权限子系统与文档处理子系统交织的弊病
如同一个成规模的公司一样,对于一个成规模的应用来说,内中会存在着各种子系统以执行不同的功能,而且为了协调工作,它们往往是交织在一起,就像上一个版本中权限子系统与文档处理子系统交织一样。
子系统交织是必要的,但子系统间过多过紧密的耦合并不合理。因为交织会增加软件系统的熵值,使得系统随着功能的增加和细化变得越来越复杂而难于控制,最后不得不推倒重来,给个人和公司带来巨大的损失。这是软件业普遍的问题,在国内公司和外包公司都不罕见。
因此,在程序的编写过程中,程序员必须有意识的减少子系统之间的交织,使它们离散化,利用Spring的AOP可以有效帮助我们做到这一点。对于简单值权限系统,使用AOP进行子系统离散化的具体思路如下:
1.将DocService中负责权限的代码(属性和函数)都分离,放置到一个专门的权限处理类PrivilegeService中。
2.使用Spring的ProxyFactoryBean,做成DocService的代理,让PrivilegeService作为它的前置处理器。
3.在PrivilegeService的before方法中,执行权限检查,如果权限值不够则抛出异常。
分离后DocService简洁的代码
package com.heyang.aopstyle.service;
import com.heyang.traditonal.domain.Doc;
import com.heyang.traditonal.domain.User;
import com.heyang.traditonal.service.IDocService;
/** *//**
* 为领域对象Doc提供服务
*
* @author 何杨(heyang78@gmail.com)
*
* @since 2008-12-30 下午05:13:29
* @version 1.00
*/
public class DocService implements IDocService {
public void add(Doc doc, User user) {
System.out.println("将" + doc + "交由dao处理(存入数据库)");
}
public void delete(Doc doc, User user) {
System.out.println("将" + doc + "交由dao处理(从数据库删除)");
}
public void update(Doc doc, User user) {
System.out.println("将" + doc + "交由dao处理(更新数据库中对应的记录)");
}
}
新组建的PrivilegeService类
package com.heyang.aopstyle.service;
import java.lang.reflect.Method;
import org.springframework.aop.MethodBeforeAdvice;
import com.heyang.aopstyle.exception.PrivilegeNotEnoughException;
import com.heyang.traditional2.dao.PrivilegeDao;
import com.heyang.traditonal.domain.User;
/** *//**
* 实现权限子系统
* @author: 何杨(heyang78@gmail.com)
* @date: 2009-1-2-下午04:19:13
*/
public class PrivilegeService implements MethodBeforeAdvice{
private PrivilegeDao privilegeDao;
// 添加doc需要的权限名
private String addDocPrivilegeName;
// 删除doc需要的权限名
private String deleteDocPrivilegeName;
// 更新doc需要的权限名
private String updateDocPrivilegeName;
/** *//**
* 在IDocService的实际方法开始前进行前置处理--权限检查
*/
public void before(Method arg0, Object[] arg1, Object arg2) throws Throwable {
// 取得方法名
String mothodName=arg0.getName();
// 取得用户权限
User user=(User)arg1[1];
int userPrivilegeValue=user.getPrivilegePoint();
// 根据方法名判断用户是否达到了需要的权限,否则抛出异常
if("add".equals(mothodName)){
if(userPrivilegeValue<=getPrivilegeValueBy(addDocPrivilegeName)){
throw new PrivilegeNotEnoughException("用户权限必须达到"+getPrivilegeValueBy(addDocPrivilegeName)+"才能执行添加操作");
}
}
else if("delete".equals(mothodName)){
if(userPrivilegeValue<=getPrivilegeValueBy(deleteDocPrivilegeName)){
throw new PrivilegeNotEnoughException("用户权限必须达到"+getPrivilegeValueBy(deleteDocPrivilegeName)+"才能执行删除操作");
}
}
else if("update".equals(mothodName)){
if(userPrivilegeValue<=getPrivilegeValueBy(updateDocPrivilegeName)){
throw new PrivilegeNotEnoughException("用户权限必须达到"+getPrivilegeValueBy(updateDocPrivilegeName)+"才能执行更新操作");
}
}
}
private int getPrivilegeValueBy(String name){
return privilegeDao.getValueBy(name);
}
public PrivilegeDao getPrivilegeDao() {
return privilegeDao;
}
public void setPrivilegeDao(PrivilegeDao privilegeDao) {
this.privilegeDao = privilegeDao;
}
public String getAddDocPrivilegeName() {
return addDocPrivilegeName;
}
public void setAddDocPrivilegeName(String addDocPrivilegeName) {
this.addDocPrivilegeName = addDocPrivilegeName;
}
public String getDeleteDocPrivilegeName() {
return deleteDocPrivilegeName;
}
public void setDeleteDocPrivilegeName(String deleteDocPrivilegeName) {
this.deleteDocPrivilegeName = deleteDocPrivilegeName;
}
public String getUpdateDocPrivilegeName() {
return updateDocPrivilegeName;
}
public void setUpdateDocPrivilegeName(String updateDocPrivilegeName) {
this.updateDocPrivilegeName = updateDocPrivilegeName;
}
}
起辅助作用的PrivilegeNotEnoughException类,因为不想改变接口(或不能改变接口)故把异常类型定位运行期异常:
package com.heyang.aopstyle.exception;
/** *//**
* 权限不足异常
* @author: 何杨(heyang78@gmail.com)
* @date: 2009-1-2-下午04:02:50
*/
public class PrivilegeNotEnoughException extends RuntimeException{
private static final long serialVersionUID = -6594794529337011115L;
public PrivilegeNotEnoughException(String msg){
super(msg);
}
}
最终配置文件:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- 数据源 -->
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName"
value="org.gjt.mm.mysql.Driver">
</property>
<property name="url" value="jdbc:mysql://127.0.0.1/test">
</property>
<property name="username" value="root"></property>
<property name="password" value="hy"></property>
</bean>
<!-- 用于访问数据库的jdbcTemplate -->
<bean id="jdbcTemplate"
class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource">
<ref bean="dataSource" />
</property>
</bean>
<!-- 用于访问数据库的PrivilegeTB表,按权限名取出权限值的数据库访问类 -->
<bean id="privilegeDao"
class="com.heyang.traditional2.dao.PrivilegeDao">
<property name="jdbcTemplate">
<ref bean="jdbcTemplate" />
</property>
</bean>
<!-- 用于文件处理的IDocService实现类DocService -->
<bean id="docService" class="com.heyang.aopstyle.service.DocService"/>
<!-- 在执行docService的实际方法前进行权限检查 -->
<bean id="privilegeService" class="com.heyang.aopstyle.service.PrivilegeService">
<property name="privilegeDao">
<ref bean="privilegeDao" />
</property>
<property name="addDocPrivilegeName" value="addDocPrivilege" />
<property name="deleteDocPrivilegeName" value="deleteDocPrivilege" />
<property name="updateDocPrivilegeName" value="updateDocPrivilege" />
</bean>
<!-- docService的代理对象 -->
<bean id="docServiceProxy" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces">
<value>com.heyang.traditonal.service.IDocService</value>
</property>
<property name="interceptorNames">
<list>
<value>privilegeService</value>
</list>
</property>
<property name="target">
<ref bean="docService"/>
</property>
</bean>
</beans>
业务处理模拟过程:
package com.heyang.aopstyle;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import com.heyang.aopstyle.exception.PrivilegeNotEnoughException;
import com.heyang.traditonal.domain.Doc;
import com.heyang.traditonal.domain.User;
import com.heyang.traditonal.service.IDocService;
public class Main{
public static void main(String[] args){
ApplicationContext ctx = new ClassPathXmlApplicationContext("aopCtx.xml");
IDocService docService=(IDocService)ctx.getBean("docServiceProxy");
Doc doc=new Doc("论美国次贷危机的产生及影响");
User user=new User("中科院经济所研究员",50);
// 用户向系统添加文章
try{
docService.add(doc, user);
}
catch(PrivilegeNotEnoughException ex){
System.out.println(ex.getMessage());
}
// 用户向系统更新文章
try{
doc.setName("论美国次贷危机的产生及影响和我国应该采取的应对措施");
docService.update(doc, user);
}
catch(PrivilegeNotEnoughException ex){
System.out.println(ex.getMessage());
}
// 用户从系统撒删除文章
try{
docService.delete(doc, user);
}
catch(PrivilegeNotEnoughException ex){
System.out.println(ex.getMessage());
}
}
}
输出:
2009-01-02 16:26:53,406 DEBUG [main] (DriverManagerDataSource.java:289) - Creating new JDBC Connection to [jdbc:mysql://127.0.0.1/test]
2009-01-02 16:26:56,578 DEBUG [main] (DataSourceUtils.java:312) - Returning JDBC Connection to DataSource
将文件 名=论美国次贷危机的产生及影响交由dao处理(存入数据库)
2009-01-02 16:26:56,593 DEBUG [main] (JdbcTemplate.java:382) - Executing SQL query [select value from PrivilegeTB where name='updateDocPrivilege' ]
2009-01-02 16:26:56,593 DEBUG [main] (DataSourceUtils.java:112) - Fetching JDBC Connection from DataSource
2009-01-02 16:26:56,593 DEBUG [main] (DriverManagerDataSource.java:289) - Creating new JDBC Connection to [jdbc:mysql://127.0.0.1/test]
2009-01-02 16:26:56,640 DEBUG [main] (DataSourceUtils.java:312) - Returning JDBC Connection to DataSource
将文件 名=论美国次贷危机的产生及影响和我国应该采取的应对措施交由dao处理(更新数据库中对应的记录)
2009-01-02 16:26:56,640 DEBUG [main] (JdbcTemplate.java:382) - Executing SQL query [select value from PrivilegeTB where name='deleteDocPrivilege' ]
2009-01-02 16:26:56,640 DEBUG [main] (DataSourceUtils.java:112) - Fetching JDBC Connection from DataSource
2009-01-02 16:26:56,640 DEBUG [main] (DriverManagerDataSource.java:289) - Creating new JDBC Connection to [jdbc:mysql://127.0.0.1/test]
2009-01-02 16:26:56,703 DEBUG [main] (DataSourceUtils.java:312) - Returning JDBC Connection to DataSource
2009-01-02 16:26:56,859 DEBUG [main] (JdbcTemplate.java:382) - Executing SQL query [select value from PrivilegeTB where name='deleteDocPrivilege' ]
2009-01-02 16:26:56,859 DEBUG [main] (DataSourceUtils.java:112) - Fetching JDBC Connection from DataSource
2009-01-02 16:26:56,859 DEBUG [main] (DriverManagerDataSource.java:289) - Creating new JDBC Connection to [jdbc:mysql://127.0.0.1/test]
2009-01-02 16:26:56,953 DEBUG [main] (DataSourceUtils.java:312) - Returning JDBC Connection to DataSource
用户权限必须达到60才能执行删除操作
例程下载:
http://www.blogjava.net/Files/heyang/AOPPrivilegeSample20090102170039.rar
需要自行载入的包为:
commons-logging-1.0.4.jar,log4j-1.2.14.jar,spring.jar,mysql-connector-java-5.0.6-bin.jar