本文整理匯總了Java中org.apache.shiro.subject.Subject.checkPermission方法的典型用法代碼示例。如果您正苦於以下問題:Java Subject.checkPermission方法的具體用法?Java Subject.checkPermission怎麽用?Java Subject.checkPermission使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類org.apache.shiro.subject.Subject的用法示例。
在下文中一共展示了Subject.checkPermission方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: authorize
import org.apache.shiro.subject.Subject; //導入方法依賴的package包/類
public void authorize(ResourcePermission context) {
Subject currentUser = getSubject();
if (currentUser == null) {
return;
}
if (context == null) {
return;
}
if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) {
return;
}
try {
currentUser.checkPermission(context);
} catch (ShiroException e) {
String msg = currentUser.getPrincipal() + " not authorized for " + context;
logger.info(msg);
throw new NotAuthorizedException(msg, e);
}
}
示例2: doBefore
import org.apache.shiro.subject.Subject; //導入方法依賴的package包/類
/**
* 前置通知 用於攔截Controller層是否有某種權限操作
* @param joinPoint 切點
* @throws InterruptedException
* @throws IOException
*/
/*
@Before("controllerAspect()")
public void doBefore(JoinPoint joinPoint) throws InterruptedException, IOException{
//讀取session中的用戶
HttpSession session = request.getSession();
User user = (User) session.getAttribute("userInfo");
if(user != null){
String permissionInfo = getControllerMethodPemissionInfo(joinPoint);
Subject currentUser = SecurityUtils.getSubject();
try{
currentUser.checkPermission(permissionInfo);
}catch (Exception e) {
System.out.println("沒有"+permissionInfo+"權限");
//throw new UnauthorizedException(permissionInfo);
}
}
}*/
@Around("controllerAspect()")
public Object doAround(ProceedingJoinPoint pjp) throws Throwable{
String permissionInfo = getControllerMethodPemissionInfo(pjp);
Subject currentUser = SecurityUtils.getSubject();
try{
if(currentUser!=null){
currentUser.checkPermission(permissionInfo);
SystemContext.setAuthStatus(3); //-- 享有授權
}
}catch (Exception e) {
System.out.println("沒有"+permissionInfo+"權限");
SystemContext.setAuthStatus(2); //-- 無授權
return "{message:unauthorized}"; //-- 這種寫法相當於給MV.setViewName(); 如何寫成"redirect:/exception/unauthorized"相當於調用Controller
}
return pjp.proceed();
}
示例3: authorize
import org.apache.shiro.subject.Subject; //導入方法依賴的package包/類
@Override
public AuthorizeResult authorize() {
try {
String[] perms = requiresPermissions.value();
Subject subject = SecurityUtils.getSubject();
if (perms.length == 1) {
subject.checkPermission(perms[0]);
return AuthorizeResult.ok();
}
if (Logical.AND.equals(requiresPermissions.logical())) {
subject.checkPermissions(perms);
return AuthorizeResult.ok();
}
if (Logical.OR.equals(requiresPermissions.logical())) {
// Avoid processing exceptions unnecessarily - "delay" throwing the
// exception by calling hasRole first
boolean hasAtLeastOnePermission = false;
for (String permission : perms)
if (subject.isPermitted(permission))
hasAtLeastOnePermission = true;
// Cause the exception if none of the role match, note that the
// exception message will be a bit misleading
if (!hasAtLeastOnePermission)
subject.checkPermission(perms[0]);
}
return AuthorizeResult.ok();
} catch (AuthorizationException e) {
return AuthorizeResult.fail(AuthorizeResult.ERROR_CODE_UNAUTHORIZATION);
}
}