use of com.megagao.production.ssm.domain.authority.SysPermission in project production_ssm by megagao.
the class CustomRealm method doGetAuthorizationInfo.
/**
* realm的授权方法
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// 从 principals获取主身份信息
// 将getPrimaryPrincipal方法返回值转为真实身份类型(在上边的doGetAuthenticationInfo认证通过填充到SimpleAuthenticationInfo中身份类型),
ActiveUser activeUser = (ActiveUser) principals.getPrimaryPrincipal();
// 根据身份信息从数据库获取到权限数据
List<SysPermission> permissionList = null;
try {
permissionList = sysService.findPermissionListByUserId(activeUser.getUserid());
} catch (Exception e) {
logger.error(e.getMessage());
}
List<String> permissions = new ArrayList<String>();
if (permissionList != null) {
for (SysPermission sysPermission : permissionList) {
permissions.add(sysPermission.getPercode());
}
}
// 查到权限数据,返回授权信息(要包括 上边的permissions)
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
// 将上边查询到授权信息填充到simpleAuthorizationInfo对象中
simpleAuthorizationInfo.addStringPermissions(permissions);
return simpleAuthorizationInfo;
}
use of com.megagao.production.ssm.domain.authority.SysPermission in project production_ssm by megagao.
the class CustomRealm method doGetAuthenticationInfo.
/**
* realm的认证方法,从数据库查询用户信息
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// token是用户输入的用户名和密码,第一步从token中取出用户名
String username = (String) token.getPrincipal();
// 第二步:根据用户输入的username从数据库查询
SysUser sysUser = null;
try {
sysUser = sysService.getSysUserByName(username);
} catch (Exception e) {
logger.error(e.getMessage());
}
// 如果查询不到返回null
if (sysUser == null) {
if (logger.isDebugEnabled()) {
logger.debug("user not exist!");
}
return null;
}
String password = sysUser.getPassword();
// 如果查询到返回认证信息AuthenticationInfo
// activeUser就是用户身份信息
ActiveUser activeUser = new ActiveUser();
activeUser.setUserid(sysUser.getId());
activeUser.setUsername(sysUser.getUsername());
activeUser.setUserStatus(sysUser.getLocked());
RoleVO sysRole = null;
try {
sysRole = roleService.findRoleByUserId(sysUser.getId());
} catch (Exception e) {
logger.error(e.getMessage());
}
activeUser.setRolename(sysRole.getRoleName());
activeUser.setRoleStatus(sysRole.getAvailable());
logger.info(activeUser.getUsername());
// 根据用户id取出菜单
List<SysPermission> menus = null;
try {
// 通过service取出菜单
menus = sysService.findMenuListByUserId(sysUser.getId());
} catch (Exception e) {
logger.error(e.getMessage());
}
// 将用户菜单设置到activeUser
activeUser.setMenus(menus);
// ByteSource q = ByteSource.Util.bytes(sysUser.getSalt());
// 将activeUser设置simpleAuthenticationInfo
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(activeUser, password, this.getName());
return simpleAuthenticationInfo;
}
use of com.megagao.production.ssm.domain.authority.SysPermission in project production_ssm by megagao.
the class FirstController method home.
// 首页
@RequestMapping("/home")
public String home(HttpSession session, Model model) throws Exception {
Subject subject = SecurityUtils.getSubject();
ActiveUser activeUser = (ActiveUser) subject.getPrincipal();
List<SysPermission> permissionList = null;
try {
permissionList = sysService.findPermissionListByUserId(activeUser.getUserid());
} catch (Exception e) {
logger.error(ERROR_HAPPENS, e.getMessage());
}
List<String> sysPermissionList = CollectionsFactory.newArrayList();
if (permissionList != null) {
for (int i = 0; i < permissionList.size(); i++) {
sysPermissionList.add(permissionList.get(i).getPercode());
}
}
model.addAttribute(ACTIVE_USER, activeUser);
session.setAttribute("sysPermissionList", sysPermissionList);
return "home";
}
Aggregations