1.拦截器中的代码
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String sessionId = CookieUtil.readLoginToken(request); //获取当前的权限地址 /bg/dicUser/toDicUserList;jsessionid=1F3EA8235E7FD7322DBDD01795F0926C String requestURI = request.getRequestURI(); List<String> str = Splitter.on(";").splitToList(requestURI); String aclUrl = str.get(0); //从redis中获取该用户的权限列表 String allURIByRoleId = RedisPoolUtil.get(sessionId+Const.CURRENT_URIBYROLEID); List<String> list = JsonUtil.string2Obj(allURIByRoleId, new TypeReference<List<String>>() { }); if (list.contains(aclUrl)){ System.err.println("通过,拦截路径" + aclUrl); return true; }else{ System.err.println("没有权限"); //如果request.getHeader("X-Requested-With") 返回的是"XMLHttpRequest"说明就是ajax请求,需要特殊处理 否则直接重定向就可以了 if("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))){ //告诉ajax我是重定向 response.setHeader("REDIRECT", "REDIRECT"); //告诉ajax我重定向的路径 response.setHeader("CONTENTPATH", "/jump/no_permission"); response.setStatus(HttpServletResponse.SC_FORBIDDEN); }else{ response.sendRedirect("/jump/no_permission"); } return false; } }
2.ajax请求 加入 complete 处理
layer.confirm('真的删除行么', function (index) { $.ajax({ url: '/bg/dicRole/del', type: 'post', dataType: 'json', data: {roleId: data.roleId}, success: function (data) { if (data.code == "200") { layer.msg(data.msg, {icon: 1, time: 500}, function () { window.location.reload(); }); } else { layer.msg(data.msg, {icon: 2, time: 1000}); } }, complete : function(xhr, status) { //拦截器拦截没有权限跳转 // 通过xhr取得响应头 var REDIRECT = xhr.getResponseHeader("REDIRECT"); //如果响应头中包含 REDIRECT 则说明是拦截器返回的 if (REDIRECT == "REDIRECT") { document.location.href = xhr.getResponseHeader("CONTEXTPATH"); } } }) });