예제 #1
0
 @Override
 protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
   String username = (String) principals.getPrimaryPrincipal();
   SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
   authorizationInfo.setRoles(userService.findRoles(username));
   authorizationInfo.setStringPermissions(userService.findPermissions(username));
   return authorizationInfo;
 }
예제 #2
0
  /** 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    logger.info("authorization: 授权回调函数 " + principals.getRealmNames());

    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

    simpleAuthorizationInfo.setRoles(Sets.newHashSet("student", "teacher"));
    simpleAuthorizationInfo.addStringPermissions(Lists.newArrayList("hello:index"));

    return simpleAuthorizationInfo;
  }
예제 #3
0
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    logger.info("doGetAuthorizationInfo(principals)...");

    /**
     * this function loads user authorization data from "userManager" data source (database) User,
     * Role are custom POJOs (beans) and are loaded from database. WildcardPermission implements
     * shiros Permission interface, so my permissions in database gets accepted by shiro security
     */
    Set<String> roles = new HashSet<String>();
    Set<Permission> permissions = new HashSet<Permission>();
    // Collection<User>	principalsList	= principals.byType(User.class);

    //		if (principalsList.isEmpty()) {
    //			throw new AuthorizationException("Empty principals list!");
    //		}
    //		//LOADING STUFF FOR PRINCIPAL
    //		for (User userPrincipal : principalsList) {
    //			try {
    //				this.userManager.beginTransaction();
    //
    //				User user = this.userManager.loadById(userPrincipal.getId());
    //
    //				Set<Role> userRoles	= user.getRoles();
    //				for (Role r : userRoles) {
    //					roles.add(r.getName());
    //					Set<WildcardPermission> userPermissions	= r.getPermissions();
    //					for (WildcardPermission permission : userPermissions) {
    //						if (!permissions.contains(permission)) {
    //							permissions.add(permission);
    //						}
    //					}
    //				}
    //				this.userManager.commitTransaction();
    //			} catch (InvalidDataException idEx) { //userManger exceptions
    //				throw new AuthorizationException(idEx);
    //			} catch (ResourceException rEx) {
    //				throw new AuthorizationException(rEx);
    //			}
    //		}

    // THIS IS THE MAIN CODE YOU NEED TO DO !!!!
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(roles);
    authorizationInfo.setRoles(roles); // fill in roles
    authorizationInfo.setObjectPermissions(
        permissions); // add permisions (MUST IMPLEMENT SHIRO PERMISSION INTERFACE)

    return authorizationInfo;
  }
예제 #4
0
  // 载入角色和权限
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    String loginName = (String) principals.getPrimaryPrincipal();
    User user = adminUserDao.getByLoginName(loginName);

    Set<String> permissionSet = adminUserDao.getPermissions(user.getId());
    Set<String> roleSet = adminUserDao.getRoles(user.getId());

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.setRoles(roleSet);
    authorizationInfo.setStringPermissions(permissionSet);

    return authorizationInfo;
  }
예제 #5
0
  /**
   * Retrieves the AuthorizationInfo for the given principals from the underlying data store. When
   * returning an instance from this method, you might want to consider using an instance of
   * SimpleAuthorizationInfo, as it is suitable in most cases.
   *
   * @param principals the primary identifying principals of the AuthorizationInfo that should be
   *     retrieved.
   * @return the AuthorizationInfo associated with this principals.
   */
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    if (_logger.isDebugEnabled()) {
      _logger.debug("call doGetAuthorizationInfo..");
    }
    String username = (String) principals.getPrimaryPrincipal();
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    Set<String> roles = new HashSet<String>();
    if ("camry".equals(username)) {
      roles.add("admin");
    }
    info.setRoles(roles); // userService.findRoles(username);

    Set<String> permissions = new HashSet<String>();
    info.setStringPermissions(permissions); // userService.findRoles(username);

    return info;
  }
예제 #6
0
  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    Set<String> roles = new HashSet<String>();
    Set<Permission> permissions = new HashSet<Permission>();
    Collection<User> principalsList = principals.byType(User.class);

    for (User userPrincipal : principalsList) {
      try {
        User user = userDAO.getById(userPrincipal.getId());
        Set<Role> userRoles = user.getRoles();
        for (Role role : userRoles) {
          roles.add(role.getRole());
        }
      } catch (Exception e) {
        e.printStackTrace();
      }
    }

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roles);
    info.setRoles(roles);
    info.setObjectPermissions(permissions);

    return info;
  }