Shiro笔记(三)授权

Shiro笔记(三)授权

一、授权方式

1.编程式:

1 Subject subject=SecurityUtils.getSubject();
2 if(subject.hasRole("root")){
3     //有权限
4 } else {
5     //无权限
6 }

2.注解式:

1 @RequiresRoles("admin")
2 public void hello(){
3     //有权限才执行
4 }

3.JSP标签:

1 <shiro:hasRole name="root">
2 
3 <!--有权限-->
4 </shiro:hasRole>

 

二、授权

1.基于角色的访问控制

规则:用户名=密码,角色1,角色2......

shiro-role.ini文件:

1 [users]
2 tang=123,role1,role2
3 wang=321,role1

核心代码:

 1 /**
 2  * @author Tang Jiujia
 3  * @since 2017-10-16
 4  */
 5 public class RoleTest extends BaseTest{
 6 
 7     @Test
 8     public void testHasRole(){
 9         login("src/main/shiro-role.ini","tang","123");
10         Subject subject= SecurityUtils.getSubject();
11         Assert.assertTrue(subject.hasRole("role1"));
12         Assert.assertTrue(subject.hasAllRoles(Arrays.asList("role1","role2")));
13         boolean[] hasRoles = subject.hasRoles(Arrays.asList("role1", "role2", "role3"));
14 
15         for (int i=0;i<3;i++){
16             if (hasRoles[i]==true){
17                 System.out.println("We have role"+(i+1));
18             }else {
19                 System.out.println("We don't have role"+(i+1));
20             }
21         }
22     }
23 }
1 //checkRole与前面的hasRole不同的地方在于判断为假时会抛UnauthorizedException
2     @Test(expected = UnauthorizedException.class)
3     public void testCheckRole(){
4         login("src/main/shiro-role.ini","tang","123");
5         Subject subject= SecurityUtils.getSubject();
6         subject.checkRole("role1");
7         subject.checkRoles("role1","role5");
8     }

 

2.基于资源的访问控制

规则:用户名=密码,角色1,角色2            角色=权限1,权限2

1 [users]
2 tang=123,role1,role2
3 wang=321,role2
4 [roles]
5 role1=root:create,root:add,root:update
6 role2=root:delete,root:update

核心代码:

 1 /**
 2  * @author Tang Jiujia
 3  * @since 2017-10-16
 4  */
 5 public class PermissionTest extends BaseTest{
 6 
 7     @Test
 8     public void testIsPermission(){
 9         login("src/main/shiro-permission.ini","tang","123456");
10         Subject subject = SecurityUtils.getSubject();
11         if (subject.isPermitted("root:add1")) {
12             System.out.println("have add");
13         } else {
14             System.out.println("do not have add");
15         }
16         if (subject.isPermitted("root:update")) System.out.println("Have update permission");
17     }
18 
19     @Test
20     public void testCheckPermission(){
21         login("src/main/shiro-permission.ini","tang","123456");
22         Subject subject = SecurityUtils.getSubject();
23         subject.checkPermission("root:add");
24     }
25 }
posted @ 2017-10-16 13:29  Shadowplay  阅读(278)  评论(0编辑  收藏  举报