本文整理汇总了Java中org.apache.shiro.subject.Subject.isPermitted方法的典型用法代码示例。如果您正苦于以下问题:Java Subject.isPermitted方法的具体用法?Java Subject.isPermitted怎么用?Java Subject.isPermitted使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.shiro.subject.Subject的用法示例。
在下文中一共展示了Subject.isPermitted方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: checkSubjectRolesAndPermissions
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* Check subject roles and permissions.
*
* @param currentUser the current user
* @throws FailedLoginException the failed login exception in case roles or permissions are absent
*/
protected void checkSubjectRolesAndPermissions(final Subject currentUser) throws FailedLoginException {
if (this.requiredRoles != null) {
for (final String role : this.requiredRoles) {
if (!currentUser.hasRole(role)) {
throw new FailedLoginException("Required role " + role + " does not exist");
}
}
}
if (this.requiredPermissions != null) {
for (final String perm : this.requiredPermissions) {
if (!currentUser.isPermitted(perm)) {
throw new FailedLoginException("Required permission " + perm + " does not exist");
}
}
}
}
示例2: showTagBody
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean showTagBody(String permissionNames) {
boolean hasAnyPermission = false;
Subject subject = getSubject();
if (subject != null) {
// Iterate through permissions and check to see if the user has one of the permissions
for (String permission : permissionNames.split(PERMISSION_NAMES_DELIMETER)) {
if (subject.isPermitted(permission.trim())) {
hasAnyPermission = true;
break;
}
}
}
return hasAnyPermission;
}
示例3: checkSubjectRolesAndPermissions
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* Check subject roles and permissions.
*
* @param currentUser the current user
* @throws FailedLoginException the failed login exception in case roles or permissions are absent
*/
protected void checkSubjectRolesAndPermissions(final Subject currentUser) throws FailedLoginException {
if (this.requiredRoles != null) {
for (final String role : this.requiredRoles) {
if (!currentUser.hasRole(role)) {
throw new FailedLoginException("Required role " + role + " does not exist");
}
}
}
if (this.requiredPermissions != null) {
for (final String perm : this.requiredPermissions) {
if (!currentUser.isPermitted(perm)) {
throw new FailedLoginException("Required permission " + perm + " cannot be located");
}
}
}
}
示例4: hasAnyPermissions
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* 验证用户是否具有以下任意一个权限。
* @param permissions 以 delimeter 为分隔符的权限列表
* @param delimeter 权限列表分隔符
* @return 用户是否具有以下任意一个权限
*/
public boolean hasAnyPermissions(String permissions, String delimeter) {
Subject subject = SecurityUtils.getSubject();
if (subject != null) {
if (delimeter == null || delimeter.length() == 0) {
delimeter = PERMISSION_NAMES_DELIMETER;
}
for (String permission : permissions.split(delimeter)) {
if (permission != null && subject.isPermitted(permission.trim()) == true) {
return true;
}
}
}
return false;
}
示例5: authorize
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
public AuthorizeResult authorize() {
try {
String[] perms = requiresPermissions.value();
Subject subject = SecurityUtils.getSubject();
if (perms.length == 1) {
subject.checkPermission(perms[0]);
return AuthorizeResult.ok();
}
if (Logical.AND.equals(requiresPermissions.logical())) {
subject.checkPermissions(perms);
return AuthorizeResult.ok();
}
if (Logical.OR.equals(requiresPermissions.logical())) {
// Avoid processing exceptions unnecessarily - "delay" throwing the
// exception by calling hasRole first
boolean hasAtLeastOnePermission = false;
for (String permission : perms)
if (subject.isPermitted(permission))
hasAtLeastOnePermission = true;
// Cause the exception if none of the role match, note that the
// exception message will be a bit misleading
if (!hasAtLeastOnePermission)
subject.checkPermission(perms[0]);
}
return AuthorizeResult.ok();
} catch (AuthorizationException e) {
return AuthorizeResult.fail(AuthorizeResult.ERROR_CODE_UNAUTHORIZATION);
}
}
示例6: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean isAccessAllowed(ServletRequest request,
ServletResponse response, Object mappedValue) throws Exception {
//先判断带参数的权限判断
Subject subject = getSubject(request, response);
if(null != mappedValue){
String[] arra = (String[])mappedValue;
for (String permission : arra) {
if(subject.isPermitted(permission)){
return Boolean.TRUE;
}
}
}
//取到请求的uri ,进行权限判断
HttpServletRequest httpRequest = (HttpServletRequest)request;
String uri = httpRequest.getRequestURI();
String contextPath = httpRequest.getContextPath();
if(uri != null && uri.startsWith(contextPath))
{
uri = uri.replace(contextPath, "");
}
if("/".equals(uri)) //http://localhost:8070/webside/ 处理这样的url
return Boolean.TRUE;
if(subject.isPermitted(uri))
return Boolean.TRUE;
return Boolean.FALSE;
}
示例7: test
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Test
public void test(){
log.info("My First Apache Shiro Application");
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
// get the currently executing user:
Subject currentUser = SecurityUtils.getSubject();
// Do some stuff with a Session (no need for a web or EJB container!!!)
Session session = currentUser.getSession();
session.setAttribute("someKey", "aValue");
String value = (String) session.getAttribute("someKey");
if (value.equals("aValue")) {
log.info("Retrieved the correct value! [" + value + "]");
}
// let's login the current user so we can check against roles and permissions:
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("lonestarr", "vespa");
token.setRememberMe(true);
try {
currentUser.login(token);
} catch (UnknownAccountException uae) {
log.info("There is no user with username of " + token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
log.info("Password for account " + token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
log.info("The account for username " + token.getPrincipal() + " is locked. " +
"Please contact your administrator to unlock it.");
}
// ... catch more exceptions here (maybe custom ones specific to your application?
catch (AuthenticationException ae) {
//unexpected condition? error?
}
}
//say who they are:
//print their identifying principal (in this case, a username):
log.info("User [" + currentUser.getPrincipal() + "] logged in successfully.");
//test a role:
if (currentUser.hasRole("schwartz")) {
log.info("May the Schwartz be with you!");
} else {
log.info("Hello, mere mortal.");
}
//test a typed permission (not instance-level)
if (currentUser.isPermitted("lightsaber:weild")) {
log.info("You may use a lightsaber ring. Use it wisely.");
} else {
log.info("Sorry, lightsaber rings are for schwartz masters only.");
}
//a (very powerful) Instance Level permission:
if (currentUser.isPermitted("winnebago:drive:eagle5")) {
log.info("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'. " +
"Here are the keys - have fun!");
} else {
log.info("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
}
//all done - log out!
currentUser.logout();
}
示例8: hasPermission
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* 验证用户是否具备某权限。
* @param permission 权限名称
* @return 用户是否具备某权限
*/
public boolean hasPermission(String permission) {
Subject subject = SecurityUtils.getSubject();
return subject != null && subject.isPermitted(permission);
}
示例9: hasPermission
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* 是否拥有该权限
* @param permission 权限标识
* @return true:是 false:否
*/
public boolean hasPermission(String permission) {
Subject subject = SecurityUtils.getSubject();
return subject != null && subject.isPermitted(permission);
}