【Shiro】06 自定义Realm授权实现

 

创建一个激活的用户类：

public class ActiverUser {
    private User user;
    private List<String> roleList;
    private List<String> permitList;
} // 省略SETTER & GETTER & CONSTRUCTOR ...

对应的创建业务层：

用户业务：

public interface UserService {
    User queryUserByUserName(String username);
}

实现类：

这个Switch迷一样不支持String，不管了

public class UserServiceImpl implements UserService {

    public User queryUserByUserName(String username) {
        User user = null;
        switch (username) {
            case "zhangsan":
                user=new User(1, "zhangsan", "123456", new Date());
                break;
            case "lisi":
                user=new User(2, "lisi", "123456", new Date());
                break;
            case "wangwu":
                user=new User(3, "wangwu", "123456", new Date());
                break;
        }
        return user;
    }
}

角色业务：

根据用户名查询对应的所有角色：

public interface RoleService {
    List<String> queryRoleByUsername(String username);
}

实现类：

public class RoleServiceImpl implements RoleService {
    public List<String> queryRoleByUsername(String username) {
        return Arrays.asList("role1", "role2", "role3");
    }
}

权限业务：

public interface PermissionService {
    List<String> queryPermissionByUsername(String username);
}

实现类：

public class PermissionServiceImpl implements PermissionService{
    public List<String> queryPermissionByUsername(String username) {
        return Arrays.asList("user:query", "user:insert", "user:update", "user:delete");
    }
}

UserRealm的修改：

package cn.echo42.shiro;

import cn.echo42.pojo.User;
import cn.echo42.service.*;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.util.Collection;
import java.util.List;

/**
 * @author DaiZhiZhou
 * @file Shiro
 * @create 2020-08-01 18:38
 */
public class UserRealm extends AuthorizingRealm {

    private UserService userService = new UserServiceImpl();
    private RoleService roleService = new RoleServiceImpl();
    private PermissionService permissionService = new PermissionServiceImpl();

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        ActiverUser activerUser = (ActiverUser) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        
        //添加角色
        Collection<String> roles = activerUser.getRoleList();
        // 角色存在
        if(null != roles && roles.size() > 0) {
            info.addRoles(roles);
        }
        
        Collection<String> permissions = activerUser.getPermitList();
        //添加权限
        if(null != permissions && permissions.size() > 0) {
            info.addStringPermissions(permissions);
        }
//        if(activerUser.getUser().getType()==0) {
//            info.addStringPermission("*:*");
//        }
        return info;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        // 通过提交的令牌获取信息（用户名称？）
        String principal = authenticationToken.getPrincipal().toString();

        // 查询数据库得到记录
        User user = userService.queryUserByUserName(principal);

        // user非空
        if(null != user) {
            // 装载用户到权限的所有信息
            List<String> roles = roleService.queryRoleByUsername(user.getUsername());
            List<String> permissions = permissionService.queryPermissionByUsername(user.getUsername());
            ActiverUser activerUser = new ActiverUser(user, roles, permissions);

            // 返回认证信息出去
            return new SimpleAuthenticationInfo(activerUser, authenticationToken.getCredentials(), this.getName());
        }
        return null;
    }
}