public abstract class ShiroAuthorizingRealm extends AuthorizingRealm{ private static final String OR_OPERATOR = " or "; private static final String AND_OPERATOR = " and "; private static final String NOT_OPERATOR = "not "; @Override public boolean isPermitted(PrincipalCollection principals, String permission) { /*理解问题:传递过来的字符串的格式: 或者格式 : 权限1 or 权限2 与格式: 权限1 and 权限2 非格式: not 权限1 */ //步骤:通过判断来实现三种操作符 if (permission.contains(OR_OPERATOR)) { //如果有任何一个权限,返回true,否则返回false String[] permissions = permission.split(OR_OPERATOR); for (String p : permissions) { //只要有一个权限是通过验证的就返回true if (this.isPermittedWithNotOperator(principals, p)) { return true; } } return false; }else if (permission.equals(AND_OPERATOR)) { //必须两个权限都有,返回true.否则返回false String[] permissions = permission.split(AND_OPERATOR); for (String p : permissions) { //只要有一个权限是false的,我们就返回假 if (this.isPermittedWithNotOperator(principals, p)==false) { return false; } } return true; }else { //如果没有关键字,按正常方式执行 return this.isPermittedWithNotOperator(principals, permission); } } private boolean isPermittedWithNotOperator(PrincipalCollection principals, String permission) { //判断权限字符串前缀是否有"not "关键字。 if(permission.startsWith(NOT_OPERATOR)) { //如果有,就返回相反的结构 return !super.isPermitted(principals, permission.substring(NOT_OPERATOR.length())); } else { return super.isPermitted(principals, permission); } } }
<shiro:hasPermission name="modular:to_edit or modular:delete">
</shiro:hasPermission>
<shiro:hasPermission name="modular:to_edit or modular:delete">
</shiro:hasPermission>
<shiro:hasPermission name="modular:to_edit or modular:delete">
</shiro:hasPermission>