Velocity模版進行shiro驗證

先在Spring配置Velocity視圖解析器

<!-- Velocity視圖解析器 預設視圖 -->
<bean id="velocityViewResolver"
    class="org.springframework.web.servlet.view.velocity.VelocityViewResolver">
    <property name="contentType" value="text/html;charset=UTF-8" />
    <property name="viewNames" value="*.html" />
    <property name="suffix" value="" />
    <property name="dateToolAttribute" value="date" />
    <property name="numberToolAttribute" value="number" />
    <property name="toolboxConfigLocation" value="/WEB-INF/velocity-toolbox.xml" />
    <property name="requestContextAttribute" value="rc" />
    <property name="order" value="0" />
</bean>

<bean id="velocityConfigurer"
    class="org.springframework.web.servlet.view.velocity.VelocityConfigurer">
    <property name="resourceLoaderPath" value="/WEB-INF/page/" />
    <property name="velocityProperties">
        <props>
            <prop key="input.encoding">UTF-8</prop>
            <prop key="output.encoding">UTF-8</prop>
            <prop key="contentType">text/html;charset=UTF-8</prop>
        </props>
    </property>
</bean>
           

在WEB-INF檔案夾建立velocity-toolbox.xml

<?xml version="1.0" encoding="UTF-8" ?>
<toolbox>
    <!-- velocity 自定義标簽 -->
    <tool>
        <key>shiro</key>
        <scope>application</scope>
        <class>com.wstro.shiro.VelocityShiro</class>
    </tool>
</toolbox>
           

再來看

com.wstro.shiro.VelocityShiro

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Shiro權限标簽(Velocity版)
 * 
 * @author chenshun
 * @email [email protected]
 * @date 2016年12月3日 下午11:32:47
 */
public class VelocityShiro {

    private Logger logger = LoggerFactory.getLogger(getClass());

    /**
     * 是否擁有該權限
     * 
     * @param permission
     *            權限辨別
     * @return true：是 false：否
     */
    public boolean hasPermission(String permission) {
        logger.info(permission);
        Subject subject = SecurityUtils.getSubject();
        return subject != null && subject.isPermitted(permission);
    }

    /**
     * 是否擁有該權限
     * 
     * @param permission
     *            權限辨別
     * @return true：是 false：否
     */
    public static boolean hasPermissionInMethod(String permission) {
        Subject subject = SecurityUtils.getSubject();
        return subject != null && subject.isPermitted(permission);
    }

}
           

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;

import com.wstro.entity.SysUserEntity;

/**
 * Shiro工具類
 * 
 * @author chenshun
 * @email [email protected]
 * @date 2016年11月12日 上午9:49:19
 */
public class ShiroUtils {

    public static Session getSession() {
        return SecurityUtils.getSubject().getSession();
    }

    public static Subject getSubject() {
        return SecurityUtils.getSubject();
    }

    public static SysUserEntity getUserEntity() {
        return (SysUserEntity)SecurityUtils.getSubject().getPrincipal();
    }

    public static Long getUserId() {
        return getUserEntity().getUserId();
    }
    
    public static void setSessionAttribute(Object key, Object value) {
        getSession().setAttribute(key, value);
    }

    public static Object getSessionAttribute(Object key) {
        return getSession().getAttribute(key);
    }

    public static boolean isLogin() {
        return SecurityUtils.getSubject().getPrincipal() != null;
    }

    public static void logout() {
        SecurityUtils.getSubject().logout();
    }
    
    public static String getKaptcha(String key) {
        String kaptcha = getSessionAttribute(key).toString();
        getSession().removeAttribute(key);
        return kaptcha;
    }

}
           

#if($shiro.hasPermission("sys:project${projectcategory}:save")) <a
                class="btn btn-primary" @click="add"><i class="fa fa-plus"></i> 新增</a>
            #end