org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher Java Examples

The following examples show how to use org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: LoadResourceDefine.java    From JetfireCloud with Apache License 2.0 6 votes vote down vote up
@Bean
public Map<RequestMatcher, ConfigAttribute> resourceConfigAttributes() {
    Set<Resource> resources = resourceService.findAll();
    Map<RequestMatcher, ConfigAttribute> map = resources.stream()
            .collect(Collectors.toMap(
                    resource -> {
                        MvcRequestMatcher mvcRequestMatcher = new MvcRequestMatcher(mvcHandlerMappingIntrospector, resource.getUrl());
                        mvcRequestMatcher.setMethod(HttpMethod.resolve(resource.getMethod()));
                        return mvcRequestMatcher;
                    },
                    resource -> new SecurityConfig(resource.getCode())
                    )
            );
    log.debug("resourceConfigAttributes:{}", map);
    return map;
}
 
Example #2
Source File: AuthorizationService.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
/**
 * 所有资源列表
 * 一个页面的数组组装可能存在多个ajax,这里我使用逗号分隔的url字段来处理
 */
public Map<RequestMatcher, ConfigAttribute> resourceConfigAttributes() {

	Set<Resource> resources = this.findResourceByCondition();

	// 处理逗号分隔的url
	Set<Resource> extendSets = new HashSet<>();
	resources.forEach(resource -> {
		if (StringUtils.isNotEmpty(resource.getUrl()) && resource.getUrl().contains(",")){
			Arrays.asList(resource.getUrl().split(",")).forEach(urlSplit -> {
				try {
					Resource resourceClone = (Resource)resource.clone();
					resourceClone.setId(String.valueOf(idGenerate.nextId()));
					resourceClone.setUrl(urlSplit);
					extendSets.add(resourceClone);
				} catch (CloneNotSupportedException e) {
					LogBack.error(e.getMessage());
					e.printStackTrace();
				}

			});
		}
	});
	resources.removeIf(resource -> StringUtils.isNotEmpty(resource.getUrl()) && resource.getUrl().contains(","));
	resources.addAll(extendSets);

	Map<RequestMatcher, ConfigAttribute> map = resources.stream().collect(Collectors.toMap(
			resource -> {
				MvcRequestMatcher mvcRequestMatcher = new MvcRequestMatcher(mvcHandlerMappingIntrospector, resource.getUrl());
				mvcRequestMatcher.setMethod(HttpMethod.resolve(resource.getMethod()));
				return mvcRequestMatcher;
			},
			resource -> new SecurityConfig(resource.getCode())
			)
	);
	return map;
}
 
Example #3
Source File: AuthorizationService.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
/**
 * 所有资源列表
 * 一个页面的数组组装可能存在多个ajax,这里我使用逗号分隔的url字段来处理
 */
public Map<RequestMatcher, ConfigAttribute> resourceConfigAttributes() {

	Set<Resource> resources = this.findResourceByCondition();

	// 处理逗号分隔的url
	Set<Resource> extendSets = new HashSet<>();
	resources.forEach(resource -> {
		if (StringUtils.isNotEmpty(resource.getUrl()) && resource.getUrl().contains(",")){
			Arrays.asList(resource.getUrl().split(",")).forEach(urlSplit -> {
				try {
					Resource resourceClone = (Resource)resource.clone();
					resourceClone.setId(String.valueOf(idGenerate.nextId()));
					resourceClone.setUrl(urlSplit);
					extendSets.add(resourceClone);
				} catch (CloneNotSupportedException e) {
					LogBack.error(e.getMessage());
					e.printStackTrace();
				}

			});
		}
	});
	resources.removeIf(resource -> StringUtils.isNotEmpty(resource.getUrl()) && resource.getUrl().contains(","));
	resources.addAll(extendSets);

	Map<RequestMatcher, ConfigAttribute> map = resources.stream().collect(Collectors.toMap(
			resource -> {
				MvcRequestMatcher mvcRequestMatcher = new MvcRequestMatcher(mvcHandlerMappingIntrospector, resource.getUrl());
				mvcRequestMatcher.setMethod(HttpMethod.resolve(resource.getMethod()));
				return mvcRequestMatcher;
			},
			resource -> new SecurityConfig(resource.getCode())
			)
	);
	return map;
}
 
Example #4
Source File: ApplicationTests.java    From JetfireCloud with Apache License 2.0 5 votes vote down vote up
@Test
public void testMatcher() {
    MvcRequestMatcher mvcRequestMatcher = new MvcRequestMatcher(new HandlerMappingIntrospector(), "/users/{id}");
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("GET", "/users/1")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("GET", "/users/aaa")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("GET", "/users")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("POST", "/users/1")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("PUT", "/users/1")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("DELETE", "/users/1")));
}
 
Example #5
Source File: ExpressionFilterInvocationSecurityMetadataSource.java    From oauth2-resource with MIT License 5 votes vote down vote up
/**
 * 加载资源-权限关系
 */
private void loadResource(HttpServletRequest request) {
    try {
        List<ResourceEntity> resourceEntityList = resourceEntityMapper.selectByExample(new ResourceEntityExample());
        if (resourceEntityList == null || resourceEntityList.size() == 0) {
            log.warn("DB中没有查到资源权限列表,请先配置resource_entity!");
        } else {
            resourceMap.clear();
            Collection<ConfigAttribute> array;
            ConfigAttribute cfg;
            ServletContext sc = request.getServletContext();
            ApplicationContext ac = WebApplicationContextUtils.getRequiredWebApplicationContext(sc);

            HandlerMappingIntrospector introspector = ac.getBean(HANDLER_MAPPING_INTROSPECTOR_BEAN_NAME, HandlerMappingIntrospector.class);

            for (ResourceEntity resourceEntity : resourceEntityList) {
                array = new ArrayList<>();
                cfg = new ExpressionConfigAttribute(expressionHandler.getExpressionParser().parseExpression(resourceEntity.getPermission()));
                array.add(cfg);
                resourceMap.put(new MvcRequestMatcher(introspector, resourceEntity.getUrl()), array);
            }
        }
    } catch (Exception e) {
        if (log.isErrorEnabled()) {
            log.error("加载权限列表异常", e);
        }
    }

}
 
Example #6
Source File: ApplicationTests.java    From SpringCloud with Apache License 2.0 5 votes vote down vote up
@Test
public void testMatcher() {
    MvcRequestMatcher mvcRequestMatcher = new MvcRequestMatcher(new HandlerMappingIntrospector(), "/users/{id}");
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("GET", "/users/1")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("GET", "/users/aaa")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("GET", "/users")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("POST", "/users/1")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("PUT", "/users/1")));
    System.out.println(mvcRequestMatcher.matches(new MockHttpServletRequest("DELETE", "/users/1")));
}
 
Example #7
Source File: ResourceService.java    From SpringCloud with Apache License 2.0 2 votes vote down vote up
/**
 * 创建RequestMatcher
 *
 * @param url
 * @param method
 * @return
 */
private MvcRequestMatcher newMvcRequestMatcher(String url, String method) {
    return new NewMvcRequestMatcher(mvcHandlerMappingIntrospector, url, method);
}