org.apache.shiro.authz.annotation.RequiresAuthentication Java Examples

The following examples show how to use org.apache.shiro.authz.annotation.RequiresAuthentication. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AdminAuthController.java    From dts-shop with GNU Lesser General Public License v3.0 8 votes vote down vote up
@RequiresAuthentication
@GetMapping("/info")
public Object info() {
	Subject currentUser = SecurityUtils.getSubject();
	DtsAdmin admin = (DtsAdmin) currentUser.getPrincipal();

	Map<String, Object> data = new HashMap<>();
	data.put("name", admin.getUsername());
	data.put("avatar", admin.getAvatar());

	Integer[] roleIds = admin.getRoleIds();
	Set<String> roles = roleService.queryByIds(roleIds);
	Set<String> permissions = permissionService.queryByRoleIds(roleIds);
	data.put("roles", roles);
	// NOTE
	// 这里需要转换perms结构,因为对于前端而已API形式的权限更容易理解
	data.put("perms", toAPI(permissions));

	logger.info("【请求结束】系统管理->用户信息获取,响应结果:{}", JSONObject.toJSONString(data));
	return ResponseUtil.ok(data);
}
 
Example #2
Source File: UserApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@Override
@PUT
@RequiresAuthentication
@RequiresPermissions("nexus:*")
@Path("{userId}/change-password")
@Consumes(MediaType.TEXT_PLAIN)
@Validate
public void changePassword(@PathParam("userId") final String userId, final String password) {
  if (StringUtils.isBlank(password)) {
    throw createWebException(Status.BAD_REQUEST, "Password must be supplied.");
  }

  try {
    securitySystem.changePassword(userId, password);

    if (ADMIN_USER_ID.equals(userId)) {
      adminPasswordFileManager.removeFile();
    }
  }
  catch (UserNotFoundException e) { // NOSONAR
    log.debug("Request to change password for invalid user '{}'.", userId);
    throw createUnknownUserException(userId);
  }
}
 
Example #3
Source File: PypiProxyRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update PyPI proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final PypiProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #4
Source File: NpmProxyRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update npm proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final NpmProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #5
Source File: CertificateApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@Override
@DELETE
@Path("truststore/{id}")
@RequiresAuthentication
@RequiresPermissions("nexus:ssl-truststore:delete")
public void removeCertificate(@PathParam("id") final String id) {
  try {
    // check that the certificate existss
    getTrustedCertificate(id);

    trustStore.removeTrustCertificate(id);
  }
  catch (KeystoreException e) {
    log.error("An error occurred accessing the internal trust store.", e);
    throw createWebException(Status.INTERNAL_SERVER_ERROR, KEY_STORE_ERROR_MESSAGE);
  }
}
 
Example #6
Source File: RawGroupRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update raw group repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final RawGroupRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #7
Source File: UserApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@Override
@GET
@RequiresAuthentication
@RequiresPermissions("nexus:users:read")
public Collection<ApiUser> getUsers(
    @QueryParam("userId") final String userId,
    @QueryParam("source") final String source)
{
  UserSearchCriteria criteria = new UserSearchCriteria(userId, null, source);

  if (!UserManager.DEFAULT_SOURCE.equals(source)) {
    // we limit the number of users here to avoid issues with remote sources
    criteria.setLimit(100);
  }

  return securitySystem.searchUsers(criteria).stream().map(u -> fromUser(u))
      .collect(Collectors.toList());
}
 
Example #8
Source File: GoogleCloudBlobstoreApiResource.java    From nexus-blobstore-google-cloud with Eclipse Public License 1.0 6 votes vote down vote up
@PUT
@RequiresAuthentication
@Path("/{name}")
@RequiresPermissions("nexus:blobstores:update")
@Override
public GoogleCloudBlobstoreApiModel update(@PathParam("name") final String name,
                                           @Valid final GoogleCloudBlobstoreApiModel model)
    throws Exception
{
  BlobStore existing = blobStoreManager.get(name);
  if (existing == null) {
    return null;
  }
  BlobStoreConfiguration config = confirmType(existing.getBlobStoreConfiguration());
  merge(config, model);

  BlobStore blobStore = blobStoreManager.update(config);
  return new GoogleCloudBlobstoreApiModel(blobStore.getBlobStoreConfiguration());
}
 
Example #9
Source File: GoogleCloudBlobstoreApiResource.java    From nexus-blobstore-google-cloud with Eclipse Public License 1.0 6 votes vote down vote up
@POST
@RequiresAuthentication
@RequiresPermissions("nexus:blobstores:create")
@Override
public GoogleCloudBlobstoreApiModel create(@Valid final GoogleCloudBlobstoreApiModel model)
    throws Exception
{
  if (blobStoreManager.get(model.getName()) != null) {
    throw new WebApplicationMessageException(Status.BAD_REQUEST, "A blob store with that name already exists");
  }
  BlobStoreConfiguration config = blobStoreManager.newConfiguration();
  config.setType(GoogleCloudBlobStore.TYPE);
  merge(config, model);
  BlobStore blobStore = blobStoreManager.create(config);
  return new GoogleCloudBlobstoreApiModel(blobStore.getBlobStoreConfiguration());
}
 
Example #10
Source File: RoutingRulesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@Override
@DELETE
@Path("/{name}")
@RequiresAuthentication
@RequiresPermissions("nexus:*")
public void deleteRoutingRule(@PathParam("name") final String name) {
  RoutingRule routingRule = getRuleFromStore(name);
  EntityId routingRuleId = routingRule.id();
  Map<EntityId, List<Repository>> assignedRepositories = routingRuleHelper.calculateAssignedRepositories();

  List<Repository> repositories = assignedRepositories.computeIfAbsent(routingRuleId, id -> emptyList());
  if (!repositories.isEmpty()) {
    throw new WebApplicationMessageException(
        Status.BAD_REQUEST,
        "\"Routing rule is still in use by " + repositories.size() + " repositories.\"",
        APPLICATION_JSON);
  }

  routingRuleStore.delete(routingRule);
}
 
Example #11
Source File: ApiController.java    From ueboot with BSD 3-Clause "New" or "Revised" License 6 votes vote down vote up
@RequiresAuthentication
@RequestMapping(value = "/private/updatePassword")
@ApiOperation(value = "更新密码")
public Response<Void> updatePassword(@RequestBody UpdatePasswordReq req) {
    String userName = (String) SecurityUtils.getSubject().getPrincipal();
    //加密旧密码
    String oldPassword = PasswordUtil.sha512(userName, req.getOldPassword().toLowerCase());
    //加密新密码
    String newPassword = PasswordUtil.sha512(userName, req.getNewPassword().toLowerCase());
    User user = userService.findByUserName(userName);
    if (!user.getPassword().equals(oldPassword)) {
        throw new BusinessException("原密码输入错误,请重新输入");
    }
    user.setPassword(newPassword);
    JDateTime dateTime = new JDateTime();
    //默认密码过期日期为x个月,x个月后要求更换密码
    Date expiredDate = dateTime.addMonth(this.shiroService.getPasswordExpiredMonth()).convertToDate();
    user.setCredentialExpiredDate(expiredDate);
    this.userService.save(user);

    // 更新密码日志记录
    this.shiroEventListener.updatePasswordEvent(userName);
    return new Response<Void>();
}
 
Example #12
Source File: MavenProxyRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update Maven proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final MavenProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #13
Source File: P2ProxyRepositoriesApiResource.java    From nexus-repository-p2 with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update p2 proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final P2ProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #14
Source File: HelmHostedRepositoriesApiResource.java    From nexus-repository-helm with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update Helm hosted repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final HelmHostedRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #15
Source File: GolangHostedRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update a Go hosted repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS),
    @ApiResponse(code = 404, message = REPOSITORY_NOT_FOUND)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final GolangHostedRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #16
Source File: RawHostedRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update raw hosted repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final RawHostedRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #17
Source File: RawProxyRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update raw proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final RawProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #18
Source File: ReportScheduleResource.java    From graylog-plugin-aggregates with GNU General Public License v3.0 6 votes vote down vote up
@PUT
@Timed    
@ApiOperation(value = "Create a report schedule")
@RequiresAuthentication
@RequiresPermissions(ReportScheduleRestPermissions.AGGREGATE_REPORT_SCHEDULES_CREATE)
@AuditEvent(type = AuditEventTypes.AGGREGATES_REPORT_SCHEDULE_CREATE)
@ApiResponses(value = {
        @ApiResponse(code = 400, message = "The supplied request is not valid.")
})
public Response create(
                         @ApiParam(name = "JSON body", required = true) @Valid @NotNull AddReportScheduleRequest request
                         ) {
    final ReportSchedule reportSchedule = reportScheduleService.fromRequest(request);

    reportScheduleService.create(reportSchedule);

    return Response.accepted().build();
}
 
Example #19
Source File: TasksResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@POST
@Path("/{id}/stop")
@RequiresAuthentication
@RequiresPermissions("nexus:tasks:stop")
public void stop(@PathParam("id") final String id) {
  try {
    TaskInfo taskInfo = getTaskInfo(id);
    Future<?> taskFuture = taskInfo.getCurrentState().getFuture();
    if (taskFuture == null) {
      throw new WebApplicationException(format("Task %s is not running", id), CONFLICT);
    }
    if (!taskFuture.cancel(false)) {
      throw new WebApplicationException(format("Unable to stop task %s", id), CONFLICT);
    }
  }
  catch (WebApplicationException webApplicationException) {
    throw webApplicationException;
  }
  catch (Exception e) {
    log.error("error stopping task with id {}", id, e);
    throw new WebApplicationException(format("Error running task %s", id), INTERNAL_SERVER_ERROR);
  }
}
 
Example #20
Source File: CocoapodsProxyRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update Cocoapods proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final CocoapodsProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #21
Source File: RuleResource.java    From graylog-plugin-aggregates with GNU General Public License v3.0 6 votes vote down vote up
@PUT
@Timed    
@ApiOperation(value = "Create a rule")
@RequiresAuthentication
@RequiresPermissions(RuleRestPermissions.AGGREGATE_RULES_CREATE)
@AuditEvent(type = AuditEventTypes.AGGREGATES_RULE_CREATE)
@ApiResponses(value = {
        @ApiResponse(code = 400, message = "The supplied request is not valid.")
})
public Response create(
                         @ApiParam(name = "JSON body", required = true) @Valid @NotNull AddRuleRequest request
                         ) {
    final Rule rule = ruleService.fromRequest(request);
    LOG.info("Creating rule with name [{}]", rule.getName());
    ruleService.create(rule);

    return Response.accepted().build();
}
 
Example #22
Source File: ConanProxyRepositoriesApiResource.java    From nexus-repository-conan with Eclipse Public License 1.0 6 votes vote down vote up
@ApiOperation("Update Conan proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 204, message = REPOSITORY_UPDATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS),
    @ApiResponse(code = 404, message = REPOSITORY_NOT_FOUND)
})
@PUT
@Path("/{repositoryName}")
@RequiresAuthentication
@Validate
@Override
public Response updateRepository(
    final ConanProxyRepositoryApiRequest request,
    @ApiParam(value = "Name of the repository to update") @PathParam("repositoryName") final String repositoryName)
{
  return super.updateRepository(request, repositoryName);
}
 
Example #23
Source File: AuthResourceFilterFactory.java    From emodb with Apache License 2.0 6 votes vote down vote up
@Override
public List<ResourceFilter> create(AbstractMethod am) {

    LinkedList<ResourceFilter> filters = Lists.newLinkedList();

    // Check the resource
    RequiresPermissions permAnnotation = am.getResource().getAnnotation(RequiresPermissions.class);
    if (permAnnotation != null) {
        filters.add(new AuthorizationResourceFilter(ImmutableList.copyOf(permAnnotation.value()), permAnnotation.logical(), createSubstitutionMap(permAnnotation, am)));
    }

    // Check the method
    permAnnotation = am.getAnnotation(RequiresPermissions.class);
    if (permAnnotation != null) {
        filters.add(new AuthorizationResourceFilter(ImmutableList.copyOf(permAnnotation.value()), permAnnotation.logical(), createSubstitutionMap(permAnnotation, am)));
    }

    // If we're doing authorization or if authentication is explicitly requested then add it as the first filter
    if (!filters.isEmpty() ||
            am.getResource().getAnnotation(RequiresAuthentication.class) != null ||
            am.getAnnotation(RequiresAuthentication.class) != null) {
        filters.addFirst(new AuthenticationResourceFilter(_securityManager, _tokenGenerator));
    }

    return filters;
}
 
Example #24
Source File: RoutingRulesResource.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@DELETE
@Path("/{name}")
@RequiresAuthentication
@RequiresPermissions("nexus:*")
public void deleteRoutingRule(@PathParam("name") final String name) {
  RoutingRule routingRule = routingRuleStore.getByName(name);
  if (null == routingRule) {
    throw new WebApplicationException(Status.NOT_FOUND);
  }

  Map<EntityId, List<Repository>> assignedRepositories = routingRuleHelper.calculateAssignedRepositories();
  List<Repository> repositories = assignedRepositories.getOrDefault(routingRule.id(), emptyList());
  if (repositories.size() > 0) {
    throw new WebApplicationException("Routing rule is still in use by " + repositories.size() + " repositories.", Status.BAD_REQUEST);
  }

  routingRuleStore.delete(routingRule);
}
 
Example #25
Source File: RuleResource.java    From graylog-plugin-aggregates with GNU General Public License v3.0 5 votes vote down vote up
@GET
@Timed
@ApiOperation(value = "Lists all existing rules")
@RequiresAuthentication
@RequiresPermissions(RuleRestPermissions.AGGREGATE_RULES_READ)
public RulesList list() {
    final List<Rule> rules = ruleService.all();   
    return RulesList.create(rules);
}
 
Example #26
Source File: RepositoryPrivilegeApiResource.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@Override
@POST
@RequiresAuthentication
@RequiresPermissions("nexus:privileges:create")
@Path("repository-content-selector")
public Response createPrivilege(final ApiPrivilegeRepositoryContentSelectorRequest privilege) {
  return doCreate(RepositoryContentSelectorPrivilegeDescriptor.TYPE, privilege);
}
 
Example #27
Source File: EmailConfigurationApiResource.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@POST
@Path("/verify")
@RequiresAuthentication
@RequiresPermissions("nexus:settings:update")
public ApiEmailValidation testEmailConfiguration(@NotNull String verificationAddress)
{
  EmailConfiguration emailConfiguration = emailManager.getConfiguration();

  if (emailConfiguration == null) {
    return new ApiEmailValidation(false, "Email Settings are not yet configured");
  }

  try {
    emailManager.sendVerification(emailConfiguration, verificationAddress);
    return new ApiEmailValidation(true);
  }
  catch (EmailException e) {
    log.debug("Unable to send verification", e);
    String exceptionMessage = e.getMessage().replace(e.getCause().getClass().getName() + ": ", "");
    if (e.getCause() instanceof AddressException) {
      throw new WebApplicationMessageException(BAD_REQUEST, '"' + exceptionMessage + '"', APPLICATION_JSON);
    }
    else {
      return new ApiEmailValidation(false, exceptionMessage);
    }
  }
}
 
Example #28
Source File: PypiProxyRepositoriesApiResource.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@ApiOperation("Create PyPI proxy repository")
@ApiResponses(value = {
    @ApiResponse(code = 201, message = REPOSITORY_CREATED),
    @ApiResponse(code = 401, message = AUTHENTICATION_REQUIRED),
    @ApiResponse(code = 403, message = INSUFFICIENT_PERMISSIONS)
})
@POST
@RequiresAuthentication
@Validate
@Override
public Response createRepository(final PypiProxyRepositoryApiRequest request) {
  return super.createRepository(request);
}
 
Example #29
Source File: PrivilegeApiResource.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@Override
@PUT
@RequiresAuthentication
@RequiresPermissions("nexus:privileges:update")
@Path("application/{privilegeId}")
public void updatePrivilege(@PathParam("privilegeId") final String privilegeId,
                            final ApiPrivilegeApplicationRequest privilege)
{
  doUpdate(privilegeId, ApplicationPrivilegeDescriptor.TYPE, privilege);
}
 
Example #30
Source File: ScriptPrivilegeApiResource.java    From nexus-public with Eclipse Public License 1.0 5 votes vote down vote up
@Override
@PUT
@RequiresAuthentication
@RequiresPermissions("nexus:privileges:update")
@Path("script/{privilegeId}")
public void updatePrivilege(@PathParam("privilegeId") final String privilegeId,
                            final ApiPrivilegeScriptRequest privilege)
{
  doUpdate(privilegeId, ScriptPrivilegeDescriptor.TYPE, privilege);
}