Java Code Examples for org.apache.shiro.authz.SimpleAuthorizationInfo#addStringPermission()

The following examples show how to use org.apache.shiro.authz.SimpleAuthorizationInfo#addStringPermission() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: UserRealm.java    From RuoYi with Apache License 2.0 6 votes vote down vote up
/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
    SysUser user = ShiroUtils.getSysUser();

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 管理员拥有所有权限
    if (user.isAdmin()) {
        info.addRole("admin");
        info.addStringPermission("*:*:*");
    } else {
        // 角色列表
        Set<String> roles = roleService.selectRoleKeys(user.getUserId());
        // 功能列表
        Set<String> menus = menuService.selectPermsByUserId(user.getUserId());
        // 角色加入AuthorizationInfo认证对象
        info.setRoles(roles);
        // 权限加入AuthorizationInfo认证对象
        info.setStringPermissions(menus);
    }
    return info;
}
 
Example 2
Source File: MyShiroRealm.java    From erp-framework with MIT License 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
    // 当前登录信息
    ShiroUser shiroUser = (ShiroUser) principalCollection.getPrimaryPrincipal();
    // 查询当前用户
    ErpUser user = erpUserService.findUserByLoginName(shiroUser.getLoginName());
    // 添加角色和权限
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    List<ErpRole> roles = user.getRoles();
    for(ErpRole role: roles) {
        if(StringUtils.isNotBlank(role.getName())) {
            simpleAuthorizationInfo.addRole(role.getName());
        }
    }
    List<ErpMenu> menus = user.getMenus();
    for(ErpMenu menu: menus) {
        if(StringUtils.isNotBlank(menu.getPermission())) {
            simpleAuthorizationInfo.addStringPermission(menu.getPermission());
        }
    }
    return simpleAuthorizationInfo;
}
 
Example 3
Source File: MyShiroRealm.java    From spring-boot-shiro with Apache License 2.0 6 votes vote down vote up
/**
 * create by: leigq
 * description: 授权
 * create time: 2019/7/1 10:32
 *
 * @return 权限信息,包括角色以及权限
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    log.warn("开始执行授权操作.......");

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    //如果身份认证的时候没有传入User对象,这里只能取到userName
    //也就是SimpleAuthenticationInfo构造的时候第一个参数传递需要User对象
    User user = (User) principals.getPrimaryPrincipal();

    // 查询用户角色,一个用户可能有多个角色
    List<Role> roles = iRoleService.getUserRoles(user.getUserId());

    for (Role role : roles) {
        authorizationInfo.addRole(role.getRole());
        // 根据角色查询权限
        List<Permission> permissions = iPermissionService.getRolePermissions(role.getRoleId());
        for (Permission p : permissions) {
            authorizationInfo.addStringPermission(p.getPermission());
        }
    }
    return authorizationInfo;
}
 
Example 4
Source File: FreeRealm.java    From SENS with GNU General Public License v3.0 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    System.out.println("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    User user = (User) principals.getPrimaryPrincipal();

    List<Role> roles = roleService.listRolesByUserId(user.getId());
    for (Role role : roles) {
        authorizationInfo.addRole(role.getRole());
        List<Permission> permissions = permissionService.listPermissionsByRoleId(role.getId());
        for (Permission p : permissions) {
            authorizationInfo.addStringPermission(p.getUrl());
        }
    }
    return authorizationInfo;
}
 
Example 5
Source File: UserRealm.java    From mumu with Apache License 2.0 6 votes vote down vote up
/**
 * 获取当前用户的角色集合,权限集合
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
	//获取保存在session中的用户信息
	SysUser user = (SysUser) SecurityUtils.getSubject().getSession().getAttribute(SysUser.SYS_USER);
	if (user == null) {
		throw new IllegalArgumentException();
	}
	//获取当前用户拥有的所有角色
	List<SysRole> roles = roleService.getSysRoleByUserId(user.getUserId().toString(), PublicEnum.NORMAL.value());
	for (SysRole sysRole : roles) {
		authorizationInfo.addRole(sysRole.getRoleCode());
	}
	//获取当前用户拥有的所有权限
	List<SysPermission> permissions = permissionService.getSysPermissionByUserId(user.getUserId(), PublicEnum.NORMAL.value());
	for (SysPermission sysPermission : permissions) {
		authorizationInfo.addStringPermission(sysPermission.getPermission());
	}
	System.out.println("用户权限:"+ JSON.toJSONString(authorizationInfo));
	return authorizationInfo;
}
 
Example 6
Source File: MockRealmB.java    From nexus-public with Eclipse Public License 1.0 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
  // make sure the user is jcool, (its just for testing)

  if (principals.asList().get(0).toString().equals("jcool")) {
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    info.addRole("test-role1");
    info.addRole("test-role2");

    info.addStringPermission("test:*");

    return info;
  }

  return null;
}
 
Example 7
Source File: GreenStepBaseAuthorizingActiveDirectoryRealm.java    From bamboobsc with Apache License 2.0 6 votes vote down vote up
private SimpleAuthorizationInfo getSimpleAuthorizationInfo(String username) throws Exception {
	Map<String, Object> params = new HashMap<String, Object>();
	params.put("account", username);
	List<TbUserRole> roleList = userRoleService.findListByParams(params);
	if (roleList==null) {
		return null;
	}
	SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
	for (TbUserRole userRole : roleList) {
		info.addRole(userRole.getRole());
		params.clear();
		params.put("role", userRole.getRole());
		List<TbRolePermission> rolePermissionList = rolePermissionService.findListByParams(params);
		if (rolePermissionList==null) {
			continue;
		}
		for (TbRolePermission rolePermission : rolePermissionList) {
			info.addStringPermission(rolePermission.getPermission());
		}
	}
	return info;		
}
 
Example 8
Source File: GreenStepBaseAuthorizingLdapRealm.java    From bamboobsc with Apache License 2.0 6 votes vote down vote up
private SimpleAuthorizationInfo getSimpleAuthorizationInfo(String username) throws Exception {
	Map<String, Object> params = new HashMap<String, Object>();
	params.put("account", username);
	List<TbUserRole> roleList = userRoleService.findListByParams(params);
	if (roleList==null) {
		return null;
	}
	SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
	for (TbUserRole userRole : roleList) {
		info.addRole(userRole.getRole());
		params.clear();
		params.put("role", userRole.getRole());
		List<TbRolePermission> rolePermissionList = rolePermissionService.findListByParams(params);
		if (rolePermissionList==null) {
			continue;
		}
		for (TbRolePermission rolePermission : rolePermissionList) {
			info.addStringPermission(rolePermission.getPermission());
		}
	}
	return info;		
}
 
Example 9
Source File: ShiroRealm.java    From Spring-Shiro-Spark with Apache License 2.0 6 votes vote down vote up
@Override
//@org.springframework.transaction.annotation.Transactional
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    //获取当前用户
    //UserDto user = convertToDto(userDao.findUserByUsername((String)principalCollection.getPrimaryPrincipal()));
    //User currentUser = userDao.findUserByUsername((String)principalCollection.getPrimaryPrincipal());
    UserDto user = (UserDto) SecurityUtils.getSubject().getSession().getAttribute("user");

    //把principals放session中,key=userId value=principals
    SecurityUtils.getSubject().getSession().setAttribute(String.valueOf(user.getId()),SecurityUtils.getSubject().getPrincipals());

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    //赋予角色
    for(RoleDto role:user.getRoles()){
        info.addRole(role.getName());
    }
    //赋予权限
    for(PermissionDto permission:user.getPermissions()){
        //System.out.println(permission.getName());
        info.addStringPermission(permission.getName());
    }
    return info;
}
 
Example 10
Source File: ShiroRealm.java    From blog-sample with Apache License 2.0 6 votes vote down vote up
/**
 * 角色权限和对应权限添加
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    // 获取用户名
    String name = (String) principalCollection.getPrimaryPrincipal();
    // 获取用户对象
    User user = userService.findByName(name);
    // 添加角色和权限

    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

    List<Role> roles = getRoles(user.getId());

    for (Role role : roles) {
        // 添加角色
        simpleAuthorizationInfo.addRole(role.getName());

        // 添加权限
        List<Permission> permissions = getPermission(role.getId());
        for (Permission permission : permissions) {
            simpleAuthorizationInfo.addStringPermission(permission.getName());
        }
    }
    return simpleAuthorizationInfo;
}
 
Example 11
Source File: ShiroRealm.java    From Goku.Framework.CoreUI with MIT License 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    SysUser user = sysuserextmapper.getUserByUsername((String) principalCollection.getPrimaryPrincipal());
    //把principals放session中 key=userId value=principals
    SecurityUtils.getSubject().getSession().setAttribute(String.valueOf(user.getId()),SecurityUtils.getSubject().getPrincipals());
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    //赋予角色
    for(SysRole userRole:user.getSysRoleList()){
        info.addRole(userRole.getKey());
    }
    //赋予权限
    for(SysMenu menu:sysmenuextmapper.getMenuByUserId(user.getId())){
        if(!"".equals(menu.getPermission())) {
            info.addStringPermission(menu.getPermission());
        }
    }

    return info;

}
 
Example 12
Source File: UserRealm.java    From ShiroJwt with MIT License 6 votes vote down vote up
/**
 * 只有当需要检测用户权限的时候才会调用此方法,例如checkRole,checkPermission之类的
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    String account = JwtUtil.getClaim(principalCollection.toString(), Constant.ACCOUNT);
    UserDto userDto = new UserDto();
    userDto.setAccount(account);
    // 查询用户角色
    List<RoleDto> roleDtos = roleMapper.findRoleByUser(userDto);
    for (RoleDto roleDto : roleDtos) {
        if (roleDto != null) {
            // 添加角色
            simpleAuthorizationInfo.addRole(roleDto.getName());
            // 根据用户角色查询权限
            List<PermissionDto> permissionDtos = permissionMapper.findPermissionByRole(roleDto);
            for (PermissionDto permissionDto : permissionDtos) {
                if (permissionDto != null) {
                    // 添加权限
                    simpleAuthorizationInfo.addStringPermission(permissionDto.getPerCode());
                }
            }
        }
    }
    return simpleAuthorizationInfo;
}
 
Example 13
Source File: JPARealm.java    From gazpachoquest with GNU General Public License v3.0 6 votes vote down vote up
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    // null usernames are invalid
    if (principals == null) {
        throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }
    User user = (User) getAvailablePrincipal(principals);

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<Role> roles = userService.getRoles(user.getId());
    for (Role role : roles) {
        info.addRole(role.getName());
    }
    Set<Permission<?>> permissions = userService.getPermissions(user.getId());

    for (Permission<?> permission : permissions) {
        info.addStringPermission(permission.getLiteral());
    }
    return info;
}
 
Example 14
Source File: MyShiroRealm.java    From SpringBootBucket with MIT License 5 votes vote down vote up
/**
 * 此方法调用hasRole,hasPermission的时候才会进行回调.
 * <p>
 * 权限信息.(授权):
 * 1、如果用户正常退出,缓存自动清空;
 * 2、如果用户非正常退出,缓存自动清空;
 * 3、如果我们修改了用户的权限,而用户不退出系统,修改的权限无法立即生效。
 * (需要手动编程进行实现;放在service进行调用)
 * 在权限修改后调用realm中的方法,realm已经由spring管理,所以从spring中获取realm实例,调用clearCached方法;
 * :Authorization 是授权访问控制,用于对用户进行的操作授权,证明该用户是否允许进行当前操作,如访问某个链接,某个资源文件等。
 *
 * @param principals
 * @return
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    /*
     * 当没有使用缓存的时候,不断刷新页面的话,这个代码会不断执行,
     * 当其实没有必要每次都重新设置权限信息,所以我们需要放到缓存中进行管理;
     * 当放到缓存中时,这样的话,doGetAuthorizationInfo就只会执行一次了,
     * 缓存过期之后会再次执行。
     */
    _logger.info("权限配置-->MyShiroRealm.doGetAuthorizationInfo()");
    String username = JWTUtil.getUsername(principals.toString());

    // 下面的可以使用缓存提升速度
    ManagerInfo managerInfo = managerInfoService.findByUsername(username);

    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

    //设置相应角色的权限信息
    for (SysRole role : managerInfo.getRoles()) {
        //设置角色
        authorizationInfo.addRole(role.getRole());
        for (Permission p : role.getPermissions()) {
            //设置权限
            authorizationInfo.addStringPermission(p.getPermission());
        }
    }
    return authorizationInfo;
}
 
Example 15
Source File: UserRealm.java    From LuckyFrameWeb with GNU Affero General Public License v3.0 5 votes vote down vote up
/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
    User user = ShiroUtils.getSysUser();
    // 角色列表
    Set<String> roles;
    // 功能列表
    Set<String> menus;
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 管理员拥有所有权限
    if (user.isAdmin())
    {
        info.addRole("admin");
        info.addStringPermission("*:*:*");
    }
    else
    {
        roles = roleService.selectRoleKeys(user.getUserId());
        menus = menuService.selectPermsByUserId(user.getUserId());
        // 角色加入AuthorizationInfo认证对象
        info.setRoles(roles);
        // 权限加入AuthorizationInfo认证对象
        info.setStringPermissions(menus);
    }
    return info;
}
 
Example 16
Source File: Realm.java    From permission with Apache License 2.0 5 votes vote down vote up
/**
 * 授权方法
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	System.out.println("授权中......");
	//获取当前登录的用户
	User user = (User)principals.getPrimaryPrincipal();
	//获取用户的所有菜单
	List<Menu> menus = menusService.findMenuListByUserid(user.getUser_id());
	SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
	for (Menu menu : menus) {
		info.addStringPermission(menu.getMenuname());
	}
	return info;
}
 
Example 17
Source File: UserRealm.java    From ruoyiplus with MIT License 5 votes vote down vote up
/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
    SysUser user = ShiroUtils.getSysUser();
    // 角色列表
    Set<String> roles = new HashSet<String>();
    // 功能列表
    Set<String> menus = new HashSet<String>();
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 管理员拥有所有权限
    if (user.isAdmin())
    {
        info.addRole("admin");
        info.addStringPermission("*:*:*");
    }
    else
    {
        roles = roleService.selectRoleKeys(user.getUserId());
        menus = menuService.selectPermsByUserId(user.getUserId());
        // 角色加入AuthorizationInfo认证对象
        info.setRoles(roles);
        // 权限加入AuthorizationInfo认证对象
        info.setStringPermissions(menus);
    }
    return info;
}
 
Example 18
Source File: UserRealm.java    From supplierShop with MIT License 5 votes vote down vote up
/**
 * 授权
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0)
{
    SysUser user = ShiroUtils.getSysUser();
    // 角色列表
    Set<String> roles = new HashSet<String>();
    // 功能列表
    Set<String> menus = new HashSet<String>();
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    // 管理员拥有所有权限
    if (user.isAdmin())
    {
        info.addRole("admin");
        info.addStringPermission("*:*:*");
    }
    else
    {
        roles = roleService.selectRoleKeys(user.getUserId());
        menus = menuService.selectPermsByUserId(user.getUserId());
        // 角色加入AuthorizationInfo认证对象
        info.setRoles(roles);
        // 权限加入AuthorizationInfo认证对象
        info.setStringPermissions(menus);
    }
    return info;
}
 
Example 19
Source File: MyRealm.java    From demo-springmvc-shiro with Apache License 2.0 4 votes vote down vote up
/**
 * 为当前登录的Subject授予角色和权限
 * -----------------------------------------------------------------------------------------------
 * 经测试:本例中该方法的调用时机为需授权资源被访问时
 * 经测试:并且每次访问需授权资源时都会执行该方法中的逻辑,这表明本例中默认并未启用AuthorizationCache
 * 个人感觉若使用了Spring3.1开始提供的ConcurrentMapCache支持,则可灵活决定是否启用AuthorizationCache
 * 比如说这里从数据库获取权限信息时,先去访问Spring3.1提供的缓存,而不使用Shior提供的AuthorizationCache
 * -----------------------------------------------------------------------------------------------
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals){
    //获取当前登录的用户名
    String currentUsername = (String)super.getAvailablePrincipal(principals);
    ////从数据库中获取当前登录用户的详细信息
    //List<String> roleList = new ArrayList<String>();
    //List<String> permissionList = new ArrayList<String>();
    //User user = userService.getByUsername(currentUsername);
    //if(null != user){
    //    //实体类User中包含有用户角色的实体类信息
    //    if(null!=user.getRoles() && user.getRoles().size()>0){
    //        //获取当前登录用户的角色
    //        for(Role role : user.getRoles()){
    //            roleList.add(role.getName());
    //            //实体类Role中包含有角色权限的实体类信息
    //            if(null!=role.getPermissions() && role.getPermissions().size()>0){
    //                //获取权限
    //                for(Permission pmss : role.getPermissions()){
    //                    if(StringUtils.isNotBlank(pmss.getPermission())){
    //                        permissionList.add(pmss.getPermission());
    //                    }
    //                }
    //            }
    //        }
    //    }
    //}else{
    //    throw new AuthorizationException();
    //}
    ////为当前用户设置角色和权限
    //SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo();
    //simpleAuthorInfo.addRoles(roleList);
    //simpleAuthorInfo.addStringPermissions(permissionList);
    //实际中可能会像上面注释的那样,从数据库或缓存中取得用户的角色和权限信息
    SimpleAuthorizationInfo simpleAuthorInfo = new SimpleAuthorizationInfo();
    if(null!=currentUsername && "jadyer".equals(currentUsername)){
        //添加一个角色,不是配置意义上的添加,而是证明该用户拥有admin角色
        simpleAuthorInfo.addRole("admin");
        //添加权限
        simpleAuthorInfo.addStringPermission("admin:manage");
        System.out.println("已为用户[jadyer]赋予了[admin]角色和[admin:manage]权限");
        return simpleAuthorInfo;
    }
    if(null!=currentUsername && "xuanyu".equals(currentUsername)){
        System.out.println("当前用户[xuanyu]无授权(不需要为其赋予角色和权限)");
        return simpleAuthorInfo;
    }
    //若该方法什么都不做直接返回null的话
    //就会导致任何用户访问/admin/listUser.jsp时都会自动跳转到unauthorizedUrl指定的地址
    //详见applicationContext.xml中的<bean id="shiroFilter">的配置
    return null;
}
 
Example 20
Source File: AbstractPermittingAuthorizingRealm.java    From super-cloudops with Apache License 2.0 3 votes vote down vote up
/**
 * Add merge permissions to the simple authorization info.
 * 
 * @param authzInfo
 * @param permissions
 *            the list of permissions to add
 * @return
 */
protected SimpleAuthorizationInfo mergePermissions(SimpleAuthorizationInfo authzInfo, List<String> permissions) {
	for (String permission : permissions) {
		authzInfo.addStringPermission(permission);
	}
	return authzInfo;
}