Java Code Examples for org.apache.shiro.authz.SimpleAuthorizationInfo#addRole()
The following examples show how to use
org.apache.shiro.authz.SimpleAuthorizationInfo#addRole() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ShiroRealm.java From Spring-Shiro-Spark with Apache License 2.0 | 6 votes |
|
@Override
//@org.springframework.transaction.annotation.Transactional
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//获取当前用户
//UserDto user = convertToDto(userDao.findUserByUsername((String)principalCollection.getPrimaryPrincipal()));
//User currentUser = userDao.findUserByUsername((String)principalCollection.getPrimaryPrincipal());
UserDto user = (UserDto) SecurityUtils.getSubject().getSession().getAttribute("user");
//把principals放session中,key=userId value=principals
SecurityUtils.getSubject().getSession().setAttribute(String.valueOf(user.getId()),SecurityUtils.getSubject().getPrincipals());
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//赋予角色
for(RoleDto role:user.getRoles()){
info.addRole(role.getName());
}
//赋予权限
for(PermissionDto permission:user.getPermissions()){
//System.out.println(permission.getName());
info.addStringPermission(permission.getName());
}
return info;
}
Example 2
| Source File: UserRealm.java From MultimediaDesktop with Apache License 2.0 | 6 votes |
|
/**
* 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(
PrincipalCollection principals) {
ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal();
UserRole role = shiroUser.role;
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addRole(UserRole.用户.getRole());
if(UserRole.开发者.equals(role)){
info.addRole(UserRole.开发者.getRole());
}
if(UserRole.管理员.equals(role)){
info.addRole(UserRole.开发者.getRole());
info.addRole(UserRole.管理员.getRole());
}
return info;
}
Example 3
| Source File: MyShiroRealm.java From spring-boot-shiro with Apache License 2.0 | 6 votes |
|
/**
* create by: leigq
* description: 授权
* create time: 2019/7/1 10:32
*
* @return 权限信息,包括角色以及权限
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
log.warn("开始执行授权操作.......");
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//如果身份认证的时候没有传入User对象,这里只能取到userName
//也就是SimpleAuthenticationInfo构造的时候第一个参数传递需要User对象
User user = (User) principals.getPrimaryPrincipal();
// 查询用户角色,一个用户可能有多个角色
List<Role> roles = iRoleService.getUserRoles(user.getUserId());
for (Role role : roles) {
authorizationInfo.addRole(role.getRole());
// 根据角色查询权限
List<Permission> permissions = iPermissionService.getRolePermissions(role.getRoleId());
for (Permission p : permissions) {
authorizationInfo.addStringPermission(p.getPermission());
}
}
return authorizationInfo;
}
Example 4
| Source File: NormalRealm.java From SENS with GNU General Public License v3.0 | 6 votes |
|
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
User user = (User) principals.getPrimaryPrincipal();
List<Role> roles = roleService.listRolesByUserId(user.getId());
for (Role role : roles) {
authorizationInfo.addRole(role.getRole());
List<Permission> permissions = permissionService.listPermissionsByRoleId(role.getId());
//把权限的URL全部放到authorizationInfo中去
Set<String> urls = permissions.stream().map(p -> p.getUrl()).collect(Collectors.toSet());
authorizationInfo.addStringPermissions(urls);
}
return authorizationInfo;
}
Example 5
| Source File: FreeRealm.java From SENS with GNU General Public License v3.0 | 6 votes |
|
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
User user = (User) principals.getPrimaryPrincipal();
List<Role> roles = roleService.listRolesByUserId(user.getId());
for (Role role : roles) {
authorizationInfo.addRole(role.getRole());
List<Permission> permissions = permissionService.listPermissionsByRoleId(role.getId());
for (Permission p : permissions) {
authorizationInfo.addStringPermission(p.getUrl());
}
}
return authorizationInfo;
}
Example 6
| Source File: JPARealm.java From gazpachoquest with GNU General Public License v3.0 | 6 votes |
|
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// null usernames are invalid
if (principals == null) {
throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
}
User user = (User) getAvailablePrincipal(principals);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Set<Role> roles = userService.getRoles(user.getId());
for (Role role : roles) {
info.addRole(role.getName());
}
Set<Permission<?>> permissions = userService.getPermissions(user.getId());
for (Permission<?> permission : permissions) {
info.addStringPermission(permission.getLiteral());
}
return info;
}
Example 7
| Source File: MyShiroRealm.java From SpringBootBucket with MIT License | 6 votes |
|
/**
* 此方法调用hasRole,hasPermission的时候才会进行回调.
* <p>
* 权限信息.(授权):
* 1、如果用户正常退出,缓存自动清空;
* 2、如果用户非正常退出,缓存自动清空;
* 3、如果我们修改了用户的权限,而用户不退出系统,修改的权限无法立即生效。
* (需要手动编程进行实现;放在service进行调用)
* 在权限修改后调用realm中的方法,realm已经由spring管理,所以从spring中获取realm实例,调用clearCached方法;
* :Authorization 是授权访问控制,用于对用户进行的操作授权,证明该用户是否允许进行当前操作,如访问某个链接,某个资源文件等。
*
* @param principals
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
/*
* 当没有使用缓存的时候,不断刷新页面的话,这个代码会不断执行,
* 当其实没有必要每次都重新设置权限信息,所以我们需要放到缓存中进行管理;
* 当放到缓存中时,这样的话,doGetAuthorizationInfo就只会执行一次了,
* 缓存过期之后会再次执行。
*/
_logger.info("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
ManagerInfo managerInfo = (ManagerInfo) principals.getPrimaryPrincipal();
//设置相应角色的权限信息
for (SysRole role : managerInfo.getRoles()) {
//设置角色
authorizationInfo.addRole(role.getRole());
for (Permission p : role.getPermissions()) {
//设置权限
authorizationInfo.addStringPermission(p.getPermission());
}
}
return authorizationInfo;
}
Example 8
| Source File: GreenStepBaseAuthorizingLdapRealm.java From bamboobsc with Apache License 2.0 | 6 votes |
|
private SimpleAuthorizationInfo getSimpleAuthorizationInfo(String username) throws Exception {
Map<String, Object> params = new HashMap<String, Object>();
params.put("account", username);
List<TbUserRole> roleList = userRoleService.findListByParams(params);
if (roleList==null) {
return null;
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (TbUserRole userRole : roleList) {
info.addRole(userRole.getRole());
params.clear();
params.put("role", userRole.getRole());
List<TbRolePermission> rolePermissionList = rolePermissionService.findListByParams(params);
if (rolePermissionList==null) {
continue;
}
for (TbRolePermission rolePermission : rolePermissionList) {
info.addStringPermission(rolePermission.getPermission());
}
}
return info;
}
Example 9
| Source File: UserRealm.java From mumu with Apache License 2.0 | 6 votes |
|
/**
* 获取当前用户的角色集合,权限集合
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//获取保存在session中的用户信息
SysUser user = (SysUser) SecurityUtils.getSubject().getSession().getAttribute(SysUser.SYS_USER);
if (user == null) {
throw new IllegalArgumentException();
}
//获取当前用户拥有的所有角色
List<SysRole> roles = roleService.getSysRoleByUserId(user.getUserId().toString(), PublicEnum.NORMAL.value());
for (SysRole sysRole : roles) {
authorizationInfo.addRole(sysRole.getRoleCode());
}
//获取当前用户拥有的所有权限
List<SysPermission> permissions = permissionService.getSysPermissionByUserId(user.getUserId(), PublicEnum.NORMAL.value());
for (SysPermission sysPermission : permissions) {
authorizationInfo.addStringPermission(sysPermission.getPermission());
}
System.out.println("用户权限:"+ JSON.toJSONString(authorizationInfo));
return authorizationInfo;
}
Example 10
| Source File: MyShiroRealm.java From SpringBootBucket with MIT License | 5 votes |
|
/**
* 此方法调用hasRole,hasPermission的时候才会进行回调.
* <p>
* 权限信息.(授权):
* 1、如果用户正常退出,缓存自动清空;
* 2、如果用户非正常退出,缓存自动清空;
* 3、如果我们修改了用户的权限,而用户不退出系统,修改的权限无法立即生效。
* (需要手动编程进行实现;放在service进行调用)
* 在权限修改后调用realm中的方法,realm已经由spring管理,所以从spring中获取realm实例,调用clearCached方法;
* :Authorization 是授权访问控制,用于对用户进行的操作授权,证明该用户是否允许进行当前操作,如访问某个链接,某个资源文件等。
*
* @param principals
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
/*
* 当没有使用缓存的时候,不断刷新页面的话,这个代码会不断执行,
* 当其实没有必要每次都重新设置权限信息,所以我们需要放到缓存中进行管理;
* 当放到缓存中时,这样的话,doGetAuthorizationInfo就只会执行一次了,
* 缓存过期之后会再次执行。
*/
_logger.info("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
String username = JWTUtil.getUsername(principals.toString());
// 下面的可以使用缓存提升速度
ManagerInfo managerInfo = managerInfoService.findByUsername(username);
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//设置相应角色的权限信息
for (SysRole role : managerInfo.getRoles()) {
//设置角色
authorizationInfo.addRole(role.getRole());
for (Permission p : role.getPermissions()) {
//设置权限
authorizationInfo.addStringPermission(p.getPermission());
}
}
return authorizationInfo;
}
Example 11
| Source File: CheckRealm.java From notes with Apache License 2.0 | 5 votes |
|
/**
* @return org.apache.shiro.authz.AuthorizationInfo
* @Author fruiqi
* @Description 当需要检测用户权限的时候会调用此方法。
* @Date 1:55 2019/3/9
* @Param [principals]
**/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String adminName = JwtUtil.getUsername(principals.toString());
AdminDto admin = AdminShiroService.selectAdminByAdminName(adminName);
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
simpleAuthorizationInfo.addRole(admin.getAdminGrade().toString());
// TODO: 2019/3/9 待需要添加权限信息
// Set<String> permission = new HashSet<>(Arrays.asList(admin));
simpleAuthorizationInfo.addStringPermission("admin");
simpleAuthorizationInfo.addStringPermission("superadmin");
return simpleAuthorizationInfo;
}
Example 12
| Source File: MyShiroRealm.java From springBoot-study with Apache License 2.0 | 5 votes |
|
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
authorizationInfo.addRole(null);
authorizationInfo.addStringPermission(null);
return authorizationInfo;
}
Example 13
| Source File: UserRealm.java From LuckyFrameWeb with GNU Affero General Public License v3.0 | 5 votes |
|
/**
* 授权
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
User user = ShiroUtils.getSysUser();
// 角色列表
Set<String> roles;
// 功能列表
Set<String> menus;
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 管理员拥有所有权限
if (user.isAdmin())
{
info.addRole("admin");
info.addStringPermission("*:*:*");
}
else
{
roles = roleService.selectRoleKeys(user.getUserId());
menus = menuService.selectPermsByUserId(user.getUserId());
// 角色加入AuthorizationInfo认证对象
info.setRoles(roles);
// 权限加入AuthorizationInfo认证对象
info.setStringPermissions(menus);
}
return info;
}
Example 14
| Source File: ShiroRealm.java From OneBlog with GNU General Public License v3.0 | 5 votes |
|
/**
* 权限认证,为当前登录的Subject授予角色和权限(角色的权限信息集合)
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
// 权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Long userId = (Long) SecurityUtils.getSubject().getPrincipal();
// 赋予角色
List<Role> roleList = roleService.listRolesByUserId(userId);
for (Role role : roleList) {
info.addRole(role.getName());
}
// 赋予权限
List<Resources> resourcesList = null;
User user = userService.getByPrimaryKey(userId);
if (null == user) {
return info;
}
// ROOT用户默认拥有所有权限
if (UserTypeEnum.ROOT.toString().equalsIgnoreCase(user.getUserType())) {
resourcesList = resourcesService.listAll();
} else {
resourcesList = resourcesService.listByUserId(userId);
}
if (!CollectionUtils.isEmpty(resourcesList)) {
Set<String> permissionSet = new HashSet<>();
for (Resources resources : resourcesList) {
String permission = null;
if (!StringUtils.isEmpty(permission = resources.getPermission())) {
permissionSet.addAll(Arrays.asList(permission.trim().split(",")));
}
}
info.setStringPermissions(permissionSet);
}
return info;
}
Example 15
| Source File: ShiroDbRealm.java From DWSurvey with GNU Affero General Public License v3.0 | 5 votes |
|
/**
* 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String username = (String) principals.fromRealm(getName()).iterator().next();
// User user = accountManager.findUserByLoginName(username);
User user = accountManager.findUserByLoginNameOrEmail(username);
if (user != null && "1".equals(user.getId())) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addRole("admin");
return info;
} else {
return null;
}
}
Example 16
| Source File: SystemAuthorizingRealm.java From easyweb with Apache License 2.0 | 4 votes |
|
/**
* 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String principal = (String) getAvailablePrincipal(principals);
// 获取当前已登录的用户
// if (!Global.TRUE.equals(Global.getInstance().getConfig("user.multiAccountLogin"))){
// Collection<Session> sessions = getSystemService().getSessionDao().getActiveSessions(true, principal, UserUtils.getSession());
// if (sessions.size() > 0){
// // 如果是登录进来的,则踢出已在线用户
// if (UserUtils.getSubject().isAuthenticated()){
// for (Session session : sessions){
// getSystemService().getSessionDao().delete(session);
// }
// }
// // 记住我进来的,并且当前用户已登录,则退出当前用户提示信息。
// else{
// UserUtils.getSubject().logout();
// throw new AuthenticationException("msg:账号已在其它地方登录,请重新登录。");
// }
// }
// }
SysUser user =sysUserService.getByLoginName(principal);
if (user != null) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
List<SysMenu> list = UserUtils.getMenuList();
for (SysMenu menu : list){
if (StringUtils.isNotBlank(menu.getPermission())){
// 添加基于Permission的权限信息
for (String permission : StringUtils.split(menu.getPermission(),",")){
info.addStringPermission(permission);
}
}
}
// 添加用户权限
// info.addStringPermission("user");
// 添加用户角色信息
for (SysRole role : UserUtils.getRoleList()){
info.addRole(role.getEnname());
}
// // 更新登录IP和时间
// getSystemService().updateUserLoginInfo(user);
// // 记录登录日志
// LogUtils.saveLog(Servlets.getRequest(), "系统登录");
return info;
} else {
return null;
}
}
Example 17
| Source File: SystemAuthorizingRealm.java From Shop-for-JavaWeb with MIT License | 4 votes |
|
/**
* 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
Principal principal = (Principal) getAvailablePrincipal(principals);
// 获取当前已登录的用户
if (!Global.TRUE.equals(Global.getConfig("user.multiAccountLogin"))){
Collection<Session> sessions = getSystemService().getSessionDao().getActiveSessions(true, principal, UserUtils.getSession());
if (sessions.size() > 0){
// 如果是登录进来的,则踢出已在线用户
if (UserUtils.getSubject().isAuthenticated()){
for (Session session : sessions){
getSystemService().getSessionDao().delete(session);
}
}
// 记住我进来的,并且当前用户已登录,则退出当前用户提示信息。
else{
UserUtils.getSubject().logout();
throw new AuthenticationException("msg:账号已在其它地方登录,请重新登录。");
}
}
}
User user = getSystemService().getUserByLoginName(principal.getLoginName());
if (user != null) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
List<Menu> list = UserUtils.getMenuList();
for (Menu menu : list){
if (StringUtils.isNotBlank(menu.getPermission())){
// 添加基于Permission的权限信息
for (String permission : StringUtils.split(menu.getPermission(),",")){
info.addStringPermission(permission);
}
}
}
// 添加用户权限
info.addStringPermission("user");
// 添加用户角色信息
for (Role role : user.getRoleList()){
info.addRole(role.getEnname());
}
// 更新登录IP和时间
getSystemService().updateUserLoginInfo(user);
// 记录登录日志
LogUtils.saveLog(Servlets.getRequest(), "系统登录");
return info;
} else {
return null;
}
}
Example 18
| Source File: MyRealm.java From demo-springmvc-shiro with Apache License 2.0 | 4 votes |
|
/**
* 为当前登录的Subject授予角色和权限
* -----------------------------------------------------------------------------------------------
* 经测试:本例中该方法的调用时机为需授权资源被访问时
* 经测试:并且每次访问需授权资源时都会执行该方法中的逻辑,这表明本例中默认并未启用AuthorizationCache
* 个人感觉若使用了Spring3.1开始提供的ConcurrentMapCache支持,则可灵活决定是否启用AuthorizationCache
* 比如说这里从数据库获取权限信息时,先去访问Spring3.1提供的缓存,而不使用Shior提供的AuthorizationCache
* -----------------------------------------------------------------------------------------------
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals){
//获取当前登录的用户名
String currentUsername = (String)super.getAvailablePrincipal(principals);
////从数据库中获取当前登录用户的详细信息
//List<String> roleList = new ArrayList<String>();
//List<String> permissionList = new ArrayList<String>();
//User user = userService.getByUsername(currentUsername);
//if(null != user){
// //实体类User中包含有用户角色的实体类信息
// if(null!=user.getRoles() && user.getRoles().size()>0){
// //获取当前登录用户的角色
// for(Role role : user.getRoles()){
// roleList.add(role.getName());
// //实体类Role中包含有角色权限的实体类信息
// if(null!=role.getPermissions() && role.getPermissions().size()>0){
// //获取权限
// for(Permission pmss : role.getPermissions()){
// if(StringUtils.isNotBlank(pmss.getPermission())){
// permissionList.add(pmss.getPermission());
// }
// }
// }
// }
// }
//}else{
// throw new AuthorizationException();
//}
////为当前用户设置角色和权限
//SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo();
//simpleAuthorInfo.addRoles(roleList);
//simpleAuthorInfo.addStringPermissions(permissionList);
//实际中可能会像上面注释的那样,从数据库或缓存中取得用户的角色和权限信息
SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo();
if(null!=currentUsername && "jadyer".equals(currentUsername)){
//添加一个角色,不是配置意义上的添加,而是证明该用户拥有admin角色
simpleAuthorInfo.addRole("admin");
//添加权限
simpleAuthorInfo.addStringPermission("admin:manage");
System.out.println("已为用户[jadyer]赋予了[admin]角色和[admin:manage]权限");
return simpleAuthorInfo;
}
if(null!=currentUsername && "xuanyu".equals(currentUsername)){
System.out.println("当前用户[xuanyu]无授权(不需要为其赋予角色和权限)");
return simpleAuthorInfo;
}
//若该方法什么都不做直接返回null的话
//就会导致任何用户访问/admin/listUser.jsp时都会自动跳转到unauthorizedUrl指定的地址
//详见applicationContext.xml中的<bean id="shiroFilter">的配置
return null;
}
Example 19
| Source File: AbstractPermittingAuthorizingRealm.java From super-cloudops with Apache License 2.0 | 3 votes |
|
/**
* Add merge roles to the simple authorization info.
*
* @param authzInfo
* @param roles
* the list of roles to add
* @return
*/
protected SimpleAuthorizationInfo mergeRoles(SimpleAuthorizationInfo authzInfo, List<String> roles) {
for (String role : roles) {
authzInfo.addRole(role);
}
return authzInfo;
}
Example 20
| Source File: CasStatelessAuthorizingRealm.java From shiro-cas-spring-boot-starter with Apache License 2.0 | 2 votes |
|
/**
* Add roles to the simple authorization info.
*
* @param simpleAuthorizationInfo
* @param roles the list of roles to add
*/
private void addRoles(SimpleAuthorizationInfo simpleAuthorizationInfo, List<String> roles) {
for (String role : roles) {
simpleAuthorizationInfo.addRole(role);
}
}
