@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String username = (String) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
authorizationInfo.setRoles(userService.findRoles(username));
authorizationInfo.setStringPermissions(userService.findPermissions(username));
return authorizationInfo;
}
// 载入角色和权限
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String loginName = (String) principals.getPrimaryPrincipal();
User user = adminUserDao.getByLoginName(loginName);
Set<String> permissionSet = adminUserDao.getPermissions(user.getId());
Set<String> roleSet = adminUserDao.getRoles(user.getId());
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
authorizationInfo.setRoles(roleSet);
authorizationInfo.setStringPermissions(permissionSet);
return authorizationInfo;
}
/** 授权 */
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String username = (String) principals.getPrimaryPrincipal();
CmsUser user = cmsUserMng.findByUsername(username);
CmsSite site = CmsThreadVariable.getSite();
SimpleAuthorizationInfo auth = new SimpleAuthorizationInfo();
if (user != null) {
Set<String> viewPermissionSet = new HashSet<String>();
Set<String> perms = user.getPerms(site.getId(), viewPermissionSet);
if (!CollectionUtils.isEmpty(perms)) {
// 权限加入AuthorizationInfo认证对象
auth.setStringPermissions(perms);
}
}
return auth;
}
/**
* Retrieves the AuthorizationInfo for the given principals from the underlying data store. When
* returning an instance from this method, you might want to consider using an instance of
* SimpleAuthorizationInfo, as it is suitable in most cases.
*
* @param principals the primary identifying principals of the AuthorizationInfo that should be
* retrieved.
* @return the AuthorizationInfo associated with this principals.
*/
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
if (_logger.isDebugEnabled()) {
_logger.debug("call doGetAuthorizationInfo..");
}
String username = (String) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Set<String> roles = new HashSet<String>();
if ("camry".equals(username)) {
roles.add("admin");
}
info.setRoles(roles); // userService.findRoles(username);
Set<String> permissions = new HashSet<String>();
info.setStringPermissions(permissions); // userService.findRoles(username);
return info;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
LOG.debug("Retrieving authorization information for {}", principals);
final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
final User user = userService.load(principals.getPrimaryPrincipal().toString());
final List<String> permissions;
if (null == user) {
permissions = Collections.emptyList();
} else {
permissions = user.getPermissions();
if (permissions != null) {
info.setStringPermissions(Sets.newHashSet(permissions));
}
}
LOG.debug("User {} has permissions: {}", principals, permissions);
return info;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
if (principals == null) {
throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
}
try {
User user = (User) getAvailablePrincipal(principals);
Connection conn = null;
Set<String> roleNames = null;
Set<String> permissions = null;
try {
conn = dataSource.getConnection();
// Retrieve roles and permissions from database
roleNames = getRoleNamesForUser(conn, user.getId());
if (permissionsLookupEnabled) {
permissions = getPermissions(conn, user.getId(), roleNames);
}
} catch (SQLException e) {
final String message =
"There was a SQL error while authorizing user [" + user.getId() + "]";
if (logger.isErrorEnabled()) {
logger.error(message, e);
}
// Rethrow any SQL errors as an authorization exception
throw new AuthorizationException(message, e);
} finally {
JdbcUtils.closeConnection(conn);
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
info.setStringPermissions(permissions);
return info;
} catch (Exception ex) {
logger.error("Unable to get authorization info");
}
return null;
}
