Java Code Examples for org.apache.shiro.authz.annotation.Logical#AND
The following examples show how to use
org.apache.shiro.authz.annotation.Logical#AND .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: UserController.java From ShiroJwt with MIT License | 6 votes |
|
/**
* 获取用户列表
* @param
* @return java.util.Map<java.lang.String,java.lang.Object>
* @author dolyw.com
* @date 2018/8/30 10:41
*/
@GetMapping
@RequiresPermissions(logical = Logical.AND, value = {"user:view"})
public ResponseBean user(@Validated BaseDto baseDto) {
if (baseDto.getPage() == null || baseDto.getRows() == null) {
baseDto.setPage(1);
baseDto.setRows(10);
}
PageHelper.startPage(baseDto.getPage(), baseDto.getRows());
List<UserDto> userDtos = userService.selectAll();
PageInfo<UserDto> selectPage = new PageInfo<UserDto>(userDtos);
if (userDtos == null || userDtos.size() < 0) {
throw new CustomException("查询失败(Query Failure)");
}
Map<String, Object> result = new HashMap<String, Object>(16);
result.put("count", selectPage.getTotal());
result.put("data", selectPage.getList());
return new ResponseBean(HttpStatus.OK.value(), "查询成功(Query was successful)", result);
}
Example 2
| Source File: UserController.java From ShiroJwt with MIT License | 6 votes |
|
/**
* 获取在线用户(查询Redis中的RefreshToken)
* @param
* @return com.wang.model.common.ResponseBean
* @author dolyw.com
* @date 2018/9/6 9:58
*/
@GetMapping("/online")
@RequiresPermissions(logical = Logical.AND, value = {"user:view"})
public ResponseBean online() {
List<Object> userDtos = new ArrayList<Object>();
// 查询所有Redis键
Set<String> keys = JedisUtil.keysS(Constant.PREFIX_SHIRO_REFRESH_TOKEN + "*");
for (String key : keys) {
if (JedisUtil.exists(key)) {
// 根据:分割key,获取最后一个字符(帐号)
String[] strArray = key.split(":");
UserDto userDto = new UserDto();
userDto.setAccount(strArray[strArray.length - 1]);
userDto = userService.selectOne(userDto);
// 设置登录时间
userDto.setLoginTime(new Date(Long.parseLong(JedisUtil.getObject(key).toString())));
userDtos.add(userDto);
}
}
if (userDtos == null || userDtos.size() < 0) {
throw new CustomException("查询失败(Query Failure)");
}
return new ResponseBean(HttpStatus.OK.value(), "查询成功(Query was successful)", userDtos);
}
Example 3
| Source File: UserController.java From ShiroJwt with MIT License | 6 votes |
|
/**
* 新增用户
* @param userDto
* @return java.util.Map<java.lang.String,java.lang.Object>
* @author dolyw.com
* @date 2018/8/30 10:42
*/
@PostMapping
@RequiresPermissions(logical = Logical.AND, value = {"user:edit"})
public ResponseBean add(@Validated(UserEditValidGroup.class) @RequestBody UserDto userDto) {
// 判断当前帐号是否存在
UserDto userDtoTemp = new UserDto();
userDtoTemp.setAccount(userDto.getAccount());
userDtoTemp = userService.selectOne(userDtoTemp);
if (userDtoTemp != null && StringUtil.isNotBlank(userDtoTemp.getPassword())) {
throw new CustomUnauthorizedException("该帐号已存在(Account exist.)");
}
userDto.setRegTime(new Date());
// 密码以帐号+密码的形式进行AES加密
if (userDto.getPassword().length() > Constant.PASSWORD_MAX_LEN) {
throw new CustomException("密码最多8位(Password up to 8 bits.)");
}
String key = AesCipherUtil.enCrypto(userDto.getAccount() + userDto.getPassword());
userDto.setPassword(key);
int count = userService.insert(userDto);
if (count <= 0) {
throw new CustomException("新增失败(Insert Failure)");
}
return new ResponseBean(HttpStatus.OK.value(), "新增成功(Insert Success)", userDto);
}
Example 4
| Source File: UserController.java From ShiroJwt with MIT License | 5 votes |
|
/**
* 获取指定用户
* @param id
* @return java.util.Map<java.lang.String,java.lang.Object>
* @author dolyw.com
* @date 2018/8/30 10:42
*/
@GetMapping("/{id}")
@RequiresPermissions(logical = Logical.AND, value = {"user:view"})
public ResponseBean findById(@PathVariable("id") Integer id) {
UserDto userDto = userService.selectByPrimaryKey(id);
if (userDto == null) {
throw new CustomException("查询失败(Query Failure)");
}
return new ResponseBean(HttpStatus.OK.value(), "查询成功(Query was successful)", userDto);
}
Example 5
| Source File: UserController.java From ShiroJwt with MIT License | 5 votes |
|
/**
* 更新用户
* @param userDto
* @return java.util.Map<java.lang.String,java.lang.Object>
* @author dolyw.com
* @date 2018/8/30 10:42
*/
@PutMapping
@RequiresPermissions(logical = Logical.AND, value = {"user:edit"})
public ResponseBean update(@Validated(UserEditValidGroup.class) @RequestBody UserDto userDto) {
// 查询数据库密码
UserDto userDtoTemp = new UserDto();
userDtoTemp.setAccount(userDto.getAccount());
userDtoTemp = userService.selectOne(userDtoTemp);
if (userDtoTemp == null) {
throw new CustomUnauthorizedException("该帐号不存在(Account not exist.)");
} else {
userDto.setId(userDtoTemp.getId());
}
// FIXME: 如果不一样就说明用户修改了密码,重新加密密码(这个处理不太好,但是没有想到好的处理方式)
if (!userDtoTemp.getPassword().equals(userDto.getPassword())) {
// 密码以帐号+密码的形式进行AES加密
if (userDto.getPassword().length() > Constant.PASSWORD_MAX_LEN) {
throw new CustomException("密码最多8位(Password up to 8 bits.)");
}
String key = AesCipherUtil.enCrypto(userDto.getAccount() + userDto.getPassword());
userDto.setPassword(key);
}
int count = userService.updateByPrimaryKeySelective(userDto);
if (count <= 0) {
throw new CustomException("更新失败(Update Failure)");
}
return new ResponseBean(HttpStatus.OK.value(), "更新成功(Update Success)", userDto);
}
Example 6
| Source File: UserController.java From ShiroJwt with MIT License | 5 votes |
|
/**
* 删除用户
* @param id
* @return java.util.Map<java.lang.String,java.lang.Object>
* @author dolyw.com
* @date 2018/8/30 10:43
*/
@DeleteMapping("/{id}")
@RequiresPermissions(logical = Logical.AND, value = {"user:edit"})
public ResponseBean delete(@PathVariable("id") Integer id) {
int count = userService.deleteByPrimaryKey(id);
if (count <= 0) {
throw new CustomException("删除失败,ID不存在(Deletion Failed. ID does not exist.)");
}
return new ResponseBean(HttpStatus.OK.value(), "删除成功(Delete Success)", null);
}
Example 7
| Source File: UserController.java From ShiroJwt with MIT License | 5 votes |
|
/**
* 剔除在线用户
* @param id
* @return com.wang.model.common.ResponseBean
* @author dolyw.com
* @date 2018/9/6 10:20
*/
@DeleteMapping("/online/{id}")
@RequiresPermissions(logical = Logical.AND, value = {"user:edit"})
public ResponseBean deleteOnline(@PathVariable("id") Integer id) {
UserDto userDto = userService.selectByPrimaryKey(id);
if (JedisUtil.exists(Constant.PREFIX_SHIRO_REFRESH_TOKEN + userDto.getAccount())) {
if (JedisUtil.delKey(Constant.PREFIX_SHIRO_REFRESH_TOKEN + userDto.getAccount()) > 0) {
return new ResponseBean(HttpStatus.OK.value(), "剔除成功(Delete Success)", null);
}
}
throw new CustomException("剔除失败,Account不存在(Deletion Failed. Account does not exist.)");
}
Example 8
| Source File: ExampleController.java From super-cloudops with Apache License 2.0 | 5 votes |
|
@RequiresPermissions(value = { "order:view:test2", "order:edit:test3" }, logical = Logical.AND)
@RequestMapping("test3")
@ResponseBody
public String test3(String name) {
log.info("Request test3... {}", name);
return "ok";
}
Example 9
| Source File: ExampleController.java From super-cloudops with Apache License 2.0 | 5 votes |
|
@RequiresPermissions(value = { "order:view:test3", "order:edit:*" }, logical = Logical.AND)
@RequestMapping("test5")
@ResponseBody
public String test5(String name) {
log.info("Request test5... {}", name);
return "ok";
}
Example 10
| Source File: AuthorizationResourceFilter.java From emodb with Apache License 2.0 | 5 votes |
|
/**
* Authorizes the client for the annotated permissions. If any authorizations fail an {@link AuthorizationException}
* will be thrown, otherwise the original request is returned.
*/
@Override
public ContainerRequest filter(ContainerRequest request) {
Subject subject = ThreadContext.getSubject();
String[] permissions = resolvePermissions(request);
if (permissions.length == 1 || _logical == Logical.AND) {
// Shortcut call to check all permissions at once
subject.checkPermissions(permissions);
} else {
// Check each permission until any passes
boolean anyPermitted = false;
int p = 0;
while (!anyPermitted) {
try {
subject.checkPermission(permissions[p]);
anyPermitted = true;
} catch (AuthorizationException e) {
// If this is the last permission then pass the exception along
if (++p == permissions.length) {
throw e;
}
}
}
}
return request;
}
Example 11
| Source File: TestWebController.java From jeecg-cloud with Apache License 2.0 | 4 votes |
|
@GetMapping("/require_permission")
@RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
public ResponseBean requirePermission() {
return new ResponseBean(200, "You are visiting permission require edit,view", null);
}
Example 12
| Source File: TestWebController.java From jeecg-boot-with-activiti with MIT License | 4 votes |
|
@GetMapping("/require_permission")
@RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
public ResponseBean requirePermission() {
return new ResponseBean(200, "You are visiting permission require edit,view", null);
}
Example 13
| Source File: TestWebController.java From teaching with Apache License 2.0 | 4 votes |
|
@GetMapping("/require_permission")
@RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
public ResponseBean requirePermission() {
return new ResponseBean(200, "You are visiting permission require edit,view", null);
}
Example 14
| Source File: TestWebController.java From jeecg-boot with Apache License 2.0 | 4 votes |
|
@GetMapping("/require_permission")
@RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
public ResponseBean requirePermission() {
return new ResponseBean(200, "You are visiting permission require edit,view", null);
}
