学步园

import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.ArrayList;

/**
 *
 * <p>Title: 登陆过滤操作</p>
 */
public class LoginFilter
    implements Filter {
    private static String loginURL;
    private static ArrayList needRight;
    private static ArrayList noneedRight;
    private FilterConfig filterConfig;
    public LoginFilter() {
    }

    public void init(FilterConfig filtercfg) throws javax.servlet.
        ServletException {
        loginURL = filtercfg.getInitParameter("loginURL");
        this.filterConfig = filterConfig;
        needRight = new ArrayList();
        needRight.add("forum_add");
        needRight.add("forum_delete");
        needRight.add("forum_update");
        needRight.add("topic_delete");
        needRight.add("topic_update");

        noneedRight = new ArrayList();
        noneedRight.add("login"); //用户登录
        noneedRight.add("user_add"); //用户注册
        noneedRight.add("include/check.js"); //JAVASCRIPT脚本
    }

    private boolean isRightNeed(String queryString) {
        if (queryString.indexOf("method=") > -1) {
            for (int i = 0; i < needRight.size(); i++) {
                String method = (String) needRight.get(i);
                if (queryString.indexOf(method) > -1) { 
                    return true;
                }
            }
        }
        return false;
    }

    private boolean isLoginNeed(String queryString) {
        for (int i = 0; i < noneedRight.size(); i++) {
            String method = (String) noneedRight.get(i);
            if (queryString.indexOf(method) > -1) {
                return false;
            }
        }
        return true;
    }

    private boolean hasRight(User loginUser, String queryString) {
        boolean flag = true;
        if (isRightNeed(queryString)) {
            if (loginUser.getDegree() == User.SUPERADMIN) {
                flag = true;
            }
            else {
                flag = false;
            }
        }
        return flag;
    }

    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain filterchain) throws java.io.
        IOException,
        javax.servlet.ServletException {
        HttpServletRequest httprequest = (HttpServletRequest) request;
        HttpServletResponse httpresponse = (HttpServletResponse) response;
        User loginUser = (User) httprequest.getSession().getAttribute(
            "user");
        String tempURI = (httprequest.getRequestURI()).toLowerCase();
        String tempURL = (httprequest.getRequestURL()).toString().
            toLowerCase();
        String queryString = httprequest.getQueryString();
        if (queryString == null) {
            queryString = tempURI;
        }
        System.out.println("queryString:" + queryString);
        if (loginUser == null) {
            if (!isLoginNeed(queryString)) {
                filterchain.doFilter(request, response);
                return;
            }
            else {
                httpresponse.sendRedirect("login.jsp");
                return;
            }
        }
        if (hasRight(loginUser, queryString)) {
            filterchain.doFilter(request, response);
            return;
        } else {
            httpresponse.sendRedirect("success.jsp?flag=false");
            return;
        }
    }

    public void destroy() {
        loginURL = null;
        filterConfig = null;
    }

}