• shiro授权


    shiro授权角色、权限

    ShiroUserMapper.xml中新增内容

    <select id="getRolesByUserId" resultType="java.lang.String" parameterType="java.lang.Integer">
      select r.roleid from t_shiro_user u,t_shiro_user_role ur,t_shiro_role r
        where u.userid = ur.userid and ur.roleid = r.roleid
        and u.userid = #{userid}
    </select>
      <select id="getPersByUserId" resultType="java.lang.String" parameterType="java.lang.Integer">
      select p.perid from t_shiro_user u,t_shiro_user_role ur,t_shiro_role_permission rp,t_shiro_permission p
      where u.userid = ur.userid and ur.roleid = rp.roleid and rp.perid = p.perid
      and u.userid = #{userid}
    </select>

    mapper接口

      /**
         * 查询角色id
         */
        Set<String> getRolesByUserId(@Param("userid")Integer userid);
        /**
         * 查询权限id
         * @param userid
         * @return
         */
        Set<String> getPersByUserId(@Param("userid")Integer userid);

    Service层

    package com.huang.service;
    
    import com.huang.model.ShiroUser;
    
    import java.util.Set;
    
    /**
     * @auther 宇晨
     * @company
     * @create 2019-11-03-21:31
     */
    public interface ShiroUserService {
        ShiroUser queryByName(String uname);
        int insert(ShiroUser record);
    
        Set<String> getRolesByUserId(Integer userid);
        Set<String> getPersByUserId(Integer userid);
    }
    package com.huang.service.impl;
    
    import com.huang.mapper.ShiroUserMapper;
    import com.huang.model.ShiroUser;
    import com.huang.service.ShiroUserService;
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.stereotype.Service;
    
    import java.util.Set;
    
    /**
     * @auther 宇晨
     * @company
     * @create 2019-11-03-21:32
     */
    @Service("shiroUserService")
    public class ShiroUserServiceImpl implements ShiroUserService {
        @Autowired
        private ShiroUserMapper shiroUserMapper;
        @Override
        public ShiroUser queryByName(String uname) {
            return shiroUserMapper.queryByName(uname);
        }
    
        @Override
        public int insert(ShiroUser record) {
            return shiroUserMapper.insert(record);
        }
    
        @Override
        public Set<String> getRolesByUserId(Integer userid) {
            return shiroUserMapper.getRolesByUserId(userid);
        }
    
        @Override
        public Set<String> getPersByUserId(Integer userid) {
            return shiroUserMapper.getPersByUserId(userid);
        }
    }

    重写自定义realm中的授权方法

    /**
         * 授权的方法
         * @param principalCollection
         * @return
         */
        @Override
        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    
            String uname = principalCollection.getPrimaryPrincipal().toString();
            ShiroUser shiroUser = this.shiroUserService.queryByName(uname);
            Set<String> perids = this.shiroUserService.getPersByUserId(shiroUser.getUserid());
            Set<String> roleids = this.shiroUserService.getRolesByUserId(shiroUser.getUserid());
            SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
            info.setRoles(roleids);
            info.setStringPermissions(perids);
            return info;
        }

    注解式开发

    常用注解介绍

     @RequiresAuthenthentication:表示当前Subject已经通过login进行身份验证;即 Subject.isAuthenticated()返回 true
    
      @RequiresUser:表示当前Subject已经身份验证或者通过记住我登录的
    
      @RequiresGuest:表示当前Subject没有身份验证或者通过记住我登录过,即是游客身份
    
      @RequiresRoles(value = {"admin","user"},logical = Logical.AND):表示当前Subject需要角色admin和user
    
      @RequiresPermissions(value = {"user:delete","user:b"},logical = Logical.OR):表示当前Subject需要权限user:delete或者user:b

    注解的使用

    Controller层

     /**
         * 用户必须登录后才能请求
         * @return
         */
        @RequiresUser
        @ResponseBody
        @RequestMapping("/passUser")
        public String passUser(){
            return "身份认证成功,能够访问!!!";
        }
    
        /**
         * 用户必须拥有角色id为1和4 的这两个角色
         * @return
         */
        @RequiresRoles(value={"1","6"},logical = Logical.OR)
        @ResponseBody
        @RequestMapping("/passRole")
        public String passRole(){
            return "角色认证成功,能够访问!!!";
        }
    
        /**
         * 用户必须拥有 user:update 或 user:view 权限才能访问
         * @return
         */
        @RequiresPermissions(value = {"user:updata","user.load"},logical = Logical.AND)
        @ResponseBody
        @RequestMapping("/passPer")
        public String passPer(){
            return "权限认证成功,能够访问!!!";
        }

    springmvc.xml

        <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
              depends-on="lifecycleBeanPostProcessor">
            <property name="proxyTargetClass" value="true"></property>
        </bean>
        <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
            <property name="securityManager" ref="securityManager"/>
        </bean>
    
        <bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
            <property name="exceptionMappings">
                <props>
                    <prop key="org.apache.shiro.authz.UnauthorizedException">
                        unauthorized
                    </prop>
                </props>
            </property>
            <property name="defaultErrorView" value="unauthorized"/>
        </bean>

    jsp代码测试

    <ul>
        shiro注解
        <li>
            <a href="${pageContext.request.contextPath}/passUser">用户认证</a>
        </li>
        <li>
            <a href="${pageContext.request.contextPath}/passRole">角色</a>
        </li>
        <li>
            <a href="${pageContext.request.contextPath}/passPer">权限认证</a>
        </li>
    </ul>

     预测结果

    zs只能查看身份认证的按钮内容

    ls、ww可以看权限认证按钮内容

    zdm可以看所有按钮的内容

  • 相关阅读:
    小程序中template的用法
    小程序弹窗的几种形式
    js怎样截取以'-'分割的字符串
    js怎样截取字符串后几位以及截取字符串前几位
    局域网聊天软件项目小结(1)
    IPAddress类
    Combobox 成员添加
    tcpclient 类
    console.read()读入的内容
    技术带来的进步与退步---一点点反思
  • 原文地址:https://www.cnblogs.com/bf6rc9qu/p/11796764.html
Copyright © 2020-2023  润新知