[英]How can you make specific methods in java require admin rights?
我正在創建一個密碼實用程序,該密碼實用程序可供我的客戶端和用戶訪問,但是我希望特定的方法僅由管理員(我的客戶端)而非用戶運行。
有什么選擇可以做到這一點?
以下是為不同用戶使用級別的示例。 我在模仿Java和其他供應商處理日志記錄級別的方式。
通過使用反射,我可以檢查發出請求的用戶是否具有查看該方法的正確用戶級別。
這是一種在運行時篩選出誰可以訪問或不能訪問方法的簡單方法。
package auth;
public enum UserType {
ADMIN(Integer.MIN_VALUE),
SYSTEM(10000),
GENERAL(20000),
NONE(Integer.MAX_VALUE);
int level;
public int getLevel() {
return level;
}
private UserType(int level) {
this.level = level;
}
}
package auth;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface UserLevel {
UserType type() default UserType.GENERAL;
}
import auth.UserLevel;
import auth.UserType;
public class ControlService {
@UserLevel(type=UserType.ADMIN)
public String[] getUsers() {
return new String[] { };
}
@UserLevel(type=UserType.SYSTEM)
public String[] getCommands() {
return new String[] { };
}
@UserLevel(type=UserType.GENERAL)
public String[] getCategories() {
return new String[] { };
}
}
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import auth.UserLevel;
import auth.UserType;
public class UserServiceAccessCheck {
public static void requestMethods(Class<?> serviceClass, UserType type) {
System.out.printf("Methods accessible to %s users...%n", type);
int allowed = 0,
disallowed = 0,
count = 0,
ignore = 0;
for (Method method : serviceClass.getDeclaredMethods()) {
if (method.isAnnotationPresent(UserLevel.class)) {
Annotation annotation = method.getAnnotation(UserLevel.class);
UserLevel level = (UserLevel) annotation;
if (level.type().getLevel() >= type.getLevel()) {
try {
method.invoke(serviceClass.newInstance());
System.out.printf(" %s - Can access? %-13s - allowed %n", ++count, method.getName());
allowed++;
} catch (Throwable ex) {
System.out.printf(" %s - Can access? %-13s - disallowed: %s %n", ++count, method.getName(), ex.getCause());
disallowed++;
}
} else {
System.out.printf(" %s - Can access? %-13s - disallowed%n", ++count, method.getName());
disallowed++;
}
}
}
System.out.printf("%nResult : Total : %d, Allowed: %d, Disallowed: %d, Ignore: %d%n%n",
count, allowed, disallowed, ignore);
}
public static void main(String[] args) throws Exception {
for (UserType type : UserType.values()) {
requestMethods(ControlService.class, type);
}
}
}
Methods accessible to ADMIN users...
1 - Can access? getUsers - allowed
2 - Can access? getCommands - allowed
3 - Can access? getCategories - allowed
Result : Total : 3, Allowed: 3, Disallowed: 0, Ignore: 0
Methods accessible to SYSTEM users...
1 - Can access? getUsers - disallowed
2 - Can access? getCommands - allowed
3 - Can access? getCategories - allowed
Result : Total : 3, Allowed: 2, Disallowed: 1, Ignore: 0
Methods accessible to GENERAL users...
1 - Can access? getUsers - disallowed
2 - Can access? getCommands - disallowed
3 - Can access? getCategories - allowed
Result : Total : 3, Allowed: 1, Disallowed: 2, Ignore: 0
Methods accessible to NONE users...
1 - Can access? getUsers - disallowed
2 - Can access? getCommands - disallowed
3 - Can access? getCategories - disallowed
Result : Total : 3, Allowed: 0, Disallowed: 3, Ignore: 0
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.