org.apache.shiro.subject.PrincipalCollection Java Examples

The following examples show how to use org.apache.shiro.subject.PrincipalCollection. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ShiroRealm.java    From Spring-Boot-Book with Apache License 2.0 6 votes vote down vote up
@Override
/**
 * 权限配置
 */
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    //拿到用户信息
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Admin adminInfo = (Admin) principals.getPrimaryPrincipal();

    for (SysRole role : adminInfo.getRoleList()) {
        //将角色放入SimpleAuthorizationInfo
        info.addRole(role.getRole());
        //用户拥有的权限
        for (SysPermission p : role.getPermissions()) {
            info.addStringPermission(p.getPermission());
        }
    }
    return info;
}
 
Example #2
Source File: DbRealm.java    From dpCms with Apache License 2.0 6 votes vote down vote up
@Override
    protected AuthorizationInfo doGetAuthorizationInfo(
            final PrincipalCollection principals) {
        // retrieve role names and permission names
        final String userName = (String) principals.getPrimaryPrincipal();
        final Account account = accountRepository.findByLoginName(userName);
        if (account == null) {
            throw new UnknownAccountException("Account does not exist");
        }
        //先保存岗位数量
        final int totalRoles = account.getEmployees().size();
        
        final Set<String> roleNames = new LinkedHashSet<>(totalRoles);
        final Set<String> permissionNames = new LinkedHashSet<>();

        final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        info.setStringPermissions(permissionNames);
        return info;
    }
 
Example #3
Source File: MyRealm.java    From shiroDemo with Apache License 2.0 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    //获取登录时输入的用户名
    String loginName = (String) principalCollection.fromRealm(getName()).iterator().next();
    //到数据库查是否有此对象
    User user = this.getDao().findByName(loginName);
    if (user != null) {
        //权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //用户的角色集合
        info.setRoles(user.getRolesName());
        //用户的角色对应的所有权限,如果只使用角色定义访问权限,下面的四行可以不要
        List<Role> roleList = user.getRoleList();
        for (Role role : roleList) {
            info.addStringPermissions(role.getPermissionsString());
        }
        return info;
    }
    return null;
}
 
Example #4
Source File: UserRealm.java    From RuoYi with Apache License 2.0 6 votes vote down vote up
/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
    SysUser user = ShiroUtils.getSysUser();

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 管理员拥有所有权限
    if (user.isAdmin()) {
        info.addRole("admin");
        info.addStringPermission("*:*:*");
    } else {
        // 角色列表
        Set<String> roles = roleService.selectRoleKeys(user.getUserId());
        // 功能列表
        Set<String> menus = menuService.selectPermsByUserId(user.getUserId());
        // 角色加入AuthorizationInfo认证对象
        info.setRoles(roles);
        // 权限加入AuthorizationInfo认证对象
        info.setStringPermissions(menus);
    }
    return info;
}
 
Example #5
Source File: ShiroRealm.java    From SpringAll with MIT License 6 votes vote down vote up
/**
 * 获取用户角色和权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
	User user = (User) SecurityUtils.getSubject().getPrincipal();
	String userName = user.getUserName();

	System.out.println("用户" + userName + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
	SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

	// 获取用户角色集
	List<Role> roleList = userRoleMapper.findByUserName(userName);
	Set<String> roleSet = new HashSet<String>();
	for (Role r : roleList) {
		roleSet.add(r.getName());
	}
	simpleAuthorizationInfo.setRoles(roleSet);

	// 获取用户权限集
	List<Permission> permissionList = userPermissionMapper.findByUserName(userName);
	Set<String> permissionSet = new HashSet<String>();
	for (Permission p : permissionList) {
		permissionSet.add(p.getName());
	}
	simpleAuthorizationInfo.setStringPermissions(permissionSet);
	return simpleAuthorizationInfo;
}
 
Example #6
Source File: Realm.java    From usergrid with Apache License 2.0 6 votes vote down vote up
@Override
protected AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {
    UsergridAuthorizationInfo info = (UsergridAuthorizationInfo)super.getAuthorizationInfo(principals);

    Subject currentUser = SecurityUtils.getSubject();
    Session session = currentUser.getSession();
    session.setAttribute( "applications", info.getApplicationSet());
    session.setAttribute("organizations", info.getOrganizationSet());
    if ( info.getOrganization() != null ) {
        session.setAttribute( "organization", info.getOrganization() );
    }
    if ( info.getApplication() != null ) {
        session.setAttribute( "application", info.getApplication() );
    }

    return info;
}
 
Example #7
Source File: ShiroRealm.java    From SpringAll with MIT License 6 votes vote down vote up
/**
 * 获取用户角色和权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
	User user = (User) SecurityUtils.getSubject().getPrincipal();
	String userName = user.getUserName();

	System.out.println("用户" + userName + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
	SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

	// 获取用户角色集
	List<Role> roleList = userRoleMapper.findByUserName(userName);
	Set<String> roleSet = new HashSet<String>();
	for (Role r : roleList) {
		roleSet.add(r.getName());
	}
	simpleAuthorizationInfo.setRoles(roleSet);

	// 获取用户权限集
	List<Permission> permissionList = userPermissionMapper.findByUserName(userName);
	Set<String> permissionSet = new HashSet<String>();
	for (Permission p : permissionList) {
		permissionSet.add(p.getName());
	}
	simpleAuthorizationInfo.setStringPermissions(permissionSet);
	return simpleAuthorizationInfo;
}
 
Example #8
Source File: JPARealm.java    From gazpachoquest with GNU General Public License v3.0 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    // null usernames are invalid
    if (principals == null) {
        throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }
    User user = (User) getAvailablePrincipal(principals);

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<Role> roles = userService.getRoles(user.getId());
    for (Role role : roles) {
        info.addRole(role.getName());
    }
    Set<Permission<?>> permissions = userService.getPermissions(user.getId());

    for (Permission<?> permission : permissions) {
        info.addStringPermission(permission.getLiteral());
    }
    return info;
}
 
Example #9
Source File: UserRealm.java    From ssm with Apache License 2.0 6 votes vote down vote up
@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		SysUser sysUser =  (SysUser)principals.getPrimaryPrincipal();
		List<SysPermission> sysPermissions = sysPermissionService.getPermissionsByUserAccount(sysUser.getAccount());
		List<String> permissionValus = new ArrayList<String>();
		if (sysPermissions != null) {
//			System.out.println(sysPermissions.size());
			for (SysPermission sysPermission : sysPermissions) {
				permissionValus.add(sysPermission.getValue());
//				System.out.println(sysPermission.toString());
			}
		}
		SimpleAuthorizationInfo simpleAuthorizationInfo
				= new SimpleAuthorizationInfo();
		simpleAuthorizationInfo.addStringPermissions(permissionValus);
		return simpleAuthorizationInfo;
	}
 
Example #10
Source File: ApiKeyRealmTest.java    From emodb with Apache License 2.0 6 votes vote down vote up
@Test
public void testCachedPermissionCheckById() {
    String id = _authIdentityManager.createIdentity("apikey0", new ApiKeyModification().addRoles("role0"));
    Permission rolePermission = mock(Permission.class);
    Permission positivePermission = mock(Permission.class);
    when(rolePermission.implies(positivePermission)).thenReturn(true);
    when(rolePermission.implies(not(eq(positivePermission)))).thenReturn(false);
    when(_permissionManager.getPermissions(PermissionIDs.forRole("role0"))).thenReturn(ImmutableSet.of(rolePermission));

    // Verify permission is granted using the API key
    PrincipalCollection principals = _underTest.getAuthenticationInfo(new ApiKeyAuthenticationToken("apikey0")).getPrincipals();
    assertTrue(_underTest.isPermitted(principals, positivePermission));
    // Verify the ID was cached
    assertNotNull(_underTest.getIdAuthorizationCache().get(id));
    // Verify permission was granted
    assertTrue(_underTest.hasPermissionById(id, positivePermission));
}
 
Example #11
Source File: SystemAuthorizingRealm.java    From easyweb with Apache License 2.0 6 votes vote down vote up
/**
 * 获取权限授权信息,如果缓存中存在,则直接从缓存中获取,否则就重新获取, 登录成功后调用
 */
protected AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals) {
	if (principals == null) {
           return null;
       }
	
       AuthorizationInfo info = null;
       info = (AuthorizationInfo)UserUtils.getCache(CACHE_AUTH_INFO);

       if (info == null) {
           info = doGetAuthorizationInfo(principals);
           if (info != null) {
           	UserUtils.putCache(CACHE_AUTH_INFO, info);
           }
       }

       return info;
}
 
Example #12
Source File: MockRealm.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
  String userId = principals.getPrimaryPrincipal().toString();

  Set<String> roles = new HashSet<String>();
  try {
    for (RoleIdentifier roleIdentifier : userManager.getUser(userId).getRoles()) {
      roles.add(roleIdentifier.getRoleId());
    }
  }
  catch (UserNotFoundException e) {
    return null;
  }

  return new SimpleAuthorizationInfo(roles);
}
 
Example #13
Source File: LdapRealm.java    From zeppelin with Apache License 2.0 6 votes vote down vote up
private Set<String> getRoles(PrincipalCollection principals,
        final LdapContextFactory ldapContextFactory) throws NamingException {
  final String username = (String) getAvailablePrincipal(principals);

  LdapContext systemLdapCtx = null;
  try {
    systemLdapCtx = ldapContextFactory.getSystemLdapContext();
    return rolesFor(principals, username, systemLdapCtx,
      ldapContextFactory, SecurityUtils.getSubject().getSession());
  } catch (Throwable t) {
    log.warn("Failed to get roles in current context for " + username, t);
    return Collections.emptySet();
  } finally {
    LdapUtils.closeContext(systemLdapCtx);
  }
}
 
Example #14
Source File: ApiRealm.java    From flash-waimai with MIT License 5 votes vote down vote up
/**
 * 只有当需要检测用户权限的时候才会调用此方法,例如checkRole,checkPermission之类的
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    String username = JwtUtil.getUsername(principals.toString());

    ShiroUser user = shiroFactroy.shiroUser(userService.findByAccount(username));
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    simpleAuthorizationInfo.addRoles(user.getRoleCodes());
    Set<String> permission = user.getPermissions();
    simpleAuthorizationInfo.addStringPermissions(permission);
    return simpleAuthorizationInfo;
}
 
Example #15
Source File: ShiroUtils.java    From NutzSite with Apache License 2.0 5 votes vote down vote up
public static void setSysUser(User user) {
    Subject subject = getSubject();
    PrincipalCollection principalCollection = subject.getPrincipals();
    String realmName = principalCollection.getRealmNames().iterator().next();
    PrincipalCollection newPrincipalCollection = new SimplePrincipalCollection(user, realmName);
    // 重新加载Principal
    subject.runAs(newPrincipalCollection);
}
 
Example #16
Source File: WJRealm.java    From White-Jotter with MIT License 5 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    // 获取当前用户的所有权限
    String username = principalCollection.getPrimaryPrincipal().toString();
    Set<String> permissions = adminPermissionService.listPermissionURLsByUser(username);

    // 将权限放入授权信息中
    SimpleAuthorizationInfo s = new SimpleAuthorizationInfo();
    s.setStringPermissions(permissions);
    return s;
}
 
Example #17
Source File: AbstractPermittingAuthorizingRealm.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
/**
 * Setup merge authorized roles and permission string.
 * 
 * @param authzInfo
 * @return
 */
@SuppressWarnings("unchecked")
protected SimpleAuthorizationInfo mergeAuthorizedString(PrincipalCollection principals, SimpleAuthorizationInfo authzInfo) {
	// Retrieve principal account info.
	SimplePrincipalCollection principals0 = (SimplePrincipalCollection) principals;
	Map<String, String> principalMap = (Map<String, String>) principals0.asList().get(1);

	// Principal roles.
	String roles = principalMap.get(KEY_ROLES_ATTRIBUTE_NAME);
	mergeRoles(authzInfo, splitPermitString(roles));

	// Principal permissions.
	String permissions = principalMap.get(KEY_PERMITS_ATTRIBUTE_NAME);
	return mergePermissions(authzInfo, splitPermitString(permissions));
}
 
Example #18
Source File: UserRealm.java    From kvf-admin with MIT License 5 votes vote down vote up
/**
 * 授权(验证权限时调用)
 * @param principals
 * @return
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    User user = (User)principals.getPrimaryPrincipal();
    Long userId = user.getId();
    String username = user.getUsername();

    List<String> permsList;

    // todo 系统管理员,拥有最高权限(不用在系统设置任何权限)
    /*if (SysConstant.ADMIN.equals(username)) {
        List<Menu> menuList = menuService.list();
        permsList = new ArrayList<>(menuList.size());
        for (Menu menu : menuList) {
            permsList.add(menu.getPermission());
        }
    } else {
        permsList = menuService.getPermission(userId);
    }*/
    permsList = menuService.getPermission(userId);

    //用户权限列表
    Set<String> permsSet = new HashSet<>();
    for(String perms : permsList){
        if(StrUtil.isBlank(perms)){
            continue;
        }
        permsSet.addAll(Arrays.asList(perms.trim().split(",")));
    }

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    info.setStringPermissions(permsSet);

    return info;
}
 
Example #19
Source File: GuicedIrisRealm.java    From arcusplatform with Apache License 2.0 5 votes vote down vote up
/**
 * This implementation of the interface expects the principals collection to return a String username keyed off of
 * this realm's {@link #getName() name}
 *
 * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
   //null usernames are invalid
   if (principals == null) {
      throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
   }

   Principal principal = (Principal) getAvailablePrincipal(principals);

   Set<String> roleNames;
   Set<String> permissions = null;
   try {
      // Retrieve roles and permissions from database
      roleNames = getRoleNamesForUser(principal.getUsername());
      if (permissionsLookupEnabled) {
         permissions = getPermissions(roleNames);
      }
   } catch (Exception e) {
      final String message = "There was an error while authorizing user [" + principal.getUsername() + "]";
      log.error(message, e);
      // Rethrow any SQL errors as an authorization exception
      throw new AuthorizationException(message, e);
   }

   SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
   info.setStringPermissions(permissions);
   return info;

}
 
Example #20
Source File: ActiveDirectoryGroupRealm.java    From zeppelin with Apache License 2.0 5 votes vote down vote up
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
  try {
    AuthorizationInfo info = this.queryForAuthorizationInfo(principals,
        this.getLdapContextFactory());
    return info;
  } catch (NamingException var5) {
    String msg = "LDAP naming error while attempting to " +
        "retrieve authorization for user [" + principals + "].";
    throw new AuthorizationException(msg, var5);
  }
}
 
Example #21
Source File: ApiKeyStoreImpl.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
private char[] makeApiKey(final String domain, final PrincipalCollection principals) {
  ApiKeyFactory factory = apiKeyFactories.get(domain);
  if (factory != null) {
    return checkNotNull(factory.makeApiKey(principals));
  }
  return defaultApiKeyFactory.makeApiKey(principals);
}
 
Example #22
Source File: IrisRealm.java    From arcusplatform with Apache License 2.0 5 votes vote down vote up
/**
 * This implementation of the interface expects the principals collection to return a String username keyed off of
 * this realm's {@link #getName() name}
 *
 * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
   //null usernames are invalid
   if (principals == null) {
      throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
   }

   String username = (String) getAvailablePrincipal(principals);

   Set<String> roleNames;
   Set<String> permissions = null;
   try {
      // Retrieve roles and permissions from database
      roleNames = getRoleNamesForUser(cassandraSession, username);
      if (permissionsLookupEnabled) {
         permissions = getPermissions(cassandraSession, roleNames);
      }
   } catch (SQLException e) {
      final String message = "There was a SQL error while authorizing user [" + username + "]";
      if (log.isErrorEnabled()) {
         log.error(message, e);
      }

      // Rethrow any SQL errors as an authorization exception
      throw new AuthorizationException(message, e);
   }

   SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
   info.setStringPermissions(permissions);
   return info;

}
 
Example #23
Source File: MyShiroRealm.java    From EasyReport with Apache License 2.0 5 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principals) {
    final String account = (String)principals.getPrimaryPrincipal();
    final User user = this.membershipFacade.getUser(account);

    final SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.setRoles(this.membershipFacade.getRoleSet(user.getRoles()));
    authorizationInfo.setStringPermissions(this.membershipFacade.getPermissionSet(user.getRoles()));
    return authorizationInfo;
}
 
Example #24
Source File: MyShiroRealm.java    From SpringBootBucket with MIT License 5 votes vote down vote up
/**
 * 此方法调用hasRole,hasPermission的时候才会进行回调.
 * <p>
 * 权限信息.(授权):
 * 1、如果用户正常退出,缓存自动清空;
 * 2、如果用户非正常退出,缓存自动清空;
 * 3、如果我们修改了用户的权限,而用户不退出系统,修改的权限无法立即生效。
 * (需要手动编程进行实现;放在service进行调用)
 * 在权限修改后调用realm中的方法,realm已经由spring管理,所以从spring中获取realm实例,调用clearCached方法;
 * :Authorization 是授权访问控制,用于对用户进行的操作授权,证明该用户是否允许进行当前操作,如访问某个链接,某个资源文件等。
 *
 * @param principals
 * @return
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    /*
     * 当没有使用缓存的时候,不断刷新页面的话,这个代码会不断执行,
     * 当其实没有必要每次都重新设置权限信息,所以我们需要放到缓存中进行管理;
     * 当放到缓存中时,这样的话,doGetAuthorizationInfo就只会执行一次了,
     * 缓存过期之后会再次执行。
     */
    _logger.info("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
    String username = JWTUtil.getUsername(principals.toString());

    // 下面的可以使用缓存提升速度
    ManagerInfo managerInfo = managerInfoService.findByUsername(username);

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

    //设置相应角色的权限信息
    for (SysRole role : managerInfo.getRoles()) {
        //设置角色
        authorizationInfo.addRole(role.getRole());
        for (Permission p : role.getPermissions()) {
            //设置权限
            authorizationInfo.addStringPermission(p.getPermission());
        }
    }
    return authorizationInfo;
}
 
Example #25
Source File: AdminAuthorizingRealm.java    From mall with MIT License 5 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    if (principals == null) {
        throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }

    LitemallAdmin admin = (LitemallAdmin) getAvailablePrincipal(principals);
    Integer[] roleIds = admin.getRoleIds();
    Set<String> roles = roleService.queryByIds(roleIds);
    Set<String> permissions = permissionService.queryByRoleIds(roleIds);
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    info.setRoles(roles);
    info.setStringPermissions(permissions);
    return info;
}
 
Example #26
Source File: UserRealm.java    From es with Apache License 2.0 5 votes vote down vote up
private boolean isPermittedWithNotOperator(PrincipalCollection principals, String permission) {
    if (permission.startsWith(NOT_OPERATOR)) {
        return !super.isPermitted(principals, permission.substring(NOT_OPERATOR.length()));
    } else {
        return super.isPermitted(principals, permission);
    }
}
 
Example #27
Source File: OrientApiKeyStore.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@Override
@Guarded(by = STARTED)
public void deleteApiKey(final String domain, final PrincipalCollection principals) {
  inTxRetry(databaseInstance).run(db -> {
    for (OrientApiKey entity : findByPrimaryPrincipal(db, principals)) {
      if (entity.getDomain().equals(domain)) {
        entityAdapter.deleteEntity(db, entity);
      }
    }
  });
}
 
Example #28
Source File: UserRealm.java    From spring-tutorial with Creative Commons Attribution Share Alike 4.0 International 5 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	String username = (String) principals.getPrimaryPrincipal();

	SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
	authorizationInfo.setRoles(userService.findRoles(username));
	authorizationInfo.setStringPermissions(userService.findPermissions(username));

	return authorizationInfo;
}
 
Example #29
Source File: CheckRealm.java    From notes with Apache License 2.0 5 votes vote down vote up
/**
     * @return org.apache.shiro.authz.AuthorizationInfo
     * @Author fruiqi
     * @Description 当需要检测用户权限的时候会调用此方法。
     * @Date 1:55 2019/3/9
     * @Param [principals]
     **/
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String adminName = JwtUtil.getUsername(principals.toString());
        AdminDto admin = AdminShiroService.selectAdminByAdminName(adminName);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addRole(admin.getAdminGrade().toString());
        // TODO: 2019/3/9 待需要添加权限信息
//        Set<String> permission = new HashSet<>(Arrays.asList(admin));
        simpleAuthorizationInfo.addStringPermission("admin");
        simpleAuthorizationInfo.addStringPermission("superadmin");
        return simpleAuthorizationInfo;
    }
 
Example #30
Source File: JwtRealm.java    From wetech-admin with MIT License 5 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    String username = principals.toString();
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.setRoles(userService.queryRoles(username));
    authorizationInfo.setStringPermissions(userService.queryPermissions(username));
    return authorizationInfo;
}