Java中限制方法访问的设计模式
我有这样一个用户类:Java中限制方法访问的设计模式,java,Java,我有这样一个用户类: public class User { public double userId; public Role userRole; .... } enum Role { ADMIN, REGISTERED, UNREGISTERED } public class UserActions { private User user; public UserActions(User user){ this.
public class User
{
public double userId;
public Role userRole;
....
}
enum Role
{
ADMIN,
REGISTERED,
UNREGISTERED
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public void Create(){...}
public void Read(){...}
public void Update(){...}
public void Delete(){...}
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public ArrayList<Lambdas> allowedActions() { return a list of allowed actions for the user which they can then invoke}
private void Create(){...}
private void Read(){...}
private void Update(){...}
private void Delete(){...}
}
角色是如下所示的枚举:
public class User
{
public double userId;
public Role userRole;
....
}
enum Role
{
ADMIN,
REGISTERED,
UNREGISTERED
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public void Create(){...}
public void Read(){...}
public void Update(){...}
public void Delete(){...}
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public ArrayList<Lambdas> allowedActions() { return a list of allowed actions for the user which they can then invoke}
private void Create(){...}
private void Read(){...}
private void Update(){...}
private void Delete(){...}
}
我有一个名为UserActions的类,如下所示:
public class User
{
public double userId;
public Role userRole;
....
}
enum Role
{
ADMIN,
REGISTERED,
UNREGISTERED
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public void Create(){...}
public void Read(){...}
public void Update(){...}
public void Delete(){...}
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public ArrayList<Lambdas> allowedActions() { return a list of allowed actions for the user which they can then invoke}
private void Create(){...}
private void Read(){...}
private void Update(){...}
private void Delete(){...}
}
现在,很明显,用户是否能够使用Create、Read、Update或Delete取决于他们的角色。实现这一点的简单方法是在所有基于user.role的方法中使用Guard子句,但这绝对不优雅,而且会污染业务逻辑
我想做的是这样的:
public class User
{
public double userId;
public Role userRole;
....
}
enum Role
{
ADMIN,
REGISTERED,
UNREGISTERED
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public void Create(){...}
public void Read(){...}
public void Update(){...}
public void Delete(){...}
}
public class UserActions
{
private User user;
public UserActions(User user){ this.user = user; }
public ArrayList<Lambdas> allowedActions() { return a list of allowed actions for the user which they can then invoke}
private void Create(){...}
private void Read(){...}
private void Update(){...}
private void Delete(){...}
}
公共类用户操作
{
私人用户;
公共用户操作(用户){this.User=User;}
public ArrayList allowedActions(){返回用户可以调用的允许操作列表}
私有void Create(){…}
私有void Read(){…}
私有无效更新(){…}
私有void Delete(){…}
}
有没有一种方法可以返回用户可以根据其在Java中的角色调用的方法数组?请看下面的方法。我想你差不多找到了解决方案,只需使用
函数
而不是内联方法。我认为应该行得通
class UserActions {
private final Function<Context, Result> create = context -> Result.NULL;
private final Function<Context, Result> read = context -> Result.NULL;
private final Function<Context, Result> update = context -> Result.NULL;
private final Function<Context, Result> delete = context -> Result.NULL;
private User user;
public UserActions(User user) {
this.user = user;
}
public List<Function<Context, Result>> allowedActions() {
// TODO read credentials and provided allowed actions here
return List.of(create, read, update, delete);
}
public static final class Context {
// TODO add action's input data here
}
public static final class Result {
public static final Result NULL = new Result();
// TODO read action's result here
}
}
类用户操作{
私有最终函数create=context->Result.NULL;
私有最终函数read=context->Result.NULL;
私有最终函数更新=上下文->结果.NULL;
私有最终函数delete=context->Result.NULL;
私人用户;
公共用户操作(用户){
this.user=用户;
}
公共列表允许的操作(){
//TODO读取凭据并在此处提供允许的操作
返回列表(创建、读取、更新、删除);
}
公共静态最终类上下文{
//TODO在此处添加操作的输入数据
}
公开静态最终课堂结果{
公共静态最终结果NULL=新结果();
//TODO在此处读取操作的结果
}
}
我认为客户应该识别不同的方法,然后您可以为每个操作提供一个带有唯一键的
映射,而不是列表
,例如创建
,读取
,更新
和删除
,这似乎就是我要找的。但有一个问题:这是否要求所有方法都具有相同的签名?是的。上下文和响应。这将是一个问题,因为,例如,Read(filename)返回一个字节[],而Create(byte[],filename)不返回任何内容。将把您需要的全部放在上下文中。另一个选项是创建单独的方法,根据权限返回空或不返回函数。