org.apache.shiro.authz.AuthorizationInfo Java Examples

/**
 * 身份授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    String userName = (String) getAvailablePrincipal(principalCollection);
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    SysUser sysUser = userService.getByUserName(userName);
    // 获取角色对象

    Integer roleId = sysUser.getRoleId();

    //通过用户名从数据库获取权限/角色信息
    Set<String> r = new HashSet<>();

    if (roleId != null) {
        r.add(RoleEnum.getName(roleId));
        info.setRoles(r);
    }

    return info;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    ShiroUser shiroUser = (ShiroUser)principalCollection.getPrimaryPrincipal();
    User user = userService.findUserByLoginName(shiroUser.getloginName());
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<Role> roles = user.getRoleLists();
    Set<String> roleNames = Sets.newHashSet();
    for (Role role : roles) {
        if(StringUtils.isNotBlank(role.getName())){
            roleNames.add(role.getName());
        }
    }
    Set<Menu> menus = user.getMenus();
    Set<String> permissions = Sets.newHashSet();
    for (Menu menu : menus) {
        if(StringUtils.isNotBlank(menu.getPermission())){
            permissions.add(menu.getPermission());
        }
    }
    info.setRoles(roleNames);
    info.setStringPermissions(permissions);
    return info;
}
 

@Override
protected AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals,
                                                      LdapContextFactory ldapContextFactory) throws NamingException {
    System.out.println("————权限认证————");
    String username = JwtUtil.getUsername(principals.toString());
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    //获得该用户角色
    //String role = userMapper.getRole(username);
    //每个角色拥有默认的权限
    //String rolePermission = userMapper.getRolePermission(username);
    //每个用户可以设置新的权限
    //String permission = userMapper.getPermission(username);
    Set<String> roleSet = new HashSet<>();
    Set<String> permissionSet = new HashSet<>();
    //需要将 role, permission 封装到 Set 作为 info.setRoles(), info.setStringPermissions() 的参数
   // roleSet.add(role);
   // permissionSet.add(rolePermission);
    //permissionSet.add(permission);
    //设置该用户拥有的角色和权限
    info.setRoles(roleSet);
    info.setStringPermissions(permissionSet);
    return info;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    User user = (User) principals.getPrimaryPrincipal();

    List<Role> roles = roleService.listRolesByUserId(user.getId());
    for (Role role : roles) {
        authorizationInfo.addRole(role.getRole());
        List<Permission> permissions = permissionService.listPermissionsByRoleId(role.getId());
        for (Permission p : permissions) {
            authorizationInfo.addStringPermission(p.getUrl());
        }
    }
    return authorizationInfo;
}
 

/**
 * 获取用户角色和权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
	User user = (User) SecurityUtils.getSubject().getPrincipal();
	String userName = user.getUserName();

	System.out.println("用户" + userName + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
	SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

	// 获取用户角色集
	List<Role> roleList = userRoleMapper.findByUserName(userName);
	Set<String> roleSet = new HashSet<String>();
	for (Role r : roleList) {
		roleSet.add(r.getName());
	}
	simpleAuthorizationInfo.setRoles(roleSet);

	// 获取用户权限集
	List<Permission> permissionList = userPermissionMapper.findByUserName(userName);
	Set<String> permissionSet = new HashSet<String>();
	for (Permission p : permissionList) {
		permissionSet.add(p.getName());
	}
	simpleAuthorizationInfo.setStringPermissions(permissionSet);
	return simpleAuthorizationInfo;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    User user = (User) principals.getPrimaryPrincipal();

    List<Role> roles = roleService.listRolesByUserId(user.getId());
    for (Role role : roles) {
        authorizationInfo.addRole(role.getRole());
        List<Permission> permissions = permissionService.listPermissionsByRoleId(role.getId());
        //把权限的URL全部放到authorizationInfo中去
        Set<String> urls = permissions.stream().map(p -> p.getUrl()).collect(Collectors.toSet());
        authorizationInfo.addStringPermissions(urls);

    }
    return authorizationInfo;
}
 

/**
 * create by: leigq
 * description: 授权
 * create time: 2019/7/1 10:32
 *
 * @return 权限信息，包括角色以及权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    log.warn("开始执行授权操作.......");

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    //如果身份认证的时候没有传入User对象，这里只能取到userName
    //也就是SimpleAuthenticationInfo构造的时候第一个参数传递需要User对象
    User user = (User) principals.getPrimaryPrincipal();

    // 查询用户角色，一个用户可能有多个角色
    List<Role> roles = iRoleService.getUserRoles(user.getUserId());

    for (Role role : roles) {
        authorizationInfo.addRole(role.getRole());
        // 根据角色查询权限
        List<Permission> permissions = iPermissionService.getRolePermissions(role.getRoleId());
        for (Permission p : permissions) {
            authorizationInfo.addStringPermission(p.getPermission());
        }
    }
    return authorizationInfo;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
    // 当前登录信息
    ShiroUser shiroUser = (ShiroUser) principalCollection.getPrimaryPrincipal();
    // 查询当前用户
    ErpUser user = erpUserService.findUserByLoginName(shiroUser.getLoginName());
    // 添加角色和权限
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    List<ErpRole> roles = user.getRoles();
    for(ErpRole role: roles) {
        if(StringUtils.isNotBlank(role.getName())) {
            simpleAuthorizationInfo.addRole(role.getName());
        }
    }
    List<ErpMenu> menus = user.getMenus();
    for(ErpMenu menu: menus) {
        if(StringUtils.isNotBlank(menu.getPermission())) {
            simpleAuthorizationInfo.addStringPermission(menu.getPermission());
        }
    }
    return simpleAuthorizationInfo;
}
 

/**
 * 此方法调用hasRole,hasPermission的时候才会进行回调.
 * <p>
 * 权限信息.(授权):
 * 1、如果用户正常退出，缓存自动清空；
 * 2、如果用户非正常退出，缓存自动清空；
 * 3、如果我们修改了用户的权限，而用户不退出系统，修改的权限无法立即生效。
 * （需要手动编程进行实现；放在service进行调用）
 * 在权限修改后调用realm中的方法，realm已经由spring管理，所以从spring中获取realm实例，调用clearCached方法；
 * :Authorization 是授权访问控制，用于对用户进行的操作授权，证明该用户是否允许进行当前操作，如访问某个链接，某个资源文件等。
 *
 * @param principals
 * @return
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    /*
     * 当没有使用缓存的时候，不断刷新页面的话，这个代码会不断执行，
     * 当其实没有必要每次都重新设置权限信息，所以我们需要放到缓存中进行管理；
     * 当放到缓存中时，这样的话，doGetAuthorizationInfo就只会执行一次了，
     * 缓存过期之后会再次执行。
     */
    _logger.info("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    ManagerInfo managerInfo = (ManagerInfo) principals.getPrimaryPrincipal();

    //设置相应角色的权限信息
    for (SysRole role : managerInfo.getRoles()) {
        //设置角色
        authorizationInfo.addRole(role.getRole());
        for (Permission p : role.getPermissions()) {
            //设置权限
            authorizationInfo.addStringPermission(p.getPermission());
        }
    }

    return authorizationInfo;
}
 

@Override
protected AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals,
                                                      LdapContextFactory ldapContextFactory) throws NamingException {
    System.out.println("————权限认证————");
    String username = JwtUtil.getUsername(principals.toString());
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    //获得该用户角色
    //String role = userMapper.getRole(username);
    //每个角色拥有默认的权限
    //String rolePermission = userMapper.getRolePermission(username);
    //每个用户可以设置新的权限
    //String permission = userMapper.getPermission(username);
    Set<String> roleSet = new HashSet<>();
    Set<String> permissionSet = new HashSet<>();
    //需要将 role, permission 封装到 Set 作为 info.setRoles(), info.setStringPermissions() 的参数
   // roleSet.add(role);
   // permissionSet.add(rolePermission);
    //permissionSet.add(permission);
    //设置该用户拥有的角色和权限
    info.setRoles(roleSet);
    info.setStringPermissions(permissionSet);
    return info;
}
 

@Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//        System.out.println("权限配置-->com.cn.lucky.morning.model.web.shiro.MyShiroRealm.doGetAuthorizationInfo()");
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        User user  = (User) principals.getPrimaryPrincipal();
        Role role = roleService.getById(user.getRoleId());
        if (role == null){
            return null;
        }
        authorizationInfo.addRole(role.getId().toString());
        if (Objects.equals(Const.role.IS_SUPER,role.getIsSuper())){
            authorizationInfo.addStringPermission(Const.role.ROLE_SUPER);
        }
        if (!StringUtils.isEmpty(role.getAuthority())){
            String [] authorityStrs = role.getAuthority().split(",");
            for (String id : authorityStrs){
                Authority authority = authorityService.getById(Long.valueOf(id));
                if (authority!=null){
                    authorizationInfo.addStringPermission(authority.getCode());
                }
            }
        }
        return authorizationInfo;
    }
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	Long userId = (Long) principals.getPrimaryPrincipal();						
	RequestCycle requestCycle = RequestCycle.get();
	if (requestCycle != null) {
		Map<Long, AuthorizationInfo> authorizationInfos = requestCycle.getMetaData(AUTHORIZATION_INFOS);
		if (authorizationInfos == null) {
			authorizationInfos = new HashMap<>();
			requestCycle.setMetaData(AUTHORIZATION_INFOS, authorizationInfos);
		}
		AuthorizationInfo authorizationInfo = authorizationInfos.get(userId);
		if (authorizationInfo == null) {
			authorizationInfo = newAuthorizationInfo(userId);
			authorizationInfos.put(userId, authorizationInfo);
		}
		return authorizationInfo;
	} else {
		return newAuthorizationInfo(userId);
	}
}
 

/**
 * 获取用户角色和权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
	User user = (User) SecurityUtils.getSubject().getPrincipal();
	String userName = user.getUserName();

	System.out.println("用户" + userName + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
	SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

	// 获取用户角色集
	List<Role> roleList = userRoleMapper.findByUserName(userName);
	Set<String> roleSet = new HashSet<String>();
	for (Role r : roleList) {
		roleSet.add(r.getName());
	}
	simpleAuthorizationInfo.setRoles(roleSet);

	// 获取用户权限集
	List<Permission> permissionList = userPermissionMapper.findByUserName(userName);
	Set<String> permissionSet = new HashSet<String>();
	for (Permission p : permissionList) {
		permissionSet.add(p.getName());
	}
	simpleAuthorizationInfo.setStringPermissions(permissionSet);
	return simpleAuthorizationInfo;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	// null usernames are invalid
	if (principals == null) {
		throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
	}
	User user = (User) principals.getPrimaryPrincipal();
	if (user == null) {
		return null;
	}
	// 角色列表
	Set<String> roles =userService.getRoleCodeList(user.getId());
	// 功能列表
	Set<String> menus = userService.getPermsByUserId(user.getId());

	SimpleAuthorizationInfo auth = new SimpleAuthorizationInfo();
	auth.setRoles(roles);
	auth.setStringPermissions(menus);
	return auth;
}
 

@Override
public AuthorizationInfo buildAuthorizationInfo(PrincipalCollection principals) {
    String loginName = (String) principals.fromRealm("ShiroDbRealm").iterator().next();

    RoleService sysRoleApi = Jboot.service(RoleService.class);
    List<Role> sysRoleList = sysRoleApi.findByUserName(loginName);
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    List<String> roleNameList = new ArrayList<String>();
    for (Role sysRole : sysRoleList) {
        roleNameList.add(sysRole.getName());
    }

    ResService sysResService = Jboot.service(ResService.class);
    List<Res> sysResList = sysResService.findByUserNameAndStatusUsed(loginName);
    List<String> urls = new ArrayList<String>();
    for (Res sysRes : sysResList) {
        urls.add(sysRes.getUrl());
    }

    info.addRoles(roleNameList);
    info.addStringPermissions(urls);
    return info;
}
 

/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

    String username = (String) principalCollection.getPrimaryPrincipal();

    ResponseModel<SysOperateBO> sysOperateResponse = sysOperateFeign.findByUserName(username);
    final SysOperateBO sysOperate = sysOperateResponse.getData();
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    List<SysMenuBO> menuList = sysMenuFeign.findByOperateId(sysOperate.getId()).getData();
    if (CollectionUtil.isNotEmpty(menuList)) {
        for (SysMenuBO menu : menuList) {
            if (StrUtil.isNotBlank(menu.getCode())) {
                info.addStringPermission(menu.getCode());
            }
        }
    }
    return info;
}
 

/**
 * 只有当需要检测用户权限的时候才会调用此方法，例如checkRole,checkPermission之类的
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    String account = JwtUtil.getClaim(principalCollection.toString(), Constant.ACCOUNT);
    UserDto userDto = new UserDto();
    userDto.setAccount(account);
    // 查询用户角色
    List<RoleDto> roleDtos = roleMapper.findRoleByUser(userDto);
    for (RoleDto roleDto : roleDtos) {
        if (roleDto != null) {
            // 添加角色
            simpleAuthorizationInfo.addRole(roleDto.getName());
            // 根据用户角色查询权限
            List<PermissionDto> permissionDtos = permissionMapper.findPermissionByRole(roleDto);
            for (PermissionDto permissionDto : permissionDtos) {
                if (permissionDto != null) {
                    // 添加权限
                    simpleAuthorizationInfo.addStringPermission(permissionDto.getPerCode());
                }
            }
        }
    }
    return simpleAuthorizationInfo;
}
 

@Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Admin admin = (Admin)principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        // 根据用户名查询用户拥有的角色
//        AdminExample adminExample = new AdminExample();
//        AdminExample.Criteria criteria = adminExample.createCriteria();
//        criteria.andAdminnameEqualTo(adminname);
//        List<Admin> list = adminMapper.selectByExample(adminExample);
        Set<String> roleNames = new HashSet<String>();
        if (0 == admin.getRole()) {
            roleNames.add("admin");
        } else {
            roleNames.add("user");
        }
        // 将角色名称提供给info
        authorizationInfo.setRoles(roleNames);

        return authorizationInfo;
    }
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    User user = (User) SecurityUtils.getSubject().getPrincipal();
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    // 角色
    List<Role> userRoles = roleService.getByUserId(user.getUserId());
    Set<String> roles = new HashSet<>();
    for (int i = 0; i < userRoles.size(); i++) {
        roles.add(String.valueOf(userRoles.get(i).getRoleId()));
    }
    authorizationInfo.setRoles(roles);
    // 权限
    List<Authorities> authorities = authoritiesService.listByUserId(user.getUserId());
    Set<String> permissions = new HashSet<>();
    for (int i = 0; i < authorities.size(); i++) {
        String authority = authorities.get(i).getAuthority();
        if (StringUtil.isNotBlank(authority)) {
            permissions.add(authority);
        }
    }
    authorizationInfo.setStringPermissions(permissions);
    return authorizationInfo;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    SysUser user = sysuserextmapper.getUserByUsername((String) principalCollection.getPrimaryPrincipal());
    //把principals放session中 key=userId value=principals
    SecurityUtils.getSubject().getSession().setAttribute(String.valueOf(user.getId()),SecurityUtils.getSubject().getPrincipals());
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    //赋予角色
    for(SysRole userRole:user.getSysRoleList()){
        info.addRole(userRole.getKey());
    }
    //赋予权限
    for(SysMenu menu:sysmenuextmapper.getMenuByUserId(user.getId())){
        if(!"".equals(menu.getPermission())) {
            info.addStringPermission(menu.getPermission());
        }
    }

    return info;

}
 

/**
 * 角色权限和对应权限添加
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    // 获取用户名
    String name = (String) principalCollection.getPrimaryPrincipal();
    // 获取用户对象
    User user = userService.findByName(name);
    // 添加角色和权限

    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

    List<Role> roles = getRoles(user.getId());

    for (Role role : roles) {
        // 添加角色
        simpleAuthorizationInfo.addRole(role.getName());

        // 添加权限
        List<Permission> permissions = getPermission(role.getId());
        for (Permission permission : permissions) {
            simpleAuthorizationInfo.addStringPermission(permission.getName());
        }
    }
    return simpleAuthorizationInfo;
}
 

/**
 * 获取用户角色和权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
	User user = (User) SecurityUtils.getSubject().getPrincipal();
	String userName = user.getUserName();

	System.out.println("用户" + userName + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
	SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

	// 获取用户角色集
	List<Role> roleList = userRoleMapper.findByUserName(userName);
	Set<String> roleSet = new HashSet<String>();
	for (Role r : roleList) {
		roleSet.add(r.getName());
	}
	simpleAuthorizationInfo.setRoles(roleSet);

	// 获取用户权限集
	List<Permission> permissionList = userPermissionMapper.findByUserName(userName);
	Set<String> permissionSet = new HashSet<String>();
	for (Permission p : permissionList) {
		permissionSet.add(p.getName());
	}
	simpleAuthorizationInfo.setStringPermissions(permissionSet);
	return simpleAuthorizationInfo;
}
 

/**
 * 用户权限配置
 * principals:身份集合，因为我们可以在 Shiro 中同时配置多个 Realm，所以身份信息可能就有多个；
 * 因此其提供了 PrincipalCollection 用于聚合这些身份信息
 * getPrimaryPrincipal:如果只有一个Principal，那么直接返回即可。如果有多个 Principal，因为内部使用Map存储，则随机返回一个
 * 返回的对象是在 doGetAuthenticationInfo 里设置的认证实体信息 principal
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	// 获取 principal
	// AdminUser principal = (AdminUser)principals.getPrimaryPrincipal();
	UserDTO userDTO = (UserDTO) principals.getPrimaryPrincipal();
	// 获取用户
	// AdminUser adminUser = adminUserService.getByName(principal.getUsername());
	if(userDTO != null) {
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		
		// List<Role> roles = roleService.getByAdminUserId(adminUser.getAdminUserId(), null, null);
		// 角色
		List<RoleDTO> roleDTOs = userDTO.getRoleDTOs();
		// 赋予角色
		// roles.forEach(role -> info.addRole(role.getRoleName()));
		roleDTOs.forEach(roleDTO -> info.addRole(roleDTO.getRoleName()));
		
		// List<Permission> permissions = permissionService.getBatchByRoleList(roles);
		// 赋予权限
		// permissions.forEach(permission -> info.addStringPermission(permission.getPermissionValue()));
		roleDTOs.forEach(roleDTO -> {
			List<PermissionDTO> permissionDTOs = roleDTO.getPermissionDTOs();
			permissionDTOs.forEach(permissionDTO -> info.addStringPermission(permissionDTO.getPermissionValue()));
		});
		return info;
	}
	return null;
}
 

/**
 *  定义如何获取用户的角色和权限的逻辑，给shiro做权限判断
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    if (principals == null) {
        throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }
    UserInfo user = (UserInfo) getAvailablePrincipal(principals);
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    info.setRoles(user.getRoles());
    info.setStringPermissions(user.getPerms());
    return info;
}
 

/**
 * 查询权限，授权
 * 此方法调用hasRole,hasPermission的时候才会进行回调.
 * <p>
 * 权限信息.(授权):
 * 1、如果用户正常退出，缓存自动清空；
 * 2、如果用户非正常退出，缓存自动清空；
 * 3、如果我们修改了用户的权限，而用户不退出系统，修改的权限无法立即生效。
 * （需要手动编程进行实现；放在service进行调用）
 * 在权限修改后调用realm中的方法，realm已经由spring管理，所以从spring中获取realm实例，调用clearCached方法；
 * :Authorization 是授权访问控制，用于对用户进行的操作授权，证明该用户是否允许进行当前操作，如访问某个链接，某个资源文件等。
 *
 * @param principalCollection 身份集合
 * @return 授权信息
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    log.info("BaseRealm.doGetAuthorizationInfo() shiro授权");

    // 因为非正常退出，即没有显式调用 SecurityUtils.getSubject().logout() (可能是关闭浏览器，或超时)，但此时缓存依旧存在(principals)，需要清除身份
    if (!SecurityUtils.getSubject().isAuthenticated()) {
        doClearCache(principalCollection);
        SecurityUtils.getSubject().logout();
        return null;
    }

    // 简单授权信息
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    User user = SessionUtil.getCurrentUser();
    if (user != null) {
        Set<String> roleCodes = new HashSet<>();
        List<Role> roles = user.getRoles();
        for (Role role : roles) {
            roleCodes.add(role.getRoleCode());
        }
        //添加角色
        authorizationInfo.addRoles(roleCodes);

        Set<String> stringPermissions = new HashSet<>();
        List<Permission> permissions = user.getPermissions();
        for (Permission permission : permissions) {
            stringPermissions.add(permission.getPermissionCode());
        }
        // 添加权限
        authorizationInfo.addStringPermissions(stringPermissions);
    }

    return authorizationInfo;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    if (principals == null) {
        throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }

    LitemallAdmin admin = (LitemallAdmin) getAvailablePrincipal(principals);
    Integer[] roleIds = admin.getRoleIds();
    Set<String> roles = roleService.queryByIds(roleIds);
    Set<String> permissions = permissionService.queryByRoleIds(roleIds);
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    info.setRoles(roles);
    info.setStringPermissions(permissions);
    return info;
}
 

/**
	 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用,负责在应用程序中决定用户的访问控制的方法(non-Javadoc)
	 * @see AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection)
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {
		String username = (String)pc.getPrimaryPrincipal();
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//	    authorizationInfo.setRoles(userService.getRoles(username));
//	    authorizationInfo.setStringPermissions(userService.getPermissions(username));
		System.out.println("Shiro授权");
	    return authorizationInfo;
	}
 

/**
 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用,负责在应用程序中决定用户的访问控制的方法(non-Javadoc)
 * @see AuthorizingRealm#doGetAuthorizationInfo(PrincipalCollection)
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {
	String username = (String)pc.getPrimaryPrincipal();
	SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.setRoles(userService.getRoles(username));
    authorizationInfo.setStringPermissions(userService.getPermissions(username));
    return authorizationInfo;
}
 

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    Session session = SecurityUtils.getSubject().getSession();
    //查询用户的权限
    JSONObject permission = (JSONObject) session.getAttribute(Constants.SESSION_USER_PERMISSION);
    logger.info("permission的值为:" + permission);
    logger.info("本用户权限为:" + permission.get("permissionList"));
    //为当前用户设置角色和权限
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.addStringPermissions((Collection<String>) permission.get("permissionList"));
    return authorizationInfo;
}
 

/**
 * 授权(验证权限时调用) 配置了和会话时间相同的缓存
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	User user = (User) principals.getPrimaryPrincipal();
	String userId = user.getUserId();
	SysUser sysUser = sysUserService.findById(userId);
	if (SysUser.STATUS_STOP.equals(sysUser.getStatus())) {
		throw new ServiceException("用户已被禁用");
	}
	Set<String> permsSet = new HashSet<>();
	Set<String> roleSet = new HashSet<>();
	List<SysMenu> menus = null;
	// 系统管理员，拥有最高权限
	if (ShiroUtils.isSuperAdmin()) {
		menus = sysMenuService.findShowMenuAll();
	} else {
		menus = sysMenuService.findShowMenuByUserId(userId);
	}
	// 用户权限列表
	for (SysMenu menu : menus) {
		if (StringUtils.isNotEmpty(menu.getPermission())) {
			permsSet.addAll(Arrays.asList(StringUtils.split(menu.getPermission().trim(), Constants.SEPARATOR)));
		}
	}
	SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
	info.setStringPermissions(permsSet);
	List<SysRole> roles = user.getRoles();
	if (roles != null && !roles.isEmpty()) {
		for (SysRole sysRole : roles) {
			roleSet.add(sysRole.getName());
		}
	}
	info.setRoles(roleSet);
	return info;
}