1.攔截器中的代碼
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String sessionId = CookieUtil.readLoginToken(request); //獲取當前的權限地址 /bg/dicUser/toDicUserList;jsessionid=1F3EA8235E7FD7322DBDD01795F0926C String requestURI = request.getRequestURI(); List<String> str = Splitter.on(";").splitToList(requestURI); String aclUrl = str.get(0); //從redis中獲取該用戶的權限列表 String allURIByRoleId = RedisPoolUtil.get(sessionId+Const.CURRENT_URIBYROLEID); List<String> list = JsonUtil.string2Obj(allURIByRoleId, new TypeReference<List<String>>() { }); if (list.contains(aclUrl)){ System.err.println("通過,攔截路徑" + aclUrl); return true; }else{ System.err.println("沒有權限"); //如果request.getHeader("X-Requested-With") 返回的是"XMLHttpRequest"說明就是ajax請求,需要特殊處理 否則直接重定向就可以了 if("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))){ //告訴ajax我是重定向 response.setHeader("REDIRECT", "REDIRECT"); //告訴ajax我重定向的路徑 response.setHeader("CONTENTPATH", "/jump/no_permission"); response.setStatus(HttpServletResponse.SC_FORBIDDEN); }else{ response.sendRedirect("/jump/no_permission"); } return false; } }
2.ajax請求 加入 complete 處理
layer.confirm('真的刪除行么', function (index) {
$.ajax({
url: '/bg/dicRole/del',
type: 'post',
dataType: 'json',
data: {roleId: data.roleId},
success: function (data) {
if (data.code == "200") {
layer.msg(data.msg, {icon: 1, time: 500}, function () {
window.location.reload();
});
} else {
layer.msg(data.msg, {icon: 2, time: 1000});
}
},
complete : function(xhr, status) {
//攔截器攔截沒有權限跳轉
// 通過xhr取得響應頭
var REDIRECT = xhr.getResponseHeader("REDIRECT");
//如果響應頭中包含 REDIRECT 則說明是攔截器返回的
if (REDIRECT == "REDIRECT")
{
document.location.href = xhr.getResponseHeader("CONTEXTPATH");
}
}
})
});
