本文整理汇总了Java中org.apache.shiro.subject.Subject.checkPermission方法的典型用法代码示例。如果您正苦于以下问题:Java Subject.checkPermission方法的具体用法?Java Subject.checkPermission怎么用?Java Subject.checkPermission使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.shiro.subject.Subject的用法示例。
在下文中一共展示了Subject.checkPermission方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: authorize
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
public void authorize(ResourcePermission context) {
Subject currentUser = getSubject();
if (currentUser == null) {
return;
}
if (context == null) {
return;
}
if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) {
return;
}
try {
currentUser.checkPermission(context);
} catch (ShiroException e) {
String msg = currentUser.getPrincipal() + " not authorized for " + context;
logger.info(msg);
throw new NotAuthorizedException(msg, e);
}
}
示例2: doBefore
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* 前置通知 用于拦截Controller层是否有某种权限操作
* @param joinPoint 切点
* @throws InterruptedException
* @throws IOException
*/
/*
@Before("controllerAspect()")
public void doBefore(JoinPoint joinPoint) throws InterruptedException, IOException{
//读取session中的用户
HttpSession session = request.getSession();
User user = (User) session.getAttribute("userInfo");
if(user != null){
String permissionInfo = getControllerMethodPemissionInfo(joinPoint);
Subject currentUser = SecurityUtils.getSubject();
try{
currentUser.checkPermission(permissionInfo);
}catch (Exception e) {
System.out.println("没有"+permissionInfo+"权限");
//throw new UnauthorizedException(permissionInfo);
}
}
}*/
@Around("controllerAspect()")
public Object doAround(ProceedingJoinPoint pjp) throws Throwable{
String permissionInfo = getControllerMethodPemissionInfo(pjp);
Subject currentUser = SecurityUtils.getSubject();
try{
if(currentUser!=null){
currentUser.checkPermission(permissionInfo);
SystemContext.setAuthStatus(3); //-- 享有授权
}
}catch (Exception e) {
System.out.println("没有"+permissionInfo+"权限");
SystemContext.setAuthStatus(2); //-- 无授权
return "{message:unauthorized}"; //-- 这种写法相当于给MV.setViewName(); 如何写成"redirect:/exception/unauthorized"相当于调用Controller
}
return pjp.proceed();
}
示例3: authorize
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
public AuthorizeResult authorize() {
try {
String[] perms = requiresPermissions.value();
Subject subject = SecurityUtils.getSubject();
if (perms.length == 1) {
subject.checkPermission(perms[0]);
return AuthorizeResult.ok();
}
if (Logical.AND.equals(requiresPermissions.logical())) {
subject.checkPermissions(perms);
return AuthorizeResult.ok();
}
if (Logical.OR.equals(requiresPermissions.logical())) {
// Avoid processing exceptions unnecessarily - "delay" throwing the
// exception by calling hasRole first
boolean hasAtLeastOnePermission = false;
for (String permission : perms)
if (subject.isPermitted(permission))
hasAtLeastOnePermission = true;
// Cause the exception if none of the role match, note that the
// exception message will be a bit misleading
if (!hasAtLeastOnePermission)
subject.checkPermission(perms[0]);
}
return AuthorizeResult.ok();
} catch (AuthorizationException e) {
return AuthorizeResult.fail(AuthorizeResult.ERROR_CODE_UNAUTHORIZATION);
}
}