问题描述
如果用户有权限用户:编辑:1
和我使用的驱动批注 @RequiresPermissions(用户:编辑)
为什么四郎抛出异常?编辑:1 难道不应该允许的事实,他们有用户暗示?如果我把
@RequriesPermissions(用户:编辑:1)
那么它工作正常,但操作的情况下的时候,我不知道是什么1却又如此,这将是在后面的方法检查,但我想避免进入该方法在所有的,如果他们不具备用户:编辑
许可,在所有
If a user has a permissions user:edit:1
and I'm using the annotation driven @RequiresPermissions("user:edit")
why is shiro throwing an exception? Shouldn't that permission be implied by the fact that they have user:edit:1
? If I put @RequriesPermissions("user:edit:1")
then it works fine but during the context of operation I won't know what 1 is yet so that will be checked later in the method, but I'd like to avoid going into the method at all if they don't have the user:edit
permission at all.
推荐答案
用户:编辑
意味着用户:编辑:1
而不是周围的其他方式。
在你的方法:(编辑用户),然后检查1您可以继续使用 @RequiresPermissions。您还可以使用通配符
@RequiresPermissions(用户:编辑:*)。
,这是完全一样的,但我认为它更清晰。
"user:edit"
implies "user:edit:1"
but not the other way around.You can keep using @RequiresPermissions("user:edit")
and then check for the "1" in your method. You can also use a wildcard @RequiresPermissions("user:edit:*")
, which is the exactly the same but I think it's clearer.
这篇关于阿帕奇四郎隐含的权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!