This is to determine whether an operation can be performed according to the role. When configuring ShiroFilterFactoryBean , the [role1, role2] behind each filter is treated as a role.
@SuppressWarnings({"unchecked"})
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException {
Subject subject = getSubject(request, response);
String[] rolesArray = (String[]) mappedValue;
if (rolesArray == null || rolesArray.length == 0) {
return true;
}
Set<String> roles = CollectionUtils.asSet(rolesArray);
return subject.hasAllRoles(roles);//Does the current user have the required roles
}
This can only be used when the character can be fixed to death. If you have such a situation, you can use this class.