Java Code Examples for org.apache.shiro.authz.SimpleAuthorizationInfo#addRoles()
The following examples show how to use
org.apache.shiro.authz.SimpleAuthorizationInfo#addRoles() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: LoginAuth.java From jboot-admin with Apache License 2.0 | 6 votes |
@Override public AuthorizationInfo buildAuthorizationInfo(PrincipalCollection principals) { String loginName = (String) principals.fromRealm("ShiroDbRealm").iterator().next(); RoleService sysRoleApi = Jboot.service(RoleService.class); List<Role> sysRoleList = sysRoleApi.findByUserName(loginName); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); List<String> roleNameList = new ArrayList<String>(); for (Role sysRole : sysRoleList) { roleNameList.add(sysRole.getName()); } ResService sysResService = Jboot.service(ResService.class); List<Res> sysResList = sysResService.findByUserNameAndStatusUsed(loginName); List<String> urls = new ArrayList<String>(); for (Res sysRes : sysResList) { urls.add(sysRes.getUrl()); } info.addRoles(roleNameList); info.addStringPermissions(urls); return info; }
Example 2
Source File: ShiroRealm.java From layui-admin with MIT License | 6 votes |
/** * 获取授权信息方法,返回用户角色信息 * */ @Override protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principals) { if (principals == null) { throw new AuthorizationException("PrincipalCollection method argument cannot be null."); } UserTest user = (UserTest) principals.getPrimaryPrincipal(); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); if (user != null) {//获取用户角色信息 List<String> roles = userServiceImpl.getRoleNames(user.getId()); info.addRoles(roles); } else { SecurityUtils.getSubject().logout(); } return info; }
Example 3
Source File: AuthorizationRealm.java From base-framework with Apache License 2.0 | 6 votes |
/** * 通过组集合,将集合中的role字段内容解析后添加到SimpleAuthorizationInfo授权信息中 * * @param info SimpleAuthorizationInfo * @param groupsList 组集合 */ private void addRoles(SimpleAuthorizationInfo info, List<Group> groupsList) { //解析当前用户组中的role List<String> temp = CollectionUtils.extractToList(groupsList, "role", true); List<String> roles = getValue(temp,"roles\\[(.*?)\\]"); //添加默认的roles到roels if (CollectionUtils.isNotEmpty(defaultRole)) { CollectionUtils.addAll(roles, defaultRole.iterator()); } //将当前用户拥有的roles设置到SimpleAuthorizationInfo中 info.addRoles(roles); }
Example 4
Source File: ApiRealm.java From web-flash with MIT License | 5 votes |
/** * 只有当需要检测用户权限的时候才会调用此方法,例如checkRole,checkPermission之类的 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { String username = JwtUtil.getUsername(principals.toString()); ShiroUser user = shiroFactroy.shiroUser(userService.findByAccount(username)); SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); simpleAuthorizationInfo.addRoles(user.getRoleCodes()); Set<String> permission = user.getPermissions(); simpleAuthorizationInfo.addStringPermissions(permission); return simpleAuthorizationInfo; }
Example 5
Source File: ShiroDbRealm.java From MeetingFilm with Apache License 2.0 | 5 votes |
/** * 权限认证 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { IShiro shiroFactory = ShiroFactroy.me(); ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); List<Integer> roleList = shiroUser.getRoleList(); Set<String> permissionSet = new HashSet<>(); Set<String> roleNameSet = new HashSet<>(); for (Integer roleId : roleList) { List<String> permissions = shiroFactory.findPermissionsByRoleId(roleId); if (permissions != null) { for (String permission : permissions) { if (ToolUtil.isNotEmpty(permission)) { permissionSet.add(permission); } } } String roleName = shiroFactory.findRoleNameByRoleId(roleId); roleNameSet.add(roleName); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.addStringPermissions(permissionSet); info.addRoles(roleNameSet); return info; }
Example 6
Source File: ShiroDbRealm.java From WebStack-Guns with MIT License | 5 votes |
/** * 权限认证 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { UserAuthService shiroFactory = UserAuthServiceServiceImpl.me(); ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); List<Integer> roleList = shiroUser.getRoleList(); Set<String> permissionSet = new HashSet<>(); Set<String> roleNameSet = new HashSet<>(); for (Integer roleId : roleList) { List<String> permissions = shiroFactory.findPermissionsByRoleId(roleId); if (permissions != null) { for (String permission : permissions) { if (ToolUtil.isNotEmpty(permission)) { permissionSet.add(permission); } } } String roleName = shiroFactory.findRoleNameByRoleId(roleId); roleNameSet.add(roleName); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.addStringPermissions(permissionSet); info.addRoles(roleNameSet); return info; }
Example 7
Source File: ApiRealm.java From flash-waimai with MIT License | 5 votes |
/** * 只有当需要检测用户权限的时候才会调用此方法,例如checkRole,checkPermission之类的 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { String username = JwtUtil.getUsername(principals.toString()); ShiroUser user = shiroFactroy.shiroUser(userService.findByAccount(username)); SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); simpleAuthorizationInfo.addRoles(user.getRoleCodes()); Set<String> permission = user.getPermissions(); simpleAuthorizationInfo.addStringPermissions(permission); return simpleAuthorizationInfo; }
Example 8
Source File: BaseRealm.java From spring-boot-seed with MIT License | 5 votes |
/** * 查询权限,授权 * 此方法调用hasRole,hasPermission的时候才会进行回调. * <p> * 权限信息.(授权): * 1、如果用户正常退出,缓存自动清空; * 2、如果用户非正常退出,缓存自动清空; * 3、如果我们修改了用户的权限,而用户不退出系统,修改的权限无法立即生效。 * (需要手动编程进行实现;放在service进行调用) * 在权限修改后调用realm中的方法,realm已经由spring管理,所以从spring中获取realm实例,调用clearCached方法; * :Authorization 是授权访问控制,用于对用户进行的操作授权,证明该用户是否允许进行当前操作,如访问某个链接,某个资源文件等。 * * @param principalCollection 身份集合 * @return 授权信息 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { log.info("BaseRealm.doGetAuthorizationInfo() shiro授权"); // 因为非正常退出,即没有显式调用 SecurityUtils.getSubject().logout() (可能是关闭浏览器,或超时),但此时缓存依旧存在(principals),需要清除身份 if (!SecurityUtils.getSubject().isAuthenticated()) { doClearCache(principalCollection); SecurityUtils.getSubject().logout(); return null; } // 简单授权信息 SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); User user = SessionUtil.getCurrentUser(); if (user != null) { Set<String> roleCodes = new HashSet<>(); List<Role> roles = user.getRoles(); for (Role role : roles) { roleCodes.add(role.getRoleCode()); } //添加角色 authorizationInfo.addRoles(roleCodes); Set<String> stringPermissions = new HashSet<>(); List<Permission> permissions = user.getPermissions(); for (Permission permission : permissions) { stringPermissions.add(permission.getPermissionCode()); } // 添加权限 authorizationInfo.addStringPermissions(stringPermissions); } return authorizationInfo; }
Example 9
Source File: ShiroAuthRealm.java From belling-admin with Apache License 2.0 | 5 votes |
/** * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */ /* (non-Javadoc) * @see org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { System.out.println("开始授权查询"); User curUser = userService.findByAccount(principals.getPrimaryPrincipal().toString()); int userId = curUser.getId(); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); List<Role> rolesList = roleService.selectRolesByUser(userId); List<Integer> roleIds = Lists.newArrayList(); Set<String> roleCodes = Sets.newHashSet(); if (null != rolesList && rolesList.size() > 0) { for (Role role : rolesList) { if (!Strings.isNullOrEmpty(role.getCode())) { roleIds.add(role.getId()); roleCodes.add(role.getCode()); } } info.addRoles(roleCodes); } // 权限 Set<String> permissions = Sets.newHashSet(); if (roleIds.size() > 0) { for (Integer roleId: roleIds) { List<String> dataList = permissionService.findPermissionsByRoleId(roleId); if(null != dataList && dataList.size() > 0) { permissions.addAll(dataList); } } } permissions.remove(""); info.addStringPermissions(permissions); return info; }
Example 10
Source File: ApiKeyRealm.java From emodb with Apache License 2.0 | 5 votes |
/** * Gets the authorization info for an API key's principals from the source (not from cache). */ private AuthorizationInfo getUncachedAuthorizationInfoFromPrincipals(PrincipalCollection principals) { SimpleAuthorizationInfo authInfo = new SimpleAuthorizationInfo(); for (PrincipalWithRoles principal : getPrincipalsFromPrincipalCollection(principals)) { authInfo.addRoles(principal.getRoles()); } return authInfo; }
Example 11
Source File: ShiroDbRealm.java From spring-boot-quickstart with Apache License 2.0 | 5 votes |
/** * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); User user = accountService.findUserByLoginName(shiroUser.loginName); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.addRoles(user.getRoleList()); return info; }
Example 12
Source File: ShiroDbRealm.java From dubai with MIT License | 5 votes |
/** * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); User user = userService.findUserByLoginName(shiroUser.loginName); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.addRoles(user.getRoleList()); return info; }