import java.lang.annotation.Documented; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * Annotation which indicates the annotated method must be secured. */ @Target({ ElementType.METHOD }) @Retention(RetentionPolicy.RUNTIME) @Documented public @interface EnableDataSecurity { /** * 启用当前机构条件开关 ON/OFF * */ public String enableCurrentOrgCondition() default "ON"; /** * 启用机构货主表关联开关 ON/OFF * */ public String enableOrgOwnerRelation() default "ON"; /** * 启用域管理员创建货主 所属域开放权限开关 ON/OFF,只针对域管理员 * */ public String enableOwnerCreateDomainAuth() default "ON"; }
package com.yundaex.common.security.advice; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.After; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.aspectj.lang.annotation.Pointcut; import org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint; import org.springframework.stereotype.Component; import com.yundaex.common.security.annotation.EnableDataSecurity; import com.yundaex.common.security.context.WMSSecurityContext; @Aspect @Component("enableDataSecurityAroundAdvice") public class EnableDataSecurityAroundAdvice { //private static final Logger logger = Logger.getLogger(EnableDataSecurityAroundAdvice.class); /*public EnableDataSecurityAroundAdvice() { logger.debug("EnableDataSecurityAroundAdvice initial success"); }*/ @Pointcut(value = "@annotation(enableDataSecurity)", argNames = "enableDataSecurity") protected void enableDataSecurity(EnableDataSecurity enableDataSecurity) {} /** * indicate the method should be exeucte the data security operation. * */ // @SuppressWarnings("rawtypes") @Before(value = "enableDataSecurity(enableDataSecurity)", argNames="enableDataSecurity") public void before(JoinPoint joinPoint, EnableDataSecurity enableDataSecurity) throws Throwable { // Class clazz = joinPoint.getTarget().getClass(); if (MethodInvocationProceedingJoinPoint.class.isAssignableFrom(joinPoint.getClass())) { MethodInvocationProceedingJoinPoint methodInvocationProceedingJoinPoint = (MethodInvocationProceedingJoinPoint) joinPoint; final String methodName = methodInvocationProceedingJoinPoint.getSignature().getName(); // String methodSignature = clazz.getName() + methodName; String enableCurrentOrgCondition = enableDataSecurity.enableCurrentOrgCondition(); String enableOrgOwnerRelation = enableDataSecurity.enableOrgOwnerRelation(); String enableOwnerCreateDomainAuth = enableDataSecurity.enableOwnerCreateDomainAuth(); String methodSignature = methodName.concat("&") .concat(enableCurrentOrgCondition) .concat("&").concat(enableOrgOwnerRelation) .concat("&").concat(enableOwnerCreateDomainAuth); //set to thread local to proceeding WMSSecurityContext.getDataSecurityMethodSignature().set(methodSignature); } else { //TODO THROW EXCEPTION TO EXPLAIN "Unsupport in the scenario using annotation 'EnableDataSecurity'" } } @After(value = "enableDataSecurity(enableDataSecurity)", argNames="enableDataSecurity") public void after(JoinPoint joinPoint,EnableDataSecurity enableDataSecurity) throws Throwable { WMSSecurityContext.getDataSecurityMethodSignature().remove(); } }
applicationContext.xml <aop:aspectj-autoproxy proxy-target-class="true"/>