Search in sources :

Example 1 with Resources

use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.

the class ShiroServiceImpl method loadFilterChainDefinitions.

/**
 * 初始化权限
 */
@Override
public Map<String, String> loadFilterChainDefinitions() {
    /*
            配置访问权限
            - anon:所有url都都可以匿名访问
            - authc: 需要认证才能进行访问(此处指所有非匿名的路径都需要登录才能访问)
            - user:配置记住我或认证通过可以访问
         */
    Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
    // 配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了
    filterChainDefinitionMap.put("/passport/logout", "logout");
    filterChainDefinitionMap.put("/passport/login", "anon");
    filterChainDefinitionMap.put("/passport/signin", "anon");
    filterChainDefinitionMap.put("/websocket", "anon");
    filterChainDefinitionMap.put("/favicon.ico", "anon");
    filterChainDefinitionMap.put("/error", "anon");
    filterChainDefinitionMap.put("/assets/**", "anon");
    filterChainDefinitionMap.put("/plugin/**", "anon");
    filterChainDefinitionMap.put("/vendors/**", "anon");
    filterChainDefinitionMap.put("/getKaptcha", "anon");
    // 加载数据库中配置的资源权限列表
    List<Resources> resourcesList = resourcesService.listUrlAndPermission();
    if (CollectionUtils.isEmpty(resourcesList)) {
        throw new ZhydException("未加载到resources内容,请确认是否执行了init_data.sql");
    }
    for (Resources resources : resourcesList) {
        if (!StringUtils.isEmpty(resources.getUrl()) && !StringUtils.isEmpty(resources.getPermission())) {
            String permission = "perms[" + resources.getPermission() + "]";
            filterChainDefinitionMap.put(resources.getUrl(), permission);
        }
    }
    // 本博客中并不存在什么特别关键的操作,所以直接使用user认证。如果有朋友是参考本博客的shiro开发其他安全功能(比如支付等)时,建议针对这类操作使用authc权限 by yadong.zhang
    filterChainDefinitionMap.put("/**", "user");
    return filterChainDefinitionMap;
}
Also used : ZhydException(com.zyd.blog.framework.exception.ZhydException) Resources(com.zyd.blog.business.entity.Resources) LinkedHashMap(java.util.LinkedHashMap)

Example 2 with Resources

use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.

the class SysResourcesServiceImpl method findPageBreakByCondition.

/**
 * 分页查询
 *
 * @param vo
 * @return
 */
@Override
public PageInfo<Resources> findPageBreakByCondition(ResourceConditionVO vo) {
    PageHelper.startPage(vo.getPageNumber(), vo.getPageSize());
    List<SysResources> sysResources = resourceMapper.findPageBreakByCondition(vo);
    if (CollectionUtils.isEmpty(sysResources)) {
        return null;
    }
    List<Resources> resources = this.getResources(sysResources);
    PageInfo bean = new PageInfo<SysResources>(sysResources);
    bean.setList(resources);
    return bean;
}
Also used : PageInfo(com.github.pagehelper.PageInfo) SysResources(com.zyd.blog.persistence.beans.SysResources) Resources(com.zyd.blog.business.entity.Resources) SysResources(com.zyd.blog.persistence.beans.SysResources)

Example 3 with Resources

use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.

the class ShiroRealm method doGetAuthorizationInfo.

/**
 * 权限认证,为当前登录的Subject授予角色和权限(角色的权限信息集合)
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    // 权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Long userId = (Long) SecurityUtils.getSubject().getPrincipal();
    // 赋予角色
    List<Role> roleList = roleService.listRolesByUserId(userId);
    if (null != roleList) {
        for (Role role : roleList) {
            info.addRole(role.getName());
        }
    }
    // 赋予权限
    List<Resources> resourcesList = null;
    User user = userService.getByPrimaryKey(userId);
    if (null == user) {
        return info;
    }
    // ROOT用户默认拥有所有权限
    if (UserTypeEnum.ROOT.toString().equalsIgnoreCase(user.getUserType())) {
        resourcesList = resourcesService.listAll();
    } else {
        resourcesList = resourcesService.listByUserId(userId);
    }
    if (!CollectionUtils.isEmpty(resourcesList)) {
        Set<String> permissionSet = new HashSet<>();
        for (Resources resources : resourcesList) {
            String permission = null;
            if (!StringUtils.isEmpty(permission = resources.getPermission())) {
                permissionSet.addAll(Arrays.asList(permission.trim().split(",")));
            }
        }
        info.setStringPermissions(permissionSet);
    }
    return info;
}
Also used : Role(com.zyd.blog.business.entity.Role) SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) User(com.zyd.blog.business.entity.User) Resources(com.zyd.blog.business.entity.Resources) HashSet(java.util.HashSet)

Example 4 with Resources

use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.

the class SysResourcesServiceImpl method getByPrimaryKey.

@Override
public Resources getByPrimaryKey(Long primaryKey) {
    Assert.notNull(primaryKey, "PrimaryKey不可为空!");
    SysResources sysResources = resourceMapper.selectByPrimaryKey(primaryKey);
    return null == sysResources ? null : new Resources(sysResources);
}
Also used : SysResources(com.zyd.blog.persistence.beans.SysResources) Resources(com.zyd.blog.business.entity.Resources) SysResources(com.zyd.blog.persistence.beans.SysResources)

Aggregations

Resources (com.zyd.blog.business.entity.Resources)4 SysResources (com.zyd.blog.persistence.beans.SysResources)2 PageInfo (com.github.pagehelper.PageInfo)1 Role (com.zyd.blog.business.entity.Role)1 User (com.zyd.blog.business.entity.User)1 ZhydException (com.zyd.blog.framework.exception.ZhydException)1 HashSet (java.util.HashSet)1 LinkedHashMap (java.util.LinkedHashMap)1 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1