ShiroMethod
/**
* Copyright (c) 2011-2017, dafei 李飞 (myaniu AT gmail DOT com)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.jsaas.core.security;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
/**
* ShiroMethod. (SPI, Singleton, ThreadSafe)
*
* @author dafei (myaniu AT gmail DOT com)
*/
public class ShiroMethod {
private static final String NAMES_DELIMETER = ",";
/**
* 禁止初始化
*/
public ShiroMethod() {}
/**
* 获取 Subject
*
* @return Subject
*/
protected Subject getSubject() {
return SecurityUtils.getSubject();
}
/**
* 验证当前用户是否属于该角色?,使用时与lacksRole 搭配使用
*
* @param roleName
* 角色名
* @return 属于该角色:true,否则false
*/
public boolean hasRole(String roleName) {
return getSubject() != null && roleName != null
&& roleName.length() > 0 && getSubject().hasRole(roleName);
}
/**
* 与hasRole标签逻辑相反,当用户不属于该角色时验证通过。
*
* @param roleName
* 角色名
* @return 不属于该角色:true,否则false
*/
public boolean lacksRole(String roleName) {
return !hasRole(roleName);
}
/**
* 验证当前用户是否属于以下任意一个角色。
*
* @param roleNames
* 角色列表
* @return 属于:true,否则false
*/
public boolean hasAnyRoles(String roleNames) {
boolean hasAnyRole = false;
Subject subject = getSubject();
if (subject != null && roleNames != null && roleNames.length() > 0) {
// Iterate through roles and check to see if the user has one of the
// roles
for (String role : roleNames.split(NAMES_DELIMETER)) {
if (subject.hasRole(role.trim())) {
hasAnyRole = true;
break;
}
}
}
return hasAnyRole;
}
/**
* 验证当前用户是否属于以下所有角色。
*
* @param roleNames
* 角色列表
* @return 属于:true,否则false
*/
public boolean hasAllRoles(String roleNames) {
boolean hasAllRole = true;
Subject subject = getSubject();
if (subject != null && roleNames != null && roleNames.length() > 0) {
// Iterate through roles and check to see if the user has one of the
// roles
for (String role : roleNames.split(NAMES_DELIMETER)) {
if (!subject.hasRole(role.trim())) {
hasAllRole = false;
break;
}
}
}
return hasAllRole;
}
/**
* 验证当前用户是否拥有指定权限,使用时与lacksPermission 搭配使用
*
* @param permission
* 权限名
* @return 拥有权限:true,否则false
*/
public boolean hasPermission(String permission) {
return getSubject() != null && permission != null
&& permission.length() > 0
&& getSubject().isPermitted(permission);
}
/**
* 与hasPermission标签逻辑相反,当前用户没有制定权限时,验证通过。
*
* @param permission
* 权限名
* @return 拥有权限:true,否则false
*/
public boolean lacksPermission(String permission) {
return !hasPermission(permission);
}
/**
* 已认证通过的用户。不包含已记住的用户,这是与user标签的区别所在。与notAuthenticated搭配使用
*
* @return 通过身份验证:true,否则false
*/
public boolean authenticated() {
return getSubject() != null && getSubject().isAuthenticated();
}
/**
* 未认证通过用户,与authenticated标签相对应。与guest标签的区别是,该标签包含已记住用户。。
*
* @return 没有通过身份验证:true,否则false
*/
public boolean notAuthenticated() {
return !authenticated();
}
/**
* 认证通过或已记住的用户。与guset搭配使用。
*
* @return 用户:true,否则 false
*/
public boolean user() {
return getSubject() != null && getSubject().getPrincipal() != null;
}
/**
* 验证当前用户是否为“访客”,即未认证(包含未记住)的用户。用user搭配使用
*
* @return 访客:true,否则false
*/
public boolean guest() {
return !user();
}
/**
* 输出当前用户信息,通常为登录帐号信息。
* @return 当前用户信息
*/
public String principal(){
if (getSubject() != null) {
// Get the principal to print out
Object principal = getSubject().getPrincipal();
return principal.toString();
}
return "Guest";
}
}
public void configEngine(Engine me) {
//定义为共享对象 在 engine模板中可调用ShiroMethod中的方法
me.addSharedObject("shiro", new ShiroMethod());
}示例:判断当前用户是否已经登录,已登录则显示当前登录用户的身份信息
#if(shiro.user())
#(shiro.principal())
#end