一、数据库表准备
创建权限表及角色权限对应表
USE shirodb
CREATE TABLE permissions(
id BIGINT(20) NOT NULL AUTO_INCREMENT,
`name` VARCHAR(30) DEFAULT NULL,
info VARCHAR(30) DEFAULT NULL,
`desc` VARCHAR(50) DEFAULT NULL,
PRIMARY KEY(id)
)ENGINE=INNODB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
INSERT INTO permissions VALUES(1,'删除用户','user:delete','删除用户');
INSERT INTO permissions VALUES(2,'新增用户','user:add','新增用户');
INSERT INTO permissions VALUES(3,'修改用户','user:edit','修改用户');
CREATE TABLE role_ps(
id BIGINT(20) NOT NULL AUTO_INCREMENT,
rid BIGINT(20) NOT NULL,
pid BIGINT(20) NOT NULL,
PRIMARY KEY(id)
)ENGINE=INNODB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
INSERT INTO role_ps VALUES(1,1,1);
INSERT INTO role_ps VALUES(2,1,2);
INSERT INTO role_ps VALUES(3,1,3);
二、示例
2.1、沿用上一篇博客项目
2.2、在UserMapper中添加根据角色名称查询权限信息功能
@Select({
"<script>",
"select info from permissions where id in" ,
"(select pid from role_ps where rid in(",
"select id from role where name in",
"<foreach collection='roles' item='name' open='(' separator=',' close=')'>",
"#{name}",
"</foreach>",
"))",
"</script>"
})
List<String> getUserPermissionInfoMapper(@Param("roles") List<String> roles);
2.3、UserService
//获取用户角色权限信息
List<String> getUserPermissionInfo(List<String> roles);
2.4、UserServiceImpl
//获取用户角色权限信息
@Override
public List<String> getUserPermissionInfo(List<String> roles) {
return userMapper.getUserPermissionInfoMapper(roles);
}
2.5、MyRealm
//自定义授权方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("自定义授权方法!");
//1.获取用户身份信息
String principal = principalCollection.getPrimaryPrincipal().toString();
//2.调用业务层获取用户的角色信息(从数据库)
List<String> roles = userService.getUserRoleInfo(principal);
System.out.println("当前用户角色信息" + roles);
//2.5调用业务层获取用户的权限信息(从数据库)
List<String> permissions = userService.getUserPermissionInfo(roles);
System.out.println("当前用户权限信息" + permissions);
//3.创建对象,封装当前登录用户的角色、权限信息
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addRoles(roles);
info.addStringPermissions(permissions);
//3.返回信息
return info;
}
2.6、main.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>Shiro登录认证后主页面</h1>
<br>
登录用户为:<span th:text="${session.user}"></span>
<br>
<a href="/logout">登出</a>
<br>
<a href="/myController/userLoginRoles">测试授权-角色验证</a>
<br>
<a href="/myController/userPermissions">测试授权-权限验证</a>
</body>
</html>
2.7、MyController
//登录验证权限
@RequiresPermissions("user:delete")
@GetMapping("userPermissions")
@ResponseBody
public String userLoginPermissions(){
System.out.println("登录验证权限");
return "验证权限成功!";
}