当前位置：网站首页>Custom permission verification method

Custom permission verification method

2022-06-09 10:20:00 【Leon_ Jinhai_ Sun】

We can also define our own permission verification methods , stay @PreAuthorize Use our method in the annotation .

@Component("ex")
public class SGExpressionRoot {

    public boolean hasAuthority(String authority){
        // Get the permission of the current user 
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        // Judge whether there exists in the user permission set authority
        return permissions.contains(authority);
    }
}

stay SPEL Use in expressions @ex It's equivalent to getting... In the container bean Your name is not ex The object of . And then call the object's hasAuthority Method

    @RequestMapping("/hello")
    @PreAuthorize("@ex.hasAuthority('system:dept:list')")
    public String hello(){
        return "hello";
    }

原网站

版权声明
本文为[Leon_ Jinhai_ Sun]所创，转载请带上原文链接，感谢
https://yzsam.com/2022/160/202206090937210515.html

当前位置：网站首页>Custom permission verification method

Custom permission verification method

边栏推荐

猜你喜欢

随机推荐