shiro教程之编程式授权

最新推荐文章于 2022-08-24 03:10:26 发布

senga07

最新推荐文章于 2022-08-24 03:10:26 发布

阅读量521

点赞数

分类专栏： shrio

本文链接：https://blog.csdn.net/gates0087/article/details/54705845

版权

shrio 专栏收录该内容

4 篇文章 0 订阅

订阅专栏

一、权限认证的核心要素
权限认证即访问控制：在应用中控制谁能访问哪些资源。在权限认证中，最核心的三要素是：权限、角色和用户；
权限，即操作资源的权利，比如访问某个页面，以及对某个模块的数据的加载、修改、删除、查看的权利；
角色，是权限的集合，一种角色可以包含多种权限；
用户，是Shiro中，代表访问系统的用户，即Subject。

二、基于角色的访问控制
shiro_role.ini

[users]
root=123456,role1,role2
gates=123456,role1

package com.shiro;

import java.util.Arrays;

import org.apache.shiro.subject.Subject;
import org.junit.Test;

import com.shiro.common.ShiroUtils;

public class RoleTest {

    @Test
    public void testHasRole() {
        Subject currentUser=ShiroUtils.login("classpath:shiro_role.ini", "gates", "123456");
        System.out.println(currentUser.hasRole("role2")?"hasRole2":"notHasRole2");
        currentUser.logout();
    }

    @Test
    public void testHasRoles() {
        Subject currentUser=ShiroUtils.login("classpath:shiro_role.ini", "root", "123456");
        boolean[] result=currentUser.hasRoles(Arrays.asList("role1","role2","role3"));
        for (boolean b : result) {
            System.out.println(b);
        }
        currentUser.logout();
    }

    @Test
    public void testHasAllRoles() {
        Subject currentUser=ShiroUtils.login("classpath:shiro_role.ini", "root", "123456");
        System.out.println(currentUser.hasAllRoles(Arrays.asList("role1","role2"))?"yes":"no");
        currentUser.logout();
    }

    @Test
    public void testCheckRole() {
        //checkRole没有返回值，若没有role则抛出异常
        Subject currentUser=ShiroUtils.login("classpath:shiro_role.ini", "gates", "123456");
        currentUser.checkRole("role1");
        currentUser.logout();
    }

    @Test
    public void testCheckRoles() {
        Subject currentUser=ShiroUtils.login("classpath:shiro_role.ini", "root", "123456");
        currentUser.checkRoles("role1","role2");
        currentUser.logout();
    }
}

shiro_permission.ini

[users]
gates=123456,role1
root=123456,role1,role2
[roles]
role1=user:select
role2=user:select,user:add,user:update,user:delete

package com.shiro;

import org.apache.shiro.subject.Subject;
import org.junit.Test;

import com.shiro.common.ShiroUtils;

public class PermissionTest {

    @Test
    public void testIsPermitted() {
        Subject currentUser=ShiroUtils.login("classpath:shiro_permission.ini", "gates", "123456");
        //System.out.println(currentUser.isPermitted("user:select"));
        boolean[] result=currentUser.isPermitted("user:select","user:update");
        for (boolean b : result) {
            System.out.println(b);
        }
        currentUser.logout();
    }

    @Test
    public void testIsPermittedAll() {
        //必须全都有才返回true
        Subject currentUser=ShiroUtils.login("classpath:shiro_permission.ini", "gates", "123456");
        System.out.println(currentUser.isPermittedAll("user:select","user:update"));
        currentUser.logout();
    }

    @Test
    public void testCheckPermission() {
        //没有返回值，错误抛出异常
        Subject currentUser=ShiroUtils.login("classpath:shiro_permission.ini", "gates", "123456");
        currentUser.checkPermission("user:select");
        currentUser.logout();
    }

    @Test
    public void testCheckPermissions() {
        //没有返回值，错误抛出异常
        Subject currentUser=ShiroUtils.login("classpath:shiro_permission.ini", "root", "123456");
        currentUser.checkPermissions("user:select","user:add","user:update","user:delete");
        currentUser.logout();
    }
}