AOP Aspect Oriented Programming
AOP Aspect Oriented Programming
考虑一个PoS机的销售处理模块 > > Processsalehandler ProcessReturnHandler +start sale O +startReturn( +enterItem () +finishReturn() +finishSale +modifysale(
问题 • 考虑一个POS机的销售处理模块
如何处理权限问题 在处理一个销售的过程中,收银员可以执行启 动销售等操作( startsale),如果需要修改销售的 内容( change Sale)则需要由管理员执行 如何处理权限问题? 在每段方法的开头加上权限处理的代码? 或者应该将 Process Salehandler分解为两个类?
如何处理权限问题 – 在处理一个销售的过程中,收银员可以执行启 动销售等操作(startSale),如果需要修改销售的 内容(changeSale)则需要由管理员执行。 – 如何处理权限问题? • 在每段方法的开头加上权限处理的代码? • 或者应该将ProcessSaleHandler分解为两个类?
第一种方法 public iSale startSaleo t if (securityManager.isFunction Valid4 CurrentUser/"startSale") return new SaleMemImplO else throw new SecurityViolated Exception( startSale"; 问题 在所有的业务代码中都混杂了权限相关代码 (Code tangling 与权限相关的代码分散在各处( Code scattering)
第一种方法 • 问题: – 在所有的业务代码中都混杂了权限相关代码 (Code tangling) – 与权限相关的代码分散在各处(Code scattering ) public ISale startSale() { if (securityManager.isFunctionValid4CurrentUser("startSale")) return new SaleMemImpl(); else throw new SecurityViolatedException("startSale"); }
第二种方法 > > CasherHandler Adminhandler + startSale O +modifySale O +enterItem o +finishSale o +startReturn o +finishReturn o 类提供了一种层次化的分类方法,但问题 是,他只能提供一个维度的分类方法
第二种方法 • 类提供了一种层次化的分类方法,但问题 是,他只能提供一个维度的分类方法
Security aspect的实现( Spring) public class Security CheckAspect implements MethodInterceptor( SEcurity Manager security Manager public void setSecurity Manager Security Manager security Manager)i this securityManager= security Manager; @Override public object invoke MethodInvocation invocation throws Throwable f String funcName invocation getMethod ( getName() if (security Manager is Function Valid CurrentUser(invocation. getMethod(getName) return invocation. proceed throw new Security Violated Exception(funcName);
public class SecurityCheckAspect implements MethodInterceptor{ ISecurityManagersecurityManager; public void setSecurityManager(ISecurityManagersecurityManager) { this.securityManager = securityManager; } @Override public Object invoke(MethodInvocation invocation) throws Throwable { String funcName = invocation.getMethod().getName(); if (securityManager.isFunctionValid4CurrentUser(invocation.getMethod().getName())) return invocation.proceed(); else throw new SecurityViolatedException(funcName); } } Security Aspect的实现(Spring)
Code tangling Business log Transaction Security management Implementation modules
Code tangling
Code scattering API invocations Accounting module Secur module ATM module Database module
Code scattering
N-dimensional concern Security Transaction management Security Implementation mapping Business logic Business logic once space Implementation space
N-dimensional concern
Security Aspect的实现( Aspect public aspect SecurityAspect i private SEcurity Manager security Manager= Security Manager. getInstanceo pointcut securedAccess() execution(* IUsecaseHandler+. ())B //Advice before ( securedAccess(t String function Name= thisJoin Point getsignature().getName 0 if(Security Manager. isFunction Valid4CurrentUser(function Name )) throw new Security Violated Exception(function Name);
Security Aspect的实现(AspectJ) public aspect SecurityAspect { private ISecurityManagersecurityManager = SecurityManager.getInstance(); pointcut securedAccess(): execution ( * IUsecaseHandler+.*(..) ); //Advice before(): securedAccess(){ String functionName = thisJoinPoint.getSignature().getName(); if(!securityManager.isFunctionValid4CurrentUser(functionName)) throw new SecurityViolatedException(functionName); } }