当在方法级别内使用@PreAuthorize或@PostAuthorize时,Class.getAnnotations()不返回类级别注释的完整列表

时间:2016-03-15 09:03:00

标签: java xml spring annotations

假设我有一个带注释的下层课程 - 

@Component
@Path("/somepath/")
@Api(value = "/somepath", description = "Operations")
public class SomeResourceClass {

    @POST
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    @ApiOperation(value = "Create new Resource", 
        response = SomeResource.class)
    @ApiResponses(value = { @ApiResponse(code = 401, message = "Some Message") })
    public SomeResource createResource(@ApiParam(value="someResource", required = true)SomeResource resource) {
    }
}

我正在尝试使用以下代码

访问上述类级别上使用的注释列表 
List<ClassResourceInfo> classResourceInfos = serverFactoryBean.getServiceFactory().getClassResourceInfo();
for (ClassResourceInfo classResourceInfo : classResourceInfos) {
    for (Annotation annotation : classResourceInfo.getResourceClass().getAnnotations()) {
 // work with each annotation
}
}

我从classResourceInfo.getResourceClass()获得以下列表.getAnnotations() - 

[@org.springframework.stereotype.Component(value=), 
 @javax.ws.rs.Path(value=/somepath/), 
 @io.swagger.annotations.Api(basePath=, hidden=false, authorizations=[@io.swagger.annotations.Authorization(scopes=[@io.swagger.annotations.AuthorizationScope(scope=, description=)], value=)], produces=, description=Operations, position=0, protocols=, value=/somepath, tags=[], consumes=)]

所以在这里我得到了在类级别上定义的注释的完整列表。

但是现在如果我使用@PreAuthorize方法,我会得到不完整的列表。

@Component
@Path("/somepath/")
@Api(value = "/somepath", description = "Operations")
public class SomeResourceClass {

    @POST
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    @ApiOperation(value = "Create new Resource", 
        response = SomeResource.class)
    @ApiResponses(value = { @ApiResponse(code = 401, message = "Some Message") })
    @PreAuthorize("hasRole('ADMIN')")
    public SomeResource createResource(@ApiParam(value="someResource", required = true)SomeResource resource) {
    }
}

我在此场景中获得的类级别上定义的注释列表是 - 

[@io.swagger.annotations.Api(basePath=, hidden=false, authorizations=[@io.swagger.annotations.Authorization(scopes=[@io.swagger.annotations.AuthorizationScope(scope=, description=)], value=)], produces=, description=Operations, position=0, protocols=, value=/somepath, tags=[], consumes=)]

我在web-context xml文件中定义了SomeResourceClass 

<jaxrs:server id="service-rest" address="/">
        <jaxrs:serviceBeans>
            <ref bean="someResourceClass"/>
        </jaxrs:serviceBeans>
</jaxrs:server>

当我在其中一个方法上使用@PreAuthorize注释时,能帮助我指出为什么我得到类级别注释的不完整列表吗?

1 个答案:

答案 0 :(得分:0)

看起来它发生是因为Spring为您的控制器创建代理,因为您使用了@PreAuthorize注释。请参阅this文章。

仍然可以访问目标类注释:

$global = 0;

if(isset($_POST['update_cart'])){
    if(isset($_POST['qty'.$i])){
        $qty = $_POST['qty'.$i];
    }else{
        $qty+=1;    
    }

    $update_qty = "update cart set qty='$qty'";

    $run_qty = mysqli_query($con, $update_qty); 

    $_SESSION['qty']=$qty;



    $global = $global+ ($single_price*$qty); 


    $total =$total + ($values * $qty);


}
相关问题
最新问题