use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.
the class ShiroServiceImpl method loadFilterChainDefinitions.
/**
* 初始化权限
*/
@Override
public Map<String, String> loadFilterChainDefinitions() {
/*
配置访问权限
- anon:所有url都都可以匿名访问
- authc: 需要认证才能进行访问(此处指所有非匿名的路径都需要登录才能访问)
- user:配置记住我或认证通过可以访问
*/
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
// 配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了
filterChainDefinitionMap.put("/passport/logout", "logout");
filterChainDefinitionMap.put("/passport/login", "anon");
filterChainDefinitionMap.put("/passport/signin", "anon");
filterChainDefinitionMap.put("/websocket", "anon");
filterChainDefinitionMap.put("/favicon.ico", "anon");
filterChainDefinitionMap.put("/error", "anon");
filterChainDefinitionMap.put("/assets/**", "anon");
filterChainDefinitionMap.put("/plugin/**", "anon");
filterChainDefinitionMap.put("/vendors/**", "anon");
filterChainDefinitionMap.put("/getKaptcha", "anon");
// 加载数据库中配置的资源权限列表
List<Resources> resourcesList = resourcesService.listUrlAndPermission();
if (CollectionUtils.isEmpty(resourcesList)) {
throw new ZhydException("未加载到resources内容,请确认是否执行了init_data.sql");
}
for (Resources resources : resourcesList) {
if (!StringUtils.isEmpty(resources.getUrl()) && !StringUtils.isEmpty(resources.getPermission())) {
String permission = "perms[" + resources.getPermission() + "]";
filterChainDefinitionMap.put(resources.getUrl(), permission);
}
}
// 本博客中并不存在什么特别关键的操作,所以直接使用user认证。如果有朋友是参考本博客的shiro开发其他安全功能(比如支付等)时,建议针对这类操作使用authc权限 by yadong.zhang
filterChainDefinitionMap.put("/**", "user");
return filterChainDefinitionMap;
}
use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.
the class SysResourcesServiceImpl method findPageBreakByCondition.
/**
* 分页查询
*
* @param vo
* @return
*/
@Override
public PageInfo<Resources> findPageBreakByCondition(ResourceConditionVO vo) {
PageHelper.startPage(vo.getPageNumber(), vo.getPageSize());
List<SysResources> sysResources = resourceMapper.findPageBreakByCondition(vo);
if (CollectionUtils.isEmpty(sysResources)) {
return null;
}
List<Resources> resources = this.getResources(sysResources);
PageInfo bean = new PageInfo<SysResources>(sysResources);
bean.setList(resources);
return bean;
}
use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.
the class ShiroRealm method doGetAuthorizationInfo.
/**
* 权限认证,为当前登录的Subject授予角色和权限(角色的权限信息集合)
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
// 权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Long userId = (Long) SecurityUtils.getSubject().getPrincipal();
// 赋予角色
List<Role> roleList = roleService.listRolesByUserId(userId);
if (null != roleList) {
for (Role role : roleList) {
info.addRole(role.getName());
}
}
// 赋予权限
List<Resources> resourcesList = null;
User user = userService.getByPrimaryKey(userId);
if (null == user) {
return info;
}
// ROOT用户默认拥有所有权限
if (UserTypeEnum.ROOT.toString().equalsIgnoreCase(user.getUserType())) {
resourcesList = resourcesService.listAll();
} else {
resourcesList = resourcesService.listByUserId(userId);
}
if (!CollectionUtils.isEmpty(resourcesList)) {
Set<String> permissionSet = new HashSet<>();
for (Resources resources : resourcesList) {
String permission = null;
if (!StringUtils.isEmpty(permission = resources.getPermission())) {
permissionSet.addAll(Arrays.asList(permission.trim().split(",")));
}
}
info.setStringPermissions(permissionSet);
}
return info;
}
use of com.zyd.blog.business.entity.Resources in project OneBlog by zhangyd-c.
the class SysResourcesServiceImpl method getByPrimaryKey.
@Override
public Resources getByPrimaryKey(Long primaryKey) {
Assert.notNull(primaryKey, "PrimaryKey不可为空!");
SysResources sysResources = resourceMapper.selectByPrimaryKey(primaryKey);
return null == sysResources ? null : new Resources(sysResources);
}
Aggregations