---恢复内容开始---
思路:数据库查询权限表,将权限存入session作用域,前台定义js变量获取,js分割字符串,拿到权限字符串
代码
后台查数据库存入session
package com.baizhi.shiro;
import com.baizhi.entity.Admin;
import com.baizhi.entity.Authority; import com.baizhi.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授权 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主体赋予 角色 权限 通过主体 查 角色 通过角色 查 权限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List<Authority> authorities = admin.getAuthorityList(); List<String> list = new ArrayList<>(); //获取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色赋予 for (Authority authority : authorities) {//权限赋予 list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }
前台获取session数据:
//登陆者的权限获取
var authorities="<%=session.getAttribute("authorities")%>";
console.log(authorities)//打印出来为:[add,query,delete] 单纯的字符串形式,并不是数组["add","query","delete"],接下来进行分割得到需要的权限字符串
var resultpers = authorities.replace('[','').replace(']','').split(',');
//分割后的resultpers为字符串数组["add","query","delete"],for或者$.each(resultpers, function(i, n){}遍历即可拿到值(i坐标,n为值)
不是最好办法,但可以解决遇到的问题
---恢复内容结束---
思路:数据库查询权限表,将权限存入session作用域,前台定义js变量获取,js分割字符串,拿到权限字符串
代码
后台查数据库存入session
package com.baizhi.shiro;
import com.baizhi.entity.Admin;
import com.baizhi.entity.Authority; import com.baizhi.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授权 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主体赋予 角色 权限 通过主体 查 角色 通过角色 查 权限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List<Authority> authorities = admin.getAuthorityList(); List<String> list = new ArrayList<>(); //获取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色赋予 for (Authority authority : authorities) {//权限赋予 list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }
前台获取session数据:
//登陆者的权限获取
var authorities="<%=session.getAttribute("authorities")%>";
console.log(authorities)//打印出来为:[add,query,delete] 单纯的字符串形式,并不是数组["add","query","delete"],接下来进行分割得到需要的权限字符串
var resultpers = authorities.replace('[','').replace(']','').split(',');
//分割后的resultpers为字符串数组["add","query","delete"],for或者$.each(resultpers, function(i, n){}遍历即可拿到值(i坐标,n为值)
不是最好办法,但可以解决遇到的问题