本文整理汇总了Java中org.apache.shiro.authz.Permission类的典型用法代码示例。如果您正苦于以下问题:Java Permission类的具体用法?Java Permission怎么用?Java Permission使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
Permission类属于org.apache.shiro.authz包,在下文中一共展示了Permission类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doGetAuthorizationInfo
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
return new AuthorizationInfo() {
private static final long serialVersionUID = 1L;
@Override
public Collection<String> getStringPermissions() {
return new HashSet<>();
}
@Override
public Collection<String> getRoles() {
return new HashSet<>();
}
@Override
public Collection<Permission> getObjectPermissions() {
return getObjectPermissionsInSession((Long) principals.getPrimaryPrincipal());
}
};
}
示例2: authorize
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Override
public boolean authorize(final Object principal, final ResourcePermission context) {
if (principal == null)
return false;
User user = this.userNameToUser.get(principal.toString());
if (user == null)
return false; // this user is not authorized to do anything
// check if the user has this permission defined in the context
for (Role role : this.userNameToUser.get(user.name).roles) {
for (Permission permitted : role.permissions) {
if (permitted.implies(context)) {
return true;
}
}
}
return false;
}
示例3: invoke
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Override
public Object invoke(MethodInvocation invocation) throws Throwable {
checkState(initialized);
Method method = invocation.getMethod();
checkArgument(Response.class.isAssignableFrom(method.getReturnType()));
Subject subject = subjectProvider.get();
Permission checkedPermission = Permissions.createUnscopedPermission(domain, method.getName());
if (subject.isPermitted(checkedPermission)) {
return invocation.proceed();
} else {
shiroAdminAuthorizationFailures.incrementAndGet();
String responseMessage =
"Subject " + subject.getPrincipal() + " lacks permission " + checkedPermission;
LOG.warn(responseMessage);
// TODO(ksweeney): 403 FORBIDDEN would be a more accurate translation of this response code.
return Responses.addMessage(Responses.empty(), ResponseCode.AUTH_FAILED, responseMessage);
}
}
示例4: implies
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
public boolean implies(Permission permission) {
if(!(permission instanceof BitPermission)){
return false;
}
//需要验证的权限
BitPermission other = (BitPermission) permission;
if(!"*".equals(this.resourcesIdentify) && !this.resourcesIdentify.equals(other.resourcesIdentify)){
return false;
}
if(this.permissionBit != 0 && (this.permissionBit & other.permissionBit) == 0){
return false;
}
if(!"*".equals(instanceId) && !this.instanceId.equals(other.instanceId)){
return false;
}
return true;
}
示例5: execute
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Override
public void execute(ImmutableMultimap<String, String> params, PrintWriter out) throws Exception {
Set<RoleIdentifier> existingRoles = StreamSupport.stream(
Spliterators.spliteratorUnknownSize(_roleManager.getAll(), 0), false)
.map(Role::getRoleIdentifier)
.collect(Collectors.toSet());
for (Map.Entry<String, Set<Permission>> entry : _permissionManager.getAll()) {
String key = entry.getKey();
if (key.startsWith("role:")) {
RoleIdentifier id = RoleIdentifier.fromString(key.substring(5));
if (!existingRoles.contains(id)) {
// Permission exists for a role which does not exist. Create the role now with reasonable defaults.
Set<String> initialPermissions = entry.getValue().stream().map(Object::toString).collect(Collectors.toSet());
_roleManager.createRole(id, new RoleModification()
.withName(id.getId())
.withPermissionUpdate(new PermissionUpdateRequest()
.permit(initialPermissions)));
out.println("Created missing role: " + id);
}
}
}
}
示例6: providePermissionManager
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Provides
@Singleton
PermissionManager providePermissionManager(@Named("dao") PermissionManager permissionManager,
InvalidatableCacheManager cacheManager,
final PermissionResolver permissionResolver) {
ImmutableMap.Builder<String, Set<Permission>> defaultRolePermissions = ImmutableMap.builder();
for (DefaultRoles defaultRole : DefaultRoles.values()) {
Set<Permission> rolePermissions = defaultRole.getPermissions()
.stream()
.map(permissionResolver::resolvePermission)
.collect(Collectors.toSet());
defaultRolePermissions.put(PermissionIDs.forRole(defaultRole.toString()), rolePermissions);
}
PermissionManager deferring = new DeferringPermissionManager(permissionManager, defaultRolePermissions.build());
return new CacheManagingPermissionManager(deferring, cacheManager);
}
示例7: checkRoleHasPermission
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
private boolean checkRoleHasPermission(RoleIdentifier roleId, Permission permission, boolean raiseRoleNotFoundException) {
Set<String> rolePermissions = _roleManager.getPermissionsForRole(roleId);
if (rolePermissions.isEmpty()) {
if (raiseRoleNotFoundException) {
// Check whether the role exists and, if not, raise the appropriate exception
if (_roleManager.getRole(roleId) == null) {
EmoRoleKey roleKey = convert(roleId);
throw new EmoRoleNotFoundException(roleKey.getGroup(), roleKey.getId());
}
}
// Either the role exists but has no permissions or the role doesn't exist. Either way return false
return false;
}
for (String rolePermission : rolePermissions) {
if (resolvePermission(rolePermission).implies(permission)) {
// All it takes is one
return true;
}
}
return false;
}
示例8: checkApiKeyHasPermission
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Override
public boolean checkApiKeyHasPermission(Subject subject, String id, String permission) {
// Permission for this action is tied to the ability to read the key
if (!subject.getId().equals(id)) {
verifyPermission(subject, Permissions.readApiKey());
}
ApiKey apiKey = _authIdentityManager.getIdentity(id);
if (apiKey == null) {
throw new EmoApiKeyNotFoundException();
}
Permission resolvedPermission = resolvePermission(permission);
for (String role : apiKey.getRoles()) {
// We don't care if the API key has a non-existent role assigned, so don't raise an exception, just
// move on to the next role.
if (checkRoleHasPermission(RoleIdentifier.fromString(role), resolvedPermission, false)) {
// All it takes is one
return true;
}
}
return false;
}
示例9: simpleNewExists
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Test
public void simpleNewExists() {
Cache<String, RolePermissionSet> cache = _underTest.getAvailableRolesCache();
assertEquals(cache.size(), 0, "precondition: cache is empty");
Permission p1 = mock(Permission.class);
when(p1.toString()).thenReturn("p1");
when(_permissionManager.getPermissions(PermissionIDs.forRole("role"))).thenReturn(Sets.newHashSet(p1));
Collection<Permission> resultPerms = _underTest.getRolePermissions("role");
assertEquals(resultPerms.iterator().next(), p1, "should have the first permission we added");
assertEquals(cache.size(), 1, "side effect: cache has one element");
Permission p2 = mock(Permission.class);
when(p2.toString()).thenReturn("p2");
when(_permissionManager.getPermissions(PermissionIDs.forRole("role"))).thenReturn(Sets.newHashSet(p2));
cache.clear();
Collection<Permission> resultPerms2 = _underTest.getRolePermissions("role");
assertEquals(resultPerms2.iterator().next(), p2, "should have the second permission we added");
assertEquals(cache.size(), 1, "side effect: cache still has one element");
resultPerms2 = _underTest.getRolePermissions("role");
assertEquals(resultPerms2.iterator().next(), p2, "should still have the second permission we added");
assertEquals(cache.size(), 1, "side effect: cache still has one element");
}
示例10: simpleNowEmpty
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Test
public void simpleNowEmpty() {
Cache<String, RolePermissionSet> cache = _underTest.getAvailableRolesCache();
assertEquals(cache.size(), 0, "precondition: cache is empty");
Permission p1 = mock(Permission.class);
when(p1.toString()).thenReturn("p1");
when(_permissionManager.getPermissions(PermissionIDs.forRole("role"))).thenReturn(Sets.newHashSet(p1));
Collection<Permission> resultPerms = _underTest.getRolePermissions("role");
assertEquals(resultPerms.iterator().next(), p1, "should have the first permission we added");
assertEquals(cache.size(), 1, "side effect: cache has one element");
when(_permissionManager.getPermissions(PermissionIDs.forRole("role"))).thenReturn(Sets.<Permission>newHashSet());
cache.clear();
resultPerms = _underTest.getRolePermissions("role");
assertTrue(resultPerms.isEmpty(), "now should have empty");
assertEquals(cache.size(), 1, "side effect: cache has empty permission");
}
示例11: pseudoConcurrentNewExists
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Test
public void pseudoConcurrentNewExists() {
Cache<String, RolePermissionSet> cache = _underTest.getAvailableRolesCache();
assertEquals(cache.size(), 0, "precondition: cache is empty");
Permission p1 = mock(Permission.class);
when(p1.toString()).thenReturn("p1");
Permission p2 = mock(Permission.class);
when(p2.toString()).thenReturn("p2");
when(_permissionManager.getPermissions(PermissionIDs.forRole("role"))).thenReturn(Sets.newHashSet(p1), Sets.newHashSet(p2));
Collection<Permission> resultPerms = _underTest.getRolePermissions("role");
assertEquals(resultPerms.iterator().next(), p1, "should have the first permission we added");
assertEquals(cache.size(), 1, "side effect: cache has one element");
resultPerms = _underTest.getRolePermissions("role");
assertEquals(resultPerms.iterator().next(), p2, "should have the last permission we added");
assertEquals(cache.size(), 1, "side effect: cache has one element");
}
示例12: pseudoConcurrentNewThenCacheFlush
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Test
public void pseudoConcurrentNewThenCacheFlush() {
Cache<String, RolePermissionSet> cache = _underTest.getAvailableRolesCache();
assertEquals(cache.size(), 0, "precondition: cache is empty");
Permission p1 = mock(Permission.class);
when(p1.toString()).thenReturn("p1");
Permission p2 = mock(Permission.class);
when(p2.toString()).thenReturn("p2");
when(_permissionManager.getPermissions(PermissionIDs.forRole("role")))
.thenReturn(Sets.newHashSet(p1))
.thenReturn(Sets.newHashSet(p2));
Collection<Permission> resultPerms = _underTest.getRolePermissions("role");
assertEquals(resultPerms.iterator().next(), p1, "should have the last permission we added");
assertEquals(cache.size(), 1, "side effect: cache has one element");
cache.clear();
resultPerms = _underTest.getRolePermissions("role");
assertEquals(resultPerms.iterator().next(), p2, "should again have the last permission we added");
assertEquals(cache.size(), 1, "side effect: cache again has one element");
}
示例13: testCachedPermissionCheckById
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Test
public void testCachedPermissionCheckById() {
String id = _authIdentityManager.createIdentity("apikey0", new ApiKeyModification().addRoles("role0"));
Permission rolePermission = mock(Permission.class);
Permission positivePermission = mock(Permission.class);
when(rolePermission.implies(positivePermission)).thenReturn(true);
when(rolePermission.implies(not(eq(positivePermission)))).thenReturn(false);
when(_permissionManager.getPermissions(PermissionIDs.forRole("role0"))).thenReturn(ImmutableSet.of(rolePermission));
// Verify permission is granted using the API key
PrincipalCollection principals = _underTest.getAuthenticationInfo(new ApiKeyAuthenticationToken("apikey0")).getPrincipals();
assertTrue(_underTest.isPermitted(principals, positivePermission));
// Verify the ID was cached
assertNotNull(_underTest.getIdAuthorizationCache().get(id));
// Verify permission was granted
assertTrue(_underTest.hasPermissionById(id, positivePermission));
}
示例14: getRolePermissions
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
/**
* Gets the permissions for a role. If possible the permissions are cached for efficiency.
*/
protected Collection<Permission> getRolePermissions(String role) {
if (role == null) {
return null;
}
Cache<String, RolePermissionSet> cache = getAvailableRolesCache();
if (cache == null) {
return _permissionReader.getPermissions(PermissionIDs.forRole(role));
}
RolePermissionSet rolePermissionSet = cache.get(role);
if (rolePermissionSet == null) {
Set<Permission> permissions = _permissionReader.getPermissions(PermissionIDs.forRole(role));
rolePermissionSet = new SimpleRolePermissionSet(permissions);
cache.put(role, rolePermissionSet);
}
return rolePermissionSet.permissions();
}
示例15: implies
import org.apache.shiro.authz.Permission; //导入依赖的package包/类
@Override
public boolean implies(Permission p) {
if (p instanceof UserAdministration) {
UserAdministration userAdmin = (UserAdministration) p;
return user.equals(userAdmin.getUser());
} else {
return p instanceof PublicPermission;
}
}