📖 开篇:AOP的魔法世界
“编程的终极艺术是将复杂隐藏在简单之后”
AOP(面向切面编程)正是Spring赋予我们的魔法杖!它让日志、权限、缓存等横切关注点不再散落各处,而是优雅地编织成统一的面纱。本文带你解锁SpringBoot中4大AOP实战场景,让你的代码像交响乐般和谐!
🎯 场景一:日志监控交响曲 📊
需求痛点
-
调试黑洞:线上问题排查像大海捞针
-
性能迷雾:慢接口如隐形杀手
-
审计难题:操作记录支离破碎
实现方案
@Aspect
@Component
@Slf4j
public class LoggingAspect {
/**
* 定义切点:所有controller包下的所有方法
*/
@Pointcut("execution(* com.example.demo.controller.*.*(..))")
public void controllerMethods() {}
/**
* 环绕通知:记录请求日志和执行时间
*/
@Around("controllerMethods()")
public Object logAroundControllers(ProceedingJoinPoint joinPoint) throws Throwable {
// 获取方法签名
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
String methodName = signature.getName();
String className = signature.getDeclaringTypeName();
// 记录请求参数
String params = Arrays.toString(joinPoint.getArgs());
log.info("Request to {}.{} with params: {}", className, methodName, params);
// 记录开始时间
long startTime = System.currentTimeMillis();
// 执行目标方法
Object result;
try {
result = joinPoint.proceed();
// 计算执行时间
long executionTime = System.currentTimeMillis() - startTime;
// 记录返回结果和执行时间
log.info("Response from {}.{} ({}ms): {}",
className, methodName, executionTime, result);
// 记录慢方法
if (executionTime > 1000) {
log.warn("Slow execution detected! {}.{} took {}ms",
className, methodName, executionTime);
}
return result;
} catch (Exception e) {
// 记录异常信息
log.error("Exception in {}.{}: {}", className, methodName, e.getMessage(), e);
throw e;
}
}
/**
* 定义服务层方法切点
*/
@Pointcut("execution(* com.example.demo.service.*.*(..))")
public void serviceMethods() {}
/**
* 记录服务层方法的关键调用
*/
@Before("serviceMethods() && @annotation(logMethod)")
public void logServiceMethod(JoinPoint joinPoint, LogMethod logMethod) {
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
String methodName = signature.getName();
// 获取参数名
String[] paramNames = signature.getParameterNames();
Object[] args = joinPoint.getArgs();
StringBuilder logMessage = new StringBuilder();
logMessage.append("Executing ").append(methodName).append(" with params: {");
for (int i = 0; i < paramNames.length; i++) {
logMessage.append(paramNames[i]).append("=").append(args[i]);
if (i < paramNames.length - 1) {
logMessage.append(", ");
}
}
logMessage.append("}");
// 根据注解设置的级别记录日志
switch (logMethod.level()) {
case DEBUG:
log.debug(logMessage.toString());
break;
case INFO:
log.info(logMessage.toString());
break;
case WARN:
log.warn(logMessage.toString());
break;
case ERROR:
log.error(logMessage.toString());
break;
}
}
}
/**
* 自定义日志注解
*/
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface LogMethod {
LogLevel level() default LogLevel.INFO;
public enum LogLevel {
DEBUG, INFO, WARN, ERROR
}
}
使用示例
@Service
public class UserService {
@LogMethod(level = LogMethod.LogLevel.INFO)
public User findById(Long id) {
// 业务逻辑
return userRepository.findById(id).orElse(null);
}
@LogMethod(level = LogMethod.LogLevel.WARN)
public void updateUserStatus(Long userId, String status) {
// 更新用户状态
}
}
扩展:MDC实现请求跟踪
@Component
public class RequestIdFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
try {
// 为每个请求生成唯一ID
String requestId = UUID.randomUUID().toString().replace("-", "");
MDC.put("requestId", requestId);
if (request instanceof HttpServletRequest) {
HttpServletRequest httpRequest = (HttpServletRequest) request;
// 记录用户信息
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && auth.isAuthenticated()) {
MDC.put("userId", auth.getName());
}
MDC.put("remoteAddr", httpRequest.getRemoteAddr());
}
chain.doFilter(request, response);
} finally {
// 请求完成后清理MDC
MDC.clear();
}
}
}
魔法配方(额外了解)
@Around("controllerMethods()")
public Object logAround(ProceedingJoinPoint pjp) throws Throwable {
long start = System.currentTimeMillis();
log.info("🚀 请求进入: {}.{} 参数: {}",
pjp.getSignature().getDeclaringTypeName(),
pjp.getSignature().getName(),
Arrays.toString(pjp.getArgs()));
Object result = pjp.proceed();
long cost = System.currentTimeMillis() - start;
log.info("✅ 请求完成: {}.{} 耗时: {}ms 结果: {}",
pjp.getSignature().getDeclaringTypeName(),
pjp.getSignature().getName(),
cost,
result);
if(cost > 1000) {
log.warn("🐢 慢接口警告!耗时超过1秒!");
}
return result;
}
🎨 功能增强
-
MDC日志染色:用
ThreadLocal实现请求链路追踪MDC.put("traceId", UUID.randomUUID().toString()); -
动态采样:根据QPS动态调整日志级别
-
异常画像:自动统计异常类型分布
🔒 场景二:权限守卫者之盾 🛡️
权限设计三要素
| 维度 | 实现方式 | 示例 |
|---|---|---|
| 角色控制 | @RequiresRole | 管理员/普通用户 |
| 权限控制 | @RequiresPermission | user:delete |
| 数据权限 | 动态SQL过滤 | 部门数据隔离 |
实现方案
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD, ElementType.TYPE})
public @interface RequiresPermission {
/**
* 所需权限编码数组,满足其中任一即可
*/
String[] value() default {};
/**
* 权限逻辑类型:AND(同时具有所有权限), OR(满足任一权限即可)
*/
LogicalType logical() default LogicalType.OR;
public enum LogicalType {
AND, OR
}
}
@Aspect
@Component
@Slf4j
public class PermissionAspect {
@Autowired
private UserService userService;
/**
* 定义切点:所有带有@RequiresPermission注解的方法
*/
@Pointcut("@annotation(com.example.demo.annotation.RequiresPermission)")
public void permissionCheck() {}
/**
* 权限验证前置通知
*/
@Before("permissionCheck() && @annotation(requiresPermission)")
public void checkPermission(JoinPoint joinPoint, RequiresPermission requiresPermission) {
// 获取当前用户
User currentUser = getCurrentUser();
if (currentUser == null) {
throw new UnauthorizedException("用户未登录或会话已过期");
}
// 获取用户权限列表
Set<String> userPermissions = userService.getUserPermissions(currentUser.getId());
// 获取注解中要求的权限
String[] requiredPermissions = requiresPermission.value();
RequiresPermission.LogicalType logicalType = requiresPermission.logical();
// 权限校验
boolean hasPermission = false;
if (logicalType == RequiresPermission.LogicalType.OR) {
// 满足任一权限即可
for (String permission : requiredPermissions) {
if (userPermissions.contains(permission)) {
hasPermission = true;
break;
}
}
} else {
// 必须同时满足所有权限
hasPermission = true;
for (String permission : requiredPermissions) {
if (!userPermissions.contains(permission)) {
hasPermission = false;
break;
}
}
}
if (!hasPermission) {
log.warn("用户 {} 尝试访问未授权资源: {}.{}",
currentUser.getUsername(),
joinPoint.getSignature().getDeclaringTypeName(),
joinPoint.getSignature().getName());
throw new ForbiddenException("权限不足,无法执行该操作");
}
// 记录敏感操作
log.info("用户 {} 执行了需授权操作: {}.{}",
currentUser.getUsername(),
joinPoint.getSignature().getDeclaringTypeName(),
joinPoint.getSignature().getName());
}
private User getCurrentUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || !authentication.isAuthenticated()) {
return null;
}
Object principal = authentication.getPrincipal();
if (principal instanceof User) {
return (User) principal;
}
return null;
}
}
使用示例
@RestController
@RequestMapping("/api/users")
public class UserController {
@Autowired
private UserService userService;
@GetMapping
@RequiresPermission("user:list")
public List<User> listUsers() {
return userService.findAll();
}
@GetMapping("/{id}")
@RequiresPermission("user:view")
public User getUser(@PathVariable Long id) {
return userService.findById(id);
}
@PostMapping
@RequiresPermission(value = {"user:create", "user:edit"}, logical = RequiresPermission.LogicalType.OR)
public User createUser(@RequestBody User user) {
return userService.save(user);
}
@DeleteMapping("/{id}")
@RequiresRole("ADMIN")
public void deleteUser(@PathVariable Long id) {
userService.delete(id);
}
}
安全切面实现(额外了解)
@Before("@annotation(requiresPermission)")
public void checkPermission(JoinPoint jp, RequiresPermission anno) {
User user = CurrentUser.get();
Set<String> permissions = userService.getPermissions(user.getId());
// 权限逻辑判断
boolean hasPerm = checkLogic(anno.logical(), anno.value(), permissions);
if(!hasPerm) {
log.warn("🚫 用户[{}]尝试越权访问: {}", user.getName(), jp.getSignature());
throw new ForbiddenException("权限不足!");
}
}
private boolean checkLogic(LogicalType type, String[] required, Set<String> actual) {
return type == LogicalType.OR ?
Arrays.stream(required).anyMatch(actual::contains) :
Arrays.stream(required).allMatch(actual::contains);
}
🛠️ 安全增强
-
权限变更实时生效:通过Redis Pub/Sub同步权限变更
-
敏感操作二次认证:关键操作需短信/邮件验证
-
操作审计日志:记录所有敏感操作轨迹
💾 场景三:缓存魔术师 ✨
缓存策略对比
| 策略 | 适用场景 | 优点 | 缺点 |
|---|---|---|---|
| 穿透保护 | 频繁访问不存在的数据 | 防止DB压力 | 需要维护空值缓存 |
| 击穿保护 | 热点key过期 | 保证高可用 | 增加复杂度 |
| 雪崩保护 | 大量key同时过期 | 系统稳定性高 | 内存占用可能增加 |
实现方案
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface Cacheable {
/**
* 缓存名称
*/
String cacheName();
/**
* 缓存键表达式,支持SpEL表达式
*/
String key() default "";
/**
* 过期时间(秒)
*/
long expireTime() default 300;
/**
* 是否使用方法参数作为缓存键的一部分
*/
boolean useMethodParameters() default true;
}
@Aspect
@Component
@Slf4j
public class CacheAspect {
@Autowired
private RedisTemplate<String, Object> redisTemplate;
@Autowired
private CacheKeyGenerator keyGenerator;
/**
* 定义缓存获取切点
*/
@Pointcut("@annotation(com.example.demo.annotation.Cacheable)")
public void cacheableOperation() {}
/**
* 缓存环绕通知
*/
@Around("cacheableOperation() && @annotation(cacheable)")
public Object handleCacheable(ProceedingJoinPoint joinPoint, Cacheable cacheable) throws Throwable {
// 生成缓存键
String cacheKey = generateCacheKey(joinPoint, cacheable.cacheName(), cacheable.key(), cacheable.useMethodParameters());
// 检查缓存中是否已有数据
Boolean hasKey = redisTemplate.hasKey(cacheKey);
if (Boolean.TRUE.equals(hasKey)) {
Object cachedValue = redisTemplate.opsForValue().get(cacheKey);
log.debug("Cache hit for key: {}", cacheKey);
return cachedValue;
}
// 缓存未命中,执行方法获取结果
log.debug("Cache miss for key: {}", cacheKey);
Object result = joinPoint.proceed();
// 将结果存入缓存
if (result != null) {
redisTemplate.opsForValue().set(cacheKey, result, cacheable.expireTime(), TimeUnit.SECONDS);
log.debug("Stored in cache with key: {}, expire time: {}s", cacheKey, cacheable.expireTime());
}
return result;
}
private String generateCacheKey(JoinPoint joinPoint, String cacheName, String keyExpression, boolean useParams) {
StringBuilder keyBuilder = new StringBuilder(cacheName).append(":");
// 如果提供了自定义键表达式
if (StringUtils.hasText(keyExpression)) {
String evaluatedKey = keyGenerator.generateKey(keyExpression, joinPoint);
keyBuilder.append(evaluatedKey);
} else if (useParams) {
// 使用方法签名和参数作为键
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
String methodName = signature.getName();
keyBuilder.append(methodName);
// 添加参数
Object[] args = joinPoint.getArgs();
if (args != null && args.length > 0) {
for (Object arg : args) {
if (arg != null) {
keyBuilder.append(":").append(arg.hashCode());
} else {
keyBuilder.append(":null");
}
}
}
} else {
// 仅使用方法名
keyBuilder.append(joinPoint.getSignature().getName());
}
return keyBuilder.toString();
}
}
使用示例
@Service
public class ProductService {
@Cacheable(cacheName = "products", expireTime = 3600)
public Product getById(Long id) {
return productRepository.findById(id).orElse(null);
}
@Cacheable(cacheName = "products", key = "'list:category:' + #categoryId", expireTime = 1800)
public List<Product> getByCategory(Long categoryId) {
return productRepository.findByCategoryId(categoryId);
}
}
缓存切面黑科技(额外了解)
@Around("@annotation(cacheable)")
public Object handleCache(ProceedingJoinPoint pjp, Cacheable anno) throws Throwable {
String cacheKey = generateKey(pjp, anno);
Object cached = redisTemplate.opsForValue().get(cacheKey);
if(cached != null) {
log.debug("💡 缓存命中: {}", cacheKey);
return cached;
}
log.debug("❓ 缓存未命中: {}", cacheKey);
Object result = pjp.proceed();
if(result != null) {
redisTemplate.opsForValue().set(
cacheKey,
result,
anno.expireTime() + randomOffset(), // 随机过期时间防雪崩
TimeUnit.SECONDS
);
}
return result;
}
private long randomOffset() {
return ThreadLocalRandom.current().nextLong(30); // ±30秒随机偏移
}
🚨 场景四:异常处理大师 🤹
重试策略对比
| 策略 | 公式 | 适用场景 |
|---|---|---|
| 固定间隔 | 每次等待固定时间 | 网络抖动 |
| 指数退避 | 2^(n-1)*base | 远程服务不可用 |
| 随机抖动 | base + random | 分布式系统防拥塞 |
实现方案
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface Retryable {
/**
* 最大重试次数
*/
int maxAttempts() default 3;
/**
* 重试间隔(毫秒)
*/
long backoff() default 1000;
/**
* 指定捕获的异常类型
*/
Class<? extends Throwable>[] value() default {Exception.class};
/**
* 重试策略
*/
RetryStrategy strategy() default RetryStrategy.FIXED;
/**
* 重试策略枚举
*/
enum RetryStrategy {
/**
* 固定间隔
*/
FIXED,
/**
* 指数退避
*/
EXPONENTIAL
}
}
@Aspect
@Component
@Slf4j
public class RetryAspect {
/**
* 定义可重试操作切点
*/
@Pointcut("@annotation(com.example.demo.annotation.Retryable)")
public void retryableOperation() {}
/**
* 重试环绕通知
*/
@Around("retryableOperation() && @annotation(retryable)")
public Object handleRetry(ProceedingJoinPoint joinPoint, Retryable retryable) throws Throwable {
int attempts = 0;
Class<? extends Throwable>[] retryableExceptions = retryable.value();
Retryable.RetryStrategy strategy = retryable.strategy();
while (true) {
attempts++;
try {
// 执行目标方法
return joinPoint.proceed();
} catch (Throwable t) {
// 检查是否是需要重试的异常类型
boolean shouldRetry = false;
for (Class<? extends Throwable> exceptionType : retryableExceptions) {
if (exceptionType.isInstance(t)) {
shouldRetry = true;
break;
}
}
// 如果不需要重试,或者达到最大重试次数,则抛出异常
if (!shouldRetry || attempts >= retryable.maxAttempts()) {
log.warn("Method {} failed after {} attempts: {}",
joinPoint.getSignature().getName(), attempts, t.getMessage());
throw t;
}
// 计算重试等待时间
long waitTime;
if (strategy == Retryable.RetryStrategy.EXPONENTIAL) {
// 指数退避: 基础时间 * 2^(尝试次数-1)
waitTime = retryable.backoff() * (long) Math.pow(2, attempts - 1);
} else {
// 固定间隔
waitTime = retryable.backoff();
}
log.info("Retrying {} (attempt {}/{}) after {} ms due to: {}",
joinPoint.getSignature().getName(),
attempts,
retryable.maxAttempts(),
waitTime,
t.getMessage());
// 等待指定时间后重试
Thread.sleep(waitTime);
}
}
}
}
使用示例
@Service
public class PaymentService {
@Retryable(
value = {ConnectException.class, TimeoutException.class, PaymentGatewayException.class},
maxAttempts = 3,
backoff = 2000,
strategy = Retryable.RetryStrategy.EXPONENTIAL
)
public PaymentResult processPayment(String orderId, BigDecimal amount) {
log.info("Processing payment for order {} with amount {}", orderId, amount);
// 调用远程支付网关
return paymentGateway.processPayment(orderId, amount);
}
}
幂等性实现(额外了解)
@Around("@annotation(idempotent)")
public Object handleIdempotent(ProceedingJoinPoint pjp, Idempotent anno) throws Throwable {
String lockKey = "idempotent:" + parseKey(pjp, anno);
Boolean locked = redisTemplate.opsForValue().setIfAbsent(
lockKey, "processing", 30, TimeUnit.SECONDS);
if(!Boolean.TRUE.equals(locked)) {
String status = redisTemplate.opsForValue().get(lockKey);
// 状态机处理...
}
try {
Object result = pjp.proceed();
redisTemplate.opsForValue().set(lockKey, "success", 300, TimeUnit.SECONDS);
return result;
} catch(Exception e) {
redisTemplate.opsForValue().set(lockKey, "failed:"+e.getMessage(), 60, TimeUnit.SECONDS);
throw e;
}
}
🏆 最佳实践指南
AOP设计黄金法则
-
切面粒度:每个切面只做一件事
-
执行顺序:使用
@Order控制切面顺序 -
异常处理:切面内部做好异常捕获
-
性能监控:切面本身要轻量高效
常见陷阱
-
⚠️ 循环依赖:切面不要直接依赖业务Bean
-
⚠️ 代理失效:内部方法调用不走代理
-
⚠️ 线程安全:切面中不要保存状态
🌟 结语:AOP的星辰大海
通过这4大场景的实战演练,相信你已经掌握AOP这把双刃剑!但请记住:
“With great power comes great responsibility”
AOP虽好,但过度使用会让代码变成"面条式"结构。合理运用,才能让代码既有弹性又保持优雅!
扫一扫
1120
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
