I want to check user permissions in a service-class before each methods execution. this is my current approach:
appContext.xml:
<bean id="requestSeviceImpl" class="services.impl.RequestSeviceImpl">
<property name="permissionService" ref="permissionServiceImpl" />
...
</bean>
implementation:
public class RequestServiceImpl implements RequestService
{
private PermissionService permissionService;
...
public void setPermissionService(PermissionService permissionService)
{
this.permissionService = permissionService;
}
@Override
@Transactional
public RequestResultModel submitRequest(Request request)
{
if(permissionService.isCurrentUserAuthorized(request,"submit"))
{
//submit request
}
//throw a permission exception
}
@Override
@Transactional
public void sendRequest(Request request)
{
if(permissionService.isCurrentUserAuthorized(request,"send"))
{
//send request
}
//throw a permission exception
}
...
}
All i want is handling permission checking in my custom annotation (@Secure); It should check permission with permissionService and throws permission exception when its necessary. And i don't want re-instantiate requestServiceImpl or permissionServiceImpl classes (it should use spring beans):
@Override
@Transactional
@Secure(...)
public RequestResultModel submitRequest(Request request)
{
//submit request
}
How can i do this?
About the only way I can think of is via Aspect Oriented Programming (AOP) . You could use either Spring AOP or AspectJ. You may want to look at the book AspectJ in Action . The first chapter is available as a sample and will explain what you can do with AspectJ. Subsequent chapters use example code that does exactly what you are trying to do, secure a method.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.