1 2 3 4 5 6 7 8 9 10 11 | <bean id="userSalarySecurity" class="org.springframework.security.access.intercept.aspectj. AspectJMethodSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager" /> <property name="accessDecisionManager" ref="accessDecisionManager" /> <property name="securityMetadataSource"> <value> mycompany.service.UserService.raiseSalary=ROLE_MANAGER </value> </property> </bean> |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | public aspect SalaryManagementAspect { private AspectJMethodSecurityInterceptor securityInterceptor; private UserDao userDao; pointcut salaryChange(): target(UserService) && execution(public void raiseSalary(..)) &&!within(SalaryManagementAspect); Object around(): salaryChange() { if (this.securityInterceptor == null) { return proceed(); } AspectJCallback callback = new AspectJCallback() { public Object proceedWithObject() { return proceed(); } }; Object[] args = thisJoinPoint.getArgs(); String employee = (String) args[0]; // 要修改的员工的用户名 User user = userDao.getByUsername(employee); String currentUser = UsernameHolder.getAuthenticatedUsername(); // 当前登录用户 if (!currentUser.equals(user.getManagerId())) { throw new AccessDeniedException ("Only the direct manager can change the salary."); } return this.securityInterceptor.invoke(thisJoinPoint, callback); } } |
欢迎光临 电子技术论坛_中国专业的电子工程师学习交流社区-中电网技术论坛 (http://bbs.eccn.com/) | Powered by Discuz! 7.0.0 |