---恢復內容開始---
思路:數據庫查詢權限表,將權限存入session作用域,前台定義js變量獲取,js分割字符串,拿到權限字符串
代碼
后台查數據庫存入session
package com.lhc.shiro; import com.lhc.entity.Admin; import com.lhc.entity.Authority; import com.lhc.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授權 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主體賦予 角色 權限 通過主體 查 角色 通過角色 查 權限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List<Authority> authorities = admin.getAuthorityList(); List<String> list = new ArrayList<>(); //獲取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色賦予 for (Authority authority : authorities) {//權限賦予 list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//認證 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }
前台獲取session數據:
//登陸者的權限獲取 var authorities="<%=session.getAttribute("authorities")%>"; console.log(authorities)//打印出來為:[add,query,delete] 單純的字符串形式,並不是數組["add","query","delete"],接下來進行分割得到需要的權限字符串 var resultpers = authorities.replace('[','').replace(']','').split(',');
//分割后的resultpers為字符串數組["add","query","delete"],for或者$.each(resultpers, function(i, n){}遍歷即可拿到值(i坐標,n為值)