This is to determine whether an operation can be performed according to the role. When configuring ShiroFilterFactoryBean , the [role1, role2] behind each filter is treated as a role.
@SuppressWarnings({"unchecked"}) public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException { Subject subject = getSubject(request, response); String[] rolesArray = (String[]) mappedValue; if (rolesArray == null || rolesArray.length == 0) { return true; } Set<String> roles = CollectionUtils.asSet(rolesArray); return subject.hasAllRoles(roles);//Does the current user have the required roles }
This can only be used when the character can be fixed to death. If you have such a situation, you can use this class.