Handle Business Applications

A MatrixAuthDemo project is provided in GitHub project to show how to connect business application into MatrixAuth, which is under the demo folder of the project.github home page of MatrixAuth

1 Free authority verification

MatrixAuth uses the @localPerm annotation to verify the free permission.

@RequestMapping("/03")
@LocalPerm({"PM_02"})
public Result interface03(String value01, Integer value02) {
    return ResultUtil.getSuccessResult("Interface 02 operated successfully");
}

The @localPerm annotation can pass the information of the interface to the handleLocalPerm method of the MatrixAuthSetup interface of the business application, which determines whether the operation can be performed. If the handleLocalPermmethod returns true, the operation will be released; if the handleLocalPerm method returns false, the operation will be blocked.

When the handleLocalPerm method be called, the following parameters will be received:

  • Method method:Called method.
  • Object[] args:The parameter passed in when the method is called.
  • String[] permissionsInAnnotation:Values of @LocalPerm.
  • Set<String> permissionsUserOwned:Collections of permKey of current user.

An example of the handleLocalPerm method is given below.

@Override
public Boolean handleLocalPerm(Method method, Object[] args, String[] permissionsInAnnotation, Set<String> permissionsUserOwned) {
    System.out.println("****************************************");
    System.out.println("Here you can make more detailed judgments with business information. \n" +
            "The information that may be needed in the judgment and how to obtain it are as follows:");
    System.out.println("****************************************");
    System.out.println("methodName:" + method.getName());
    System.out.println("methodClassName:" + method.getDeclaringClass().getName());
    System.out.println("methodArgTypes:");
    for (Parameter parameter : method.getParameters()) {
        System.out.println("--" + parameter.getType());
    }
    System.out.println("methodArgs:");
    for (Object parameter : args) {
        System.out.println("--" + parameter.toString());
    }
    System.out.println("annotationPermissions:");
    for (String perm : permissionsInAnnotation) {
        System.out.println("--" + perm);
    }
    System.out.println("ownedPermissions:" + permissionsUserOwned);
    System.out.println("****************************************");
    System.out.println("After the judgment, if it returns true, it means that the current method is allowed to be executed; \n" +
            "if it returns false, it means that it is refused to execute the current method.");
    System.out.println("****************************************");
    return true;
}
MatrixAuth-High performance lightweight distributed permission system.