当前仓库属于关闭状态,部分功能使用受限,详情请查阅 仓库状态说明
23 Star 144 Fork 89

大老杨 / springboot_book
关闭

 / 详情

chapter7-2中Spring Security的菜单不能授权给多个用户,比如ADMIN不能访问/select路径资源,以下是解决代码。

待办的
创建于  
2020-08-13 11:54

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// @w_m
// private RoleRepository roleRepository;

@Autowired
private MenuRepository menuRepository;

@Autowired
private MyUserDetailsService myUserDetailsService;

@Override
protected void configure(HttpSecurity httpSecurity) throws Exception{
    //配置资源文件 其中/css/**,/index可以任意访问,/select需要USER权限,/delete需要ADMIN权限
    httpSecurity
            .authorizeRequests()
            .antMatchers("/css/**", "/index").permitAll();

// .antMatchers("/select").hasRole("USER")
// .antMatchers("/delete").hasRole("ADMIN");
// //动态加载数据库中角色权限
// List roleList = roleRepository.findAll();
// for(Role role : roleList){
// List menuList = role.getMenuList();
// for (Menu menu : menuList){
// //在SpringSecurity校验权限的时候,会自动将权限前面加ROLE_,所以我们需要 将我们数据库中配置的ROLE_截取掉。
// String roleName = role.getRoleName().replace("ROLE_","");
// String menuName = "/" + menu.getMenuName();
// httpSecurity
// .authorizeRequests()
// .antMatchers(menuName)
// .hasRole(roleName);
// }
// }

    /**
     * 菜单授权给多个角色
     */
    List<Menu> menuList = menuRepository.findAll();
    for (Menu menu : menuList){
        List<Role> roleList = menu.getRoleList();
        List<String> roleNameList = new ArrayList<>();
        String menuName = "/" + menu.getMenuName();
        for(Role role : roleList){
            String roleName = role.getRoleName().replace("ROLE_", "");
            roleNameList.add(roleName);
        }
        //
        httpSecurity
                .authorizeRequests()
                .antMatchers(menuName)
                .hasAnyRole(roleNameList.toArray(new String[roleNameList.size()]));
    }


    //配置登录请求/login 登录失败请求/login_error 登录成功请求/
    httpSecurity
            .formLogin()
            .loginPage("/login")
            .failureUrl("/login_error")
            .successForwardUrl("/");
    //登录异常,如权限不符合 请求/401
    httpSecurity
            .exceptionHandling().accessDeniedPage("/401");
    //注销登录 请求/logout
    httpSecurity
            .logout()
            .logoutSuccessUrl("/logout");
}

@Bean
public static NoOpPasswordEncoder passwordEncoder() {
    return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
}


//根据用户名密码实现登录
@Autowired
public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
    authenticationManagerBuilder
            .inMemoryAuthentication()
            //.passwordEncoder(new BCryptPasswordEncoder())
            .withUser("test").password("123").roles("USER")
            .and()
            .withUser("admin").password("123").roles("ADMIN","USER");
    authenticationManagerBuilder.userDetailsService(myUserDetailsService);
}

}

评论 (0)

wenshuozhu 创建了任务
wenshuozhu 关联仓库设置为大老杨/springboot_book
展开全部操作日志

登录 后才可以发表评论

状态
负责人
里程碑
Pull Requests
关联的 Pull Requests 被合并后可能会关闭此 issue
分支
开始日期   -   截止日期
-
置顶选项
优先级
参与者(1)
Java
1
https://gitee.com/dalaoyang/springboot_book.git
git@gitee.com:dalaoyang/springboot_book.git
dalaoyang
springboot_book
springboot_book

搜索帮助

14c37bed 8189591 565d56ea 8189591