当前位置：首页 > news >正文

针对一个系统的权限管理这样的业务场景，使用各设计模式解说

news 2025/9/16 8:40:54

通义灵码

下面将介绍如何在Java中使用不同的设计模式来实现权限管理系统。每个设计模式都有其特定的应用场景和实现方式，我们将逐一讲解。

1. 单例模式 (Singleton Pattern)

应用场景：确保权限管理服务在整个系统中只有一个实例，避免重复创建和资源浪费。

实现方式：

java

public class PermissionService { private static PermissionService instance; private Map<String, User> users; private PermissionService() { users = new HashMap<>(); } public static PermissionService getInstance() { if (instance == null) { synchronized (PermissionService.class) { if (instance == null) { instance = new PermissionService(); } } } return instance; } public void addUser(User user) { users.put(user.getId(), user); } public User getUser(String id) { return users.get(id); } // 其他权限管理方法 } class User { private String id; private String role; public User(String id, String role) { this.id = id; this.role = role; } public String getId() { return id; } public String getRole() { return role; } }

2. 工厂方法模式 (Factory Method Pattern)

应用场景：根据不同类型的用户创建不同的权限对象。

实现方式：

java

interface Permission { boolean checkAccess(Resource resource); } class AdminPermission implements Permission { @Override public boolean checkAccess(Resource resource) { return true; // 管理员有所有权限 } } class UserPermission implements Permission { @Override public boolean checkAccess(Resource resource) { return resource.isPublic(); // 用户只能访问公开资源 } } abstract class PermissionFactory { abstract Permission createPermission(String type); } class ConcretePermissionFactory extends PermissionFactory { @Override Permission createPermission(String type) { if ("admin".equals(type)) { return new AdminPermission(); } else if ("user".equals(type)) { return new UserPermission(); } return null; } } class Resource { private boolean isPublic; public Resource(boolean isPublic) { this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } }

3. 抽象工厂模式 (Abstract Factory Pattern)

应用场景：创建一系列相关的权限对象，例如不同角色的权限集合。

实现方式：

java

interface PermissionFactory { Permission createUserPermission(); Permission createAdminPermission(); } class ConcretePermissionFactory implements PermissionFactory { @Override public Permission createUserPermission() { return new UserPermission(); } @Override public Permission createAdminPermission() { return new AdminPermission(); } } class UserPermission implements Permission { @Override public boolean checkAccess(Resource resource) { return resource.isPublic(); // 用户只能访问公开资源 } } class AdminPermission implements Permission { @Override public boolean checkAccess(Resource resource) { return true; // 管理员有所有权限 } } class Resource { private boolean isPublic; public Resource(boolean isPublic) { this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } }

4. 建造者模式 (Builder Pattern)

应用场景：逐步构建复杂的权限配置，例如多角色、多权限的组合。

实现方式：

java

class PermissionBuilder { private List<Permission> permissions; public PermissionBuilder() { permissions = new ArrayList<>(); } public PermissionBuilder addAdminPermission() { permissions.add(new AdminPermission()); return this; } public PermissionBuilder addUserPermission() { permissions.add(new UserPermission()); return this; } public CompositePermission build() { return new CompositePermission(permissions); } } class CompositePermission implements Permission { private List<Permission> permissions; public CompositePermission(List<Permission> permissions) { this.permissions = permissions; } @Override public boolean checkAccess(Resource resource) { for (Permission permission : permissions) { if (permission.checkAccess(resource)) { return true; } } return false; } } class UserPermission implements Permission { @Override public boolean checkAccess(Resource resource) { return resource.isPublic(); // 用户只能访问公开资源 } } class AdminPermission implements Permission { @Override public boolean checkAccess(Resource resource) { return true; // 管理员有所有权限 } } class Resource { private boolean isPublic; public Resource(boolean isPublic) { this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } }

5. 适配器模式 (Adapter Pattern)

应用场景：将现有的权限管理系统适配到新的系统中，例如将旧版的权限管理适配到新版的系统中。

实现方式：

java

interface NewPermissionSystem { boolean checkAccess(User user, Resource resource); } class OldPermissionSystem { public boolean checkAccess(User user, Resource resource) { // 旧版权限检查逻辑 return "admin".equals(user.getRole()) || resource.isPublic(); } } class NewPermissionSystemAdapter implements NewPermissionSystem { private OldPermissionSystem oldSystem; public NewPermissionSystemAdapter(OldPermissionSystem oldSystem) { this.oldSystem = oldSystem; } @Override public boolean checkAccess(User user, Resource resource) { return oldSystem.checkAccess(user, resource); } } class User { private String name; private String role; public User(String name, String role) { this.name = name; this.role = role; } public String getName() { return name; } public String getRole() { return role; } } class Resource { private boolean isPublic; public Resource(boolean isPublic) { this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } }

6. 装饰器模式 (Decorator Pattern)

应用场景：在不改变原有权限检查逻辑的情况下，动态添加新的权限检查逻辑，例如日志记录。

实现方式：

java

interface PermissionChecker { boolean checkAccess(User user, Resource resource); } class BasePermissionChecker implements PermissionChecker { @Override public boolean checkAccess(User user, Resource resource) { return "admin".equals(user.getRole()) || resource.isPublic(); } } class LoggingPermissionChecker implements PermissionChecker { private PermissionChecker checker; public LoggingPermissionChecker(PermissionChecker checker) { this.checker = checker; } @Override public boolean checkAccess(User user, Resource resource) { boolean result = checker.checkAccess(user, resource); System.out.println("Access check for " + user.getName() + " on " + resource.getName() + ": " + result); return result; } } class User { private String name; private String role; public User(String name, String role) { this.name = name; this.role = role; } public String getName() { return name; } public String getRole() { return role; } } class Resource { private String name; private boolean isPublic; public Resource(String name, boolean isPublic) { this.name = name; this.isPublic = isPublic; } public String getName() { return name; } public boolean isPublic() { return isPublic; } }

7. 观察者模式 (Observer Pattern)

应用场景：当用户的权限发生变化时，通知相关的系统模块进行更新。

实现方式：

java

import java.util.ArrayList; import java.util.List; interface Observer { void update(User user); } class Subject { private List<Observer> observers = new ArrayList<>(); public void addObserver(Observer observer) { observers.add(observer); } public void removeObserver(Observer observer) { observers.remove(observer); } public void notifyObservers(User user) { for (Observer observer : observers) { observer.update(user); } } } class User { private String name; private String role; public User(String name, String role) { this.name = name; this.role = role; } public String getName() { return name; } public String getRole() { return role; } public void changeRole(String newRole) { this.role = newRole; subject.notifyObservers(this); } private Subject subject = new Subject(); public void addObserver(Observer observer) { subject.addObserver(observer); } public void removeObserver(Observer observer) { subject.removeObserver(observer); } } class Logger implements Observer { @Override public void update(User user) { System.out.println(user.getName() + " changed role to " + user.getRole()); } } public class Main { public static void main(String[] args) { User user = new User("Alice", "user"); Logger logger = new Logger(); user.addObserver(logger); user.changeRole("admin"); } }

8. 策略模式 (Strategy Pattern)

应用场景：根据不同类型的资源或操作，选择不同的权限检查策略。

实现方式：

java

interface PermissionStrategy { boolean checkAccess(User user, Resource resource); } class AdminStrategy implements PermissionStrategy { @Override public boolean checkAccess(User user, Resource resource) { return "admin".equals(user.getRole()); } } class PublicStrategy implements PermissionStrategy { @Override public boolean checkAccess(User user, Resource resource) { return resource.isPublic(); } } class PermissionContext { private PermissionStrategy strategy; public PermissionContext(PermissionStrategy strategy) { this.strategy = strategy; } public void setStrategy(PermissionStrategy strategy) { this.strategy = strategy; } public boolean checkAccess(User user, Resource resource) { return strategy.checkAccess(user, resource); } } class User { private String name; private String role; public User(String name, String role) { this.name = name; this.role = role; } public String getRole() { return role; } } class Resource { private String name; private boolean isPublic; public Resource(String name, boolean isPublic) { this.name = name; this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } } public class Main { public static void main(String[] args) { PermissionContext context = new PermissionContext(new AdminStrategy()); System.out.println(context.checkAccess(new User("Alice", "admin"), new Resource("Document", false))); // true context.setStrategy(new PublicStrategy()); System.out.println(context.checkAccess(new User("Bob", "user"), new Resource("Document", true))); // true System.out.println(context.checkAccess(new User("Bob", "user"), new Resource("Document", false))); // false } }

9. 责任链模式 (Chain of Responsibility Pattern)

应用场景：通过一系列的权限检查器依次检查权限，直到某个检查器通过或全部失败。

实现方式：

java

abstract class PermissionHandler { protected PermissionHandler successor; public void setSuccessor(PermissionHandler successor) { this.successor = successor; } public boolean handle(User user, Resource resource) { if (checkAccess(user, resource)) { return true; } if (successor != null) { return successor.handle(user, resource); } return false; } abstract boolean checkAccess(User user, Resource resource); } class AdminHandler extends PermissionHandler { @Override boolean checkAccess(User user, Resource resource) { return "admin".equals(user.getRole()); } } class PublicHandler extends PermissionHandler { @Override boolean checkAccess(User user, Resource resource) { return resource.isPublic(); } } class User { private String name; private String role; public User(String name, String role) { this.name = name; this.role = role; } public String getRole() { return role; } } class Resource { private String name; private boolean isPublic; public Resource(String name, boolean isPublic) { this.name = name; this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } } public class Main { public static void main(String[] args) { AdminHandler adminHandler = new AdminHandler(); PublicHandler publicHandler = new PublicHandler(); adminHandler.setSuccessor(publicHandler); System.out.println(adminHandler.handle(new User("Alice", "admin"), new Resource("Document", false))); // true System.out.println(adminHandler.handle(new User("Bob", "user"), new Resource("Document", true))); // true System.out.println(adminHandler.handle(new User("Bob", "user"), new Resource("Document", false))); // false } }

10. 状态模式 (State Pattern)

应用场景：根据用户的不同状态（例如登录状态、角色状态）来决定权限检查的逻辑。

实现方式：

java

interface State { boolean checkAccess(Resource resource); } class LoggedInState implements State { @Override public boolean checkAccess(Resource resource) { return resource.isPublic(); } } class AdminState implements State { @Override public boolean checkAccess(Resource resource) { return true; } } class User { private String name; private State state; public User(String name, State state) { this.name = name; this.state = state; } public void setState(State state) { this.state = state; } public boolean checkAccess(Resource resource) { return state.checkAccess(resource); } } class Resource { private String name; private boolean isPublic; public Resource(String name, boolean isPublic) { this.name = name; this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } } public class Main { public static void main(String[] args) { User user = new User("Alice", new LoggedInState()); System.out.println(user.checkAccess(new Resource("Document", true))); // true user.setState(new AdminState()); System.out.println(user.checkAccess(new Resource("Document", false))); // true } }

11. 中介者模式 (Mediator Pattern)

应用场景：协调多个权限管理模块之间的交互，例如用户认证、角色分配、权限检查等。

实现方式：

java

interface Mediator { boolean authenticate(User user, String password); boolean checkAccess(User user, Resource resource); } class PermissionMediator implements Mediator { private AuthService authService; private RoleService roleService; private PermissionService permissionService; public PermissionMediator(AuthService authService, RoleService roleService, PermissionService permissionService) { this.authService = authService; this.roleService = roleService; this.permissionService = permissionService; } @Override public boolean authenticate(User user, String password) { if (authService.authenticate(user, password)) { roleService.assignRole(user); return true; } return false; } @Override public boolean checkAccess(User user, Resource resource) { String role = roleService.getRole(user); return permissionService.checkAccess(role, resource); } } class AuthService { public boolean authenticate(User user, String password) { // 认证逻辑 return user.getPassword().equals(password); } } class RoleService { public void assignRole(User user) { // 分配角色逻辑 user.setRole("user"); } public String getRole(User user) { return user.getRole(); } } class PermissionService { public boolean checkAccess(String role, Resource resource) { // 权限检查逻辑 return "admin".equals(role) || resource.isPublic(); } } class User { private String name; private String password; private String role; public User(String name, String password) { this.name = name; this.password = password; } public String getPassword() { return password; } public String getRole() { return role; } public void setRole(String role) { this.role = role; } } class Resource { private String name; private boolean isPublic; public Resource(String name, boolean isPublic) { this.name = name; this.isPublic = isPublic; } public boolean isPublic() { return isPublic; } } public class Main { public static void main(String[] args) { AuthService authService = new AuthService(); RoleService roleService = new RoleService(); PermissionService permissionService = new PermissionService(); PermissionMediator mediator = new PermissionMediator(authService, roleService, permissionService); User user = new User("Alice", "password"); if (mediator.authenticate(user, "password")) { System.out.println(mediator.checkAccess(user, new Resource("Document", true))); // true } } }

12. 备忘录模式 (Memento Pattern)

应用场景：记录用户权限的状态，以便在需要时恢复到之前的权限状态。

实现方式：

java

class User { private String name; private String role; public User(String name, String role) { this.name = name; this.role = role; } public String getRole() { return role; } public void setRole(String role) { this.role = role; } public Memento createMemento() { return new Memento(role); } public void restoreMemento(Memento memento) { this.role = memento.getRole(); } } class Memento { private String role; public Memento(String role) { this.role = role; } public String getRole() { return role; } } public class Main { public static void main(String[] args) { User user = new User("Alice", "user"); System.out.println(user.getRole()); //

文兴快码

在设计一个系统的权限管理时，可以使用多种设计模式来优化系统结构、增强系统的可扩展性和可维护性。以下是根据提供的背景知识，针对权限管理系统中可能用到的几种设计模式及其解说：

1. 策略模式（Strategy Pattern）

解说：策略模式定义了一系列算法，并将每一个算法封装起来，使它们可以互换。在权限管理中，可以使用策略模式来处理不同类型的权限验证逻辑。例如，对于页面权限、操作权限和数据权限，可以分别设计不同的验证策略，然后在运行时根据具体需求选择合适的策略进行验证。

代码示例（伪代码）：

Java

interface PermissionStrategy { boolean validate(User user, Resource resource); } class PagePermissionStrategy implements PermissionStrategy { @Override public boolean validate(User user, Resource resource) { // 页面权限验证逻辑 return user.hasPagePermission(resource); } } class OperationPermissionStrategy implements PermissionStrategy { @Override public boolean validate(User user, Resource resource) { // 操作权限验证逻辑 return user.hasOperationPermission(resource); } } class PermissionChecker { private PermissionStrategy strategy; public void setStrategy(PermissionStrategy strategy) { this.strategy = strategy; } public boolean checkPermission(User user, Resource resource) { return strategy.validate(user, resource); } }

2. 观察者模式（Observer Pattern）

解说：观察者模式定义了一种一对多的依赖关系，让多个观察者对象同时监听某一个主题对象。这个主题对象在状态发生变化时，会通知所有观察者对象，使它们能够自动更新自己。在权限管理系统中，可以使用观察者模式来监听用户权限的变化，并通知相关的组件进行更新。

代码示例（伪代码）：

Java

interface PermissionObserver { void update(User user, PermissionChange change); } class PermissionManager implements PermissionObserver { @Override public void update(User user, PermissionChange change) { // 更新权限逻辑 if (change.getType() == PermissionChangeType.GRANT) { grantPermission(user, change.getPermission()); } else if (change.getType() == PermissionChangeType.REVOKE) { revokePermission(user, change.getPermission()); } } } class PermissionSubject { private List<PermissionObserver> observers = new ArrayList<>(); public void addObserver(PermissionObserver observer) { observers.add(observer); } public void removeObserver(PermissionObserver observer) { observers.remove(observer); } public void notifyObservers(User user, PermissionChange change) { for (PermissionObserver observer : observers) { observer.update(user, change); } } }

3. 工厂模式（Factory Pattern）

解说：工厂模式是一种创建型设计模式，它提供了一种创建对象的最佳方式。在权限管理系统中，可以使用工厂模式来创建不同类型的权限对象，例如页面权限、操作权限和数据权限对象。

代码示例（伪代码）：

Java

interface Permission { void validate(User user, Resource resource); } class PagePermission implements Permission { @Override public void validate(User user, Resource resource) { // 页面权限验证逻辑 } } class OperationPermission implements Permission { @Override public void validate(User user, Resource resource) { // 操作权限验证逻辑 } } class PermissionFactory { public static Permission createPermission(PermissionType type) { switch (type) { case PAGE: return new PagePermission(); case OPERATION: return new OperationPermission(); default: throw new IllegalArgumentException("Unsupported permission type"); } } }

4. 代理模式（Proxy Pattern）

解说：代理模式为其他对象提供一个代理或占位符，以控制对这个对象的访问。在权限管理系统中，可以使用代理模式来代理用户的操作，以便在操作执行前后添加额外的权限验证逻辑。

代码示例（伪代码）：

Java

interface UserService { void performOperation(User user, Operation operation); } class RealUserService implements UserService { @Override public void performOperation(User user, Operation operation) { // 执行实际的操作逻辑 } } class PermissionProxyService implements UserService { private RealUserService realService; public PermissionProxyService(RealUserService realService) { this.realService = realService; } @Override public void performOperation(User user, Operation operation) { if (hasPermission(user, operation)) { realService.performOperation(user, operation); } else { throw new PermissionDeniedException("Permission denied"); } } private boolean hasPermission(User user, Operation operation) { // 权限验证逻辑 return true; // 示例代码，实际应实现具体的验证逻辑 } }

5. 装饰者模式（Decorator Pattern）

解说：装饰者模式允许向一个现有的对象添加新的功能，同时又不改变其结构。在权限管理系统中，可以使用装饰者模式来增强用户对象的功能，例如添加一个权限检查器装饰器来检查用户的权限。

代码示例（伪代码）：

Java

interface User { void performAction(); } class RealUser implements User { @Override public void performAction() { // 执行用户操作 } } class PermissionCheckerDecorator implements User { private User user; public PermissionCheckerDecorator(User user) { this.user = user; } @Override public void performAction() { if (hasPermission()) { user.performAction(); } else { throw new PermissionDeniedException("Permission denied"); } } private boolean hasPermission() { // 权限验证逻辑 return true; // 示例代码，实际应实现具体的验证逻辑 } }

通过以上几种设计模式的应用，可以构建出一个灵活、可扩展且易于维护的权限管理系统。这些设计模式不仅有助于优化代码结构，还能提高系统的可重用性和可测试性。

通义灵码

1. 单例模式 (Singleton Pattern)

2. 工厂方法模式 (Factory Method Pattern)

3. 抽象工厂模式 (Abstract Factory Pattern)

4. 建造者模式 (Builder Pattern)

5. 适配器模式 (Adapter Pattern)

6. 装饰器模式 (Decorator Pattern)

7. 观察者模式 (Observer Pattern)

8. 策略模式 (Strategy Pattern)

9. 责任链模式 (Chain of Responsibility Pattern)

10. 状态模式 (State Pattern)

11. 中介者模式 (Mediator Pattern)

12. 备忘录模式 (Memento Pattern)

文兴快码

1. 策略模式（Strategy Pattern）

2. 观察者模式（Observer Pattern）

3. 工厂模式（Factory Pattern）

4. 代理模式（Proxy Pattern）

5. 装饰者模式（Decorator Pattern）

相关文章：