实现不同接口用不同权限控制

sql.sql

@@ -63,6 +63,7 @@ INSERT INTO permission (pid, name, url) VALUE ('4', 'query', '');
 
 INSERT INTO user (uid, username, password) VALUE ('1', 'admin', '0000');
 INSERT INTO user (uid, username, password) VALUE ('2', 'trs', 'trs');
+INSERT INTO user (uid, username, password) VALUE ('3', 'guest', 'guest');
 
 INSERT INTO role (rid, rname) VALUE ('1', 'admin');
 INSERT INTO role (rid, rname) VALUE ('2', 'customer');
@@ -74,12 +75,14 @@ INSERT INTO permission_role (rid, pid) VALUE ('1', '3');
 INSERT INTO permission_role (rid, pid) VALUE ('1', '4');
 
 INSERT INTO permission_role (rid, pid) VALUE ('2', '1');
-INSERT INTO permission_role (rid, pid) VALUE ('1', '3');
-INSERT INTO permission_role (rid, pid) VALUE ('1', '4');
+INSERT INTO permission_role (rid, pid) VALUE ('2', '3');
+INSERT INTO permission_role (rid, pid) VALUE ('2', '4');
+
 INSERT INTO permission_role (rid, pid) VALUE ('3', '4');
 
 INSERT INTO user_role (rid, uid) VALUE ('1', '1');
 INSERT INTO user_role (rid, uid) VALUE ('2', '2');
+INSERT INTO user_role (rid, uid) VALUE ('3', '3');
 
 SELECT
   u.*,

src/main/java/top/fjy8018/shiro/config/ShiroConfiguration.java

@@ -43,6 +43,9 @@ public class ShiroConfiguration {
         // 指定页面只能给指定用户访问，校验角色名称类org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
         filterChainDefinitionMap.put("/admin","roles[admin]");
 
+        // 不同接口用不同权限控制，控制类对应org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter
+        filterChainDefinitionMap.put("/edit","perms[edit]");
+
         // 用户登录后可以访问所有接口
         filterChainDefinitionMap.put("/**", "user");
 

src/main/java/top/fjy8018/shiro/controller/NavController.java

@@ -28,4 +28,10 @@ public class NavController {
     public String unauthorized() {
         return "unauthorized";
     }
+
+    @RequestMapping("/edit")
+    @ResponseBody
+    public String edit() {
+        return "edit success";
+    }
 }