login.entity.Permission>) session.getAttribute("permissionval"); |
87 | 50 |
|
| 51 | + for (String permissionreq : arrayofpermission) { |
| 52 | + for (Permission availablepermission : lstofpermission) { |
| 53 | + if (availablepermission.getname().equalsIgnoreCase(permissionreq)) { |
| 54 | + bit = availablepermission.getbit(); |
| 55 | + if ((roleid & bit) == bit) { |
| 56 | + authallowuser = true; |
| 57 | + } |
| 58 | + } |
| 59 | + } |
| 60 | + } |
88 | 61 |
|
| 62 | + if (!authallowuser) |
| 63 | + try { |
| 64 | + httpresponse.sendRedirect(httprequest.getContextPath() + "/accessdenied"); |
| 65 | + } catch (IOException e) { |
| 66 | + e.printStackTrace(); |
| 67 | + } |
89 | 68 |
|
| 69 | + } |
| 70 | +// |
90 | 71 |
|
91 | | - |
92 | 72 | } |
0 commit comments