package cn.webyun.asksea.core.util; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import cn.webyun.asksea.core.security.CustomUserDetails; import org.springframework.util.CollectionUtils; /** * @Project: asksea-web * @Title: SecurityUtil * @Description: * @Author: fujm * @Date: 2018年9月21日 下午2:57:58 * @Company: webyun * @Copyright: Copyright (c) 2017-2018 Webyun. All Rights Reserved. */ public class SecurityUtil { public final static String LOGOUT_USER = "anonymousUser"; /** * 获取当前登录用户信息 * @author fujm * @date 2019/1/25 9:36 * @return **/ public static CustomUserDetails getCurrentUserProfile() { Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if(principal == null) { return null; } if((principal instanceof String) && (LOGOUT_USER.equals(principal))) { return null; } if(principal instanceof CustomUserDetails) { return (CustomUserDetails) principal; } return null; } /** * 验证当前登录用户是否拥有指定权限 * @author fujm * @date 2019/1/25 9:36 * @param auth 权限字符串 * @return **/ public static boolean hasAuthority(String auth) { CustomUserDetails currentUserProfile = SecurityUtil.getCurrentUserProfile(); if(currentUserProfile == null) { return false; } if( ! CollectionUtils.isEmpty(currentUserProfile.getAuthorities()) && currentUserProfile.getAuthorities().contains(new SimpleGrantedAuthority(auth)) ) { return true; } return false; } }
SecurityUtil--自定义权限工具类
猜你喜欢
转载自blog.csdn.net/fujianmin19910915/article/details/103575843
今日推荐
周排行