当前位置 : 主页 > 编程语言 > java >

Spring Security授权_编写查询权限方法

来源:互联网 收集:自由互联 发布时间:2022-07-04
在认证后进行授权需要根据用户id查询到用户的权限,写法如下: 编写用户、角色、权限实体类 //用户类 /** * @Author yqq * @Date 2022/05/17 22:47 * @Version 1.0 */ @Data public class Users { private Integ

Spring Security授权_编写查询权限方法_封装
在认证后进行授权需要根据用户id查询到用户的权限,写法如下:

编写用户、角色、权限实体类

//用户类
/**
* @Author yqq
* @Date 2022/05/17 22:47
* @Version 1.0
*/
@Data
public class Users {
private Integer uid;
private String username;
private String password;
private String phone;
}
//角色类
@Data
public class Role {
private Integer rid;
private String rolename;
private String roledesc;
}
//权限类
@Data
public class Permission {
private Integer pid;
private String permissionname;
private String url;

编写UserMapper接口

public interface UsersMapper extends BaseMapper<Users> {
List<Permission> findPermissionByUserName(String username);
}

在resources目录中编写UsersMapper的映射文件

<select id="findPermissionByUserName" resultType="com.neu.model.Permission">
SELECT
p.pid,p.permissionName,p.url
FROM
users u
LEFT JOIN users_role ur ON u.uid = ur.uid
LEFT JOIN role r ON ur.rid = r.rid
LEFT JOIN role_permission rp ON r.rid = rp.rid
LEFT JOIN permission p ON rp.pid = p.pid
WHERE username = #{username}
</select>

测试

@SpringBootTest
public class MapperTest {
@Autowired
private UsersMapper usersMapper;
@Test
public void test(){
List<Permission> permissions = usersMapper.findPermissionByUserName("yqq");
permissions.forEach(System.out::println);
}
}

Spring Security授权_编写查询权限方法_spring boot_02
Spring Security授权_编写查询权限方法_ide_03

认证成功后把权限封装GrantedAuthority类

@Service
public class MyUserDetailService implements UserDetailsService {

@Autowired
private UsersMapper usersMapper;

//自定义认证逻辑
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//1 构造查询条件
QueryWrapper<Users> wrapper = new QueryWrapper<Users>().eq("username", username);
//2 查询用户
Users users = usersMapper.selectOne(wrapper);
if (users == null)
return null;
//3 查询用户权限
List<Permission> permissions = usersMapper.findPermissionByUserName(username);
//4 将自定义权限集合转换为Security的权限类型集合
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
permissions.forEach(e -> {
grantedAuthorities.add(new SimpleGrantedAuthority(e.getUrl()));
});
//5 封装为UserDetails对象
UserDetails userDetails = User.withUsername(users.getUsername())
.password(users.getPassword())
.authorities(grantedAuthorities)
.build();
//6 返回封装好的userDetails对象
return userDetails;
}
}


上一篇:#yyds干货盘点# 解决名企真题:扭蛋机
下一篇:没有了
网友评论
相关栏目
最近更新
热门文章