shiro授权时前端js如何拿到数据库查到的权限字符串

---恢复内容开始---

思路：数据库查询权限表，将权限存入session作用域，前台定义js变量获取，js分割字符串，拿到权限字符串

代码

后台查数据库存入session

package com.baizhi.shiro;

import com.baizhi.entity.Admin;
import com.baizhi.entity.Authority; import com.baizhi.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授权 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主体赋予 角色 权限 通过主体 查 角色 通过角色 查 权限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List authorities = admin.getAuthorityList(); List list = new ArrayList<>(); //获取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色赋予 for (Authority authority : authorities) {//权限赋予  list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }

前台获取session数据：

//登陆者的权限获取
       var authorities="<%=session.getAttribute("authorities")%>";
       console.log(authorities)//打印出来为：[add,query,delete] 单纯的字符串形式，并不是数组["add","query","delete"],接下来进行分割得到需要的权限字符串
       var resultpers = authorities.replace('[','').replace(']','').split(',');
　　　　//分割后的resultpers为字符串数组["add","query","delete"]，for或者$.each(resultpers, function(i, n){}遍历即可拿到值（i坐标，n为值）

不是最好办法，但可以解决遇到的问题

 

 

 

---恢复内容结束---

思路：数据库查询权限表，将权限存入session作用域，前台定义js变量获取，js分割字符串，拿到权限字符串

代码

后台查数据库存入session

package com.baizhi.shiro;

import com.baizhi.entity.Admin;
import com.baizhi.entity.Authority; import com.baizhi.service.AdminService; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import javax.servlet.http.HttpSession; import java.util.ArrayList; import java.util.List; public class MyReal extends AuthorizingRealm { @Autowired AdminService adminService; @Override//授权 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { //主体赋予 角色 权限 通过主体 查 角色 通过角色 查 权限 System.out.println("=============================================++++++++000000"); String primaryPrincipal = (String)principalCollection.getPrimaryPrincipal(); Admin admin = adminService.AdminAuthority(primaryPrincipal); String role = admin.getDuty(); System.out.println(role); List authorities = admin.getAuthorityList(); List list = new ArrayList<>(); //获取session ServletRequestAttributes attrs =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpSession session = attrs.getRequest().getSession(); // session.setAttribute("authorities",authorities); session.setAttribute("role",role); SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo(); authorizationInfo.addRole(role);//角色赋予 for (Authority authority : authorities) {//权限赋予  list.add(authority.getOperate_right()); System.out.println(authority.getOperate_right()); authorizationInfo.addStringPermission(authority.getOperate_right()); } session.setAttribute("authorities",list); return authorizationInfo; } @Override//认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { String adminName = (String) authenticationToken.getPrincipal(); Admin admin = adminService.loginCheck(adminName); AuthenticationInfo authenticationInfo = null; if (admin!=null) { System.out.println("shiro---"+admin); authenticationInfo = new SimpleAuthenticationInfo(admin.getName(), "68609b8b64988c0f4def093eaa025e05", ByteSource.Util.bytes("abcd"), this.getName()); return authenticationInfo; } return null; } }

前台获取session数据：

//登陆者的权限获取
       var authorities="<%=session.getAttribute("authorities")%>";
       console.log(authorities)//打印出来为：[add,query,delete] 单纯的字符串形式，并不是数组["add","query","delete"],接下来进行分割得到需要的权限字符串
       var resultpers = authorities.replace('[','').replace(']','').split(',');
　　　　//分割后的resultpers为字符串数组["add","query","delete"]，for或者$.each(resultpers, function(i, n){}遍历即可拿到值（i坐标，n为值）

不是最好办法，但可以解决遇到的问题

 

转载于:https://www.cnblogs.com/lhc-hhh/p/10235817.html