/** * Gibt ACCESS_DENIED zurueck, wenn der Benutzer eine Rolle hat, die ihm eine der * requestedAuthorizations auf den Regionalbereich erlaubt. * * @param tqmUser * @param domainObject Objekt der Klasse Regionalbereich * @param requestedAuthorizations * @return */ public int vote(final TqmUser tqmUser, Object domainObject, String requestedAuthorizations) { Authentication authentication = new Authentication() { private static final long serialVersionUID = 3734932700281423324L; public GrantedAuthority[] getAuthorities() { return tqmUser.getAuthorities(); } public Object getCredentials() { return null; } public Object getDetails() { return tqmUser; } public Object getPrincipal() { return tqmUser; } public boolean isAuthenticated() { return true; } public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException { ; } public String getName() { return tqmUser.getUsername(); } }; String[] splits = requestedAuthorizations.split(","); ConfigAttributeDefinition definition = new ConfigAttributeDefinition(); for (String singleAuthorization : splits) { definition.addConfigAttribute(new SecurityConfig(singleAuthorization.trim())); } return vote(authentication, domainObject, definition); }
protected Object mapRow(ResultSet rs, int rownum) throws SQLException { logger.debug("抽取webresdb中的记录........."); RdbmsEntryHolder rsh = new RdbmsEntryHolder(); // 设置受保护业务 rsh.setMethodName(rs.getString("protect").trim()); // 设置角色 rsh.setRoles(rs.getString("roles").trim()); // 属于哪个项目类别 rsh.setOwner(rs.getString("owner").trim()); // 设置描述 rsh.setRemark(rs.getString("remark").trim()); ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); String[] tokens = StringUtils.commaDelimitedListToStringArray(rs.getString("roles").trim()); for (int i = 0; i < tokens.length; ++i) cad.addConfigAttribute(new SecurityConfig(tokens[i])); // 设置角色集合 rsh.setCad(cad); return rsh; }