shiro授权时前端js如何拿到数据库查到的权限字符串

---恢复内容开始---

思路:数据库查询权限表,将权限存入session作用域,前台定义js变量获取,js分割字符串,拿到权限字符串

代码

后台查数据库存入session

package com.baizhi.shiro;

import com.baizhi.entity.Admin;
import com.baizhi.entity.Authority; import com.baizhi.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授权 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主体赋予 角色 权限 通过主体 查 角色 通过角色 查 权限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List<Authority> authorities = admin.getAuthorityList(); List<String> list = new ArrayList<>(); //获取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色赋予 for (Authority authority : authorities) {//权限赋予  list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }

前台获取session数据:

//登陆者的权限获取
       var authorities="<%=session.getAttribute("authorities")%>";
       console.log(authorities)//打印出来为:[add,query,delete] 单纯的字符串形式,并不是数组["add","query","delete"],接下来进行分割得到需要的权限字符串
       var resultpers = authorities.replace('[','').replace(']','').split(',');
    //分割后的resultpers为字符串数组["add","query","delete"],for或者$.each(resultpers, function(i, n){}遍历即可拿到值(i坐标,n为值)

不是最好办法,但可以解决遇到的问题

 

 

 

---恢复内容结束---

思路:数据库查询权限表,将权限存入session作用域,前台定义js变量获取,js分割字符串,拿到权限字符串

代码

后台查数据库存入session

package com.baizhi.shiro;

import com.baizhi.entity.Admin;
import com.baizhi.entity.Authority; import com.baizhi.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授权 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主体赋予 角色 权限 通过主体 查 角色 通过角色 查 权限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List<Authority> authorities = admin.getAuthorityList(); List<String> list = new ArrayList<>(); //获取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色赋予 for (Authority authority : authorities) {//权限赋予  list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }

前台获取session数据:

//登陆者的权限获取
       var authorities="<%=session.getAttribute("authorities")%>";
       console.log(authorities)//打印出来为:[add,query,delete] 单纯的字符串形式,并不是数组["add","query","delete"],接下来进行分割得到需要的权限字符串
       var resultpers = authorities.replace('[','').replace(']','').split(',');
    //分割后的resultpers为字符串数组["add","query","delete"],for或者$.each(resultpers, function(i, n){}遍历即可拿到值(i坐标,n为值)

不是最好办法,但可以解决遇到的问题

 

转载于:https://www.cnblogs.com/lhc-hhh/p/10235817.html

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值