1、MyExpressionRoot.java
@Component("ex")
public class MyExpressionRoot {
public boolean hasAuthority(String authority){
//获取身份令牌
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
//获取权限
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
//循环判断
for (GrantedAuthority grantedAuthority : authorities) {
String role = grantedAuthority.getAuthority();
if (role.equals(authority)) {
return true;
}
}
return false;
}
}
2、使用
@DeleteMapping("delete")
//ex是校验实力在Spring容器中的唯一标识
@PreAuthorize("@ex.hasAuthority('delete')")
public String delete() {
return "删除成功!";
}