package cn.ksource.core.web;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpSession;
|
|
import org.apache.commons.lang.StringUtils;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.ModelAndView;
|
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
|
import cn.ksource.config.SysConfigConstants;
|
import cn.ksource.core.Permission;
|
import cn.ksource.web.SysConstants;
|
|
/**
|
* FreeMarker视图拦截器,页面展示之前做一些通用处理
|
* @version V1.0.0
|
* @author 杨凯
|
* @date Dec 12, 2013 4:20:04 PM
|
*/
|
public class FreeMarkerViewInterceptor extends HandlerInterceptorAdapter {
|
|
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception arg3) throws Exception {
|
|
}
|
|
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView view) throws Exception {
|
String contextPath = request.getContextPath();
|
if (view != null) {
|
request.setAttribute("base", contextPath);
|
request.setAttribute("common_static", contextPath);
|
}
|
}
|
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
|
//处理Permission Annotation,实现方法级权限控制
|
HandlerMethod method = (HandlerMethod)handler;
|
Permission permission = method.getMethodAnnotation(Permission.class);
|
|
//如果为空在表示该方法不需要进行权限验证
|
if (permission == null) {
|
return true;
|
}
|
|
//验证是否具有权限
|
if (!WebUtil.hasPower(request, permission.value())) {
|
response.sendRedirect(request.getContextPath()+"/business/nopermission.html");
|
return false;
|
}
|
return true;
|
|
|
//注意此处必须返回true,否则请求将停止
|
//return true;
|
}
|
|
}
|
