Example #1
0
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    logger.info("doGetAuthorizationInfo(principals)...");

    /**
     * this function loads user authorization data from "userManager" data source (database) User,
     * Role are custom POJOs (beans) and are loaded from database. WildcardPermission implements
     * shiros Permission interface, so my permissions in database gets accepted by shiro security
     */
    Set<String> roles = new HashSet<String>();
    Set<Permission> permissions = new HashSet<Permission>();
    // Collection<User>	principalsList	= principals.byType(User.class);

    //		if (principalsList.isEmpty()) {
    //			throw new AuthorizationException("Empty principals list!");
    //		}
    //		//LOADING STUFF FOR PRINCIPAL
    //		for (User userPrincipal : principalsList) {
    //			try {
    //				this.userManager.beginTransaction();
    //
    //				User user = this.userManager.loadById(userPrincipal.getId());
    //
    //				Set<Role> userRoles	= user.getRoles();
    //				for (Role r : userRoles) {
    //					roles.add(r.getName());
    //					Set<WildcardPermission> userPermissions	= r.getPermissions();
    //					for (WildcardPermission permission : userPermissions) {
    //						if (!permissions.contains(permission)) {
    //							permissions.add(permission);
    //						}
    //					}
    //				}
    //				this.userManager.commitTransaction();
    //			} catch (InvalidDataException idEx) { //userManger exceptions
    //				throw new AuthorizationException(idEx);
    //			} catch (ResourceException rEx) {
    //				throw new AuthorizationException(rEx);
    //			}
    //		}

    // THIS IS THE MAIN CODE YOU NEED TO DO !!!!
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(roles);
    authorizationInfo.setRoles(roles); // fill in roles
    authorizationInfo.setObjectPermissions(
        permissions); // add permisions (MUST IMPLEMENT SHIRO PERMISSION INTERFACE)

    return authorizationInfo;
  }
Example #2
0
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    Set<String> roles = new HashSet<String>();
    Set<Permission> permissions = new HashSet<Permission>();
    Collection<User> principalsList = principals.byType(User.class);

    for (User userPrincipal : principalsList) {
      try {
        User user = userDAO.getById(userPrincipal.getId());
        Set<Role> userRoles = user.getRoles();
        for (Role role : userRoles) {
          roles.add(role.getRole());
        }
      } catch (Exception e) {
        e.printStackTrace();
      }
    }

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles);
    info.setRoles(roles);
    info.setObjectPermissions(permissions);

    return info;
  }