org.apache.shiro.subject.Subject.checkPermission()方法的使用及代码示例

x33g5p2x  于2022-01-29 转载在 其他  
字(10.3k)|赞(0)|评价(0)|浏览(200)

本文整理了Java中org.apache.shiro.subject.Subject.checkPermission()方法的一些代码示例,展示了Subject.checkPermission()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Subject.checkPermission()方法的具体详情如下:
包路径:org.apache.shiro.subject.Subject
类名称:Subject
方法名:checkPermission

Subject.checkPermission介绍

[英]Ensures this Subject implies the specified permission String.

If this subject's existing associated permissions do not Permission#implies(Permission) imply} the given permission, an org.apache.shiro.authz.AuthorizationException will be thrown.

This is an overloaded method for the corresponding type-safe Permission variant. Please see the class-level JavaDoc for more information on these String-based permission methods.
[中]确保此主题包含指定的权限字符串。
如果该主题的现有关联权限不是权限#暗示(权限)暗示}给定权限,则组织。阿帕奇。西罗。奥兹。将引发AuthorizationException。
这是对应类型安全权限变量的重载方法。有关这些基于字符串的权限方法的更多信息,请参阅类级JavaDoc。

代码示例

代码示例来源:origin: apache/usergrid

public static void checkPermission( String permission ) {
  Subject currentUser = getSubject();
  if ( currentUser == null ) {
    return;
  }
  try {
    currentUser.checkPermission( permission );
  }
  catch ( org.apache.shiro.authz.UnauthenticatedException e ) {
    if (logger.isTraceEnabled()) {
      logger.trace("checkPermission(): Subject is anonymous");
    }
  }
}

代码示例来源:origin: killbill/killbill

@Override
public void checkCurrentUserPermissions(final List<Permission> permissions, final Logical logical, final TenantContext context) throws SecurityApiException {
  final String[] permissionsString = Lists.<Permission, String>transform(permissions, Functions.toStringFunction()).toArray(new String[permissions.size()]);
  try {
    final Subject subject = SecurityUtils.getSubject();
    if (permissionsString.length == 1) {
      subject.checkPermission(permissionsString[0]);
    } else if (Logical.AND.equals(logical)) {
      subject.checkPermissions(permissionsString);
    } else if (Logical.OR.equals(logical)) {
      boolean hasAtLeastOnePermission = false;
      for (final String permission : permissionsString) {
        if (subject.isPermitted(permission)) {
          hasAtLeastOnePermission = true;
          break;
        }
      }
      // Cause the exception if none match
      if (!hasAtLeastOnePermission) {
        subject.checkPermission(permissionsString[0]);
      }
    }
  } catch (final AuthorizationException e) {
    throw new SecurityApiException(e, ErrorCode.SECURITY_NOT_ENOUGH_PERMISSIONS);
  }
}

代码示例来源:origin: apache/geode

@Override
public void authorize(ResourcePermission context, Subject currentUser) {
 if (context == null) {
  return;
 }
 if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) {
  return;
 }
 try {
  currentUser.checkPermission(context);
 } catch (ShiroException e) {
  String msg = currentUser.getPrincipal() + " not authorized for " + context;
  logger.info("NotAuthorizedException: {}", msg);
  throw new NotAuthorizedException(msg, e);
 }
}

代码示例来源:origin: apache/shiro

subject.checkPermission(perms[0]);
return;
for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true;
if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]);

代码示例来源:origin: apache/geode

@Override
public void authorize(final ResourcePermission context) {
 if (context == null) {
  return;
 }
 if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) {
  return;
 }
 Subject currentUser = getSubject();
 try {
  currentUser.checkPermission(context);
 } catch (ShiroException e) {
  String msg = currentUser.getPrincipal() + " not authorized for " + context;
  logger.info("NotAuthorizedException: {}", msg);
  throw new NotAuthorizedException(msg, e);
 }
}

代码示例来源:origin: org.apache.shiro/shiro-core

subject.checkPermission(perms[0]);
return;
for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true;
if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]);

代码示例来源:origin: killbill/killbill

@Test(groups = "slow")
public void testAuthorization() throws SecurityApiException {
  final String username = "i like";
  final String password = "c0ff33";
  securityApi.addRoleDefinition("restricted", ImmutableList.of("account:*", "invoice", "tag:create_tag_definition"), callContext);
  securityApi.addUserRoles(username, password, ImmutableList.of("restricted"), callContext);
  final AuthenticationToken goodToken = new UsernamePasswordToken(username, password);
  final Subject subject = securityManager.login(null, goodToken);
  subject.checkPermission(Permission.ACCOUNT_CAN_CHARGE.toString());
  subject.checkPermission(Permission.INVOICE_CAN_CREDIT.toString());
  subject.checkPermission(Permission.TAG_CAN_CREATE_TAG_DEFINITION.toString());
  try {
    subject.checkPermission(Permission.TAG_CAN_DELETE_TAG_DEFINITION.toString());
    Assert.fail("Subject should not have rights to delete tag definitions");
  } catch (AuthorizationException e) {
  }
  subject.logout();
  securityApi.addRoleDefinition("newRestricted", ImmutableList.of("account:*", "invoice", "tag:delete_tag_definition"), callContext);
  securityApi.updateUserRoles(username, ImmutableList.of("newRestricted"), callContext);
  final Subject newSubject = securityManager.login(null, goodToken);
  newSubject.checkPermission(Permission.ACCOUNT_CAN_CHARGE.toString());
  newSubject.checkPermission(Permission.INVOICE_CAN_CREDIT.toString());
  newSubject.checkPermission(Permission.TAG_CAN_DELETE_TAG_DEFINITION.toString());
  try {
    newSubject.checkPermission(Permission.TAG_CAN_CREATE_TAG_DEFINITION.toString());
    Assert.fail("Subject should not have rights to create tag definitions");
  } catch (AuthorizationException e) {
  }
}

代码示例来源:origin: apache/shiro

public void run() {
  // get the current subject
  Subject subject = SecurityUtils.getSubject();
  // Subject is not authenticated yet
  Assert.isTrue(!subject.isAuthenticated());
  // login the subject with a username / password
  UsernamePasswordToken token = new UsernamePasswordToken("joe.coder", "password");
  subject.login(token);
  // joe.coder has the "user" role
  subject.checkRole("user");
  // joe.coder does NOT have the admin role
  Assert.isTrue(!subject.hasRole("admin"));
  // joe.coder has the "read" permission
  subject.checkPermission("read");
  // current user is allowed to execute this method.
  simpleService.readRestrictedCall();
  try {
    // but not this one!
    simpleService.writeRestrictedCall();
  }
  catch (AuthorizationException e) {
    log.info("Subject was NOT allowed to execute method 'writeRestrictedCall'");
  }
  // logout
  subject.logout();
  Assert.isTrue(!subject.isAuthenticated());
}

代码示例来源:origin: apache/shiro

public void run() {
  // get the current subject
  Subject subject = SecurityUtils.getSubject();
  // Subject is not authenticated yet
  Assert.isTrue(!subject.isAuthenticated());
  // login the subject with a username / password
  UsernamePasswordToken token = new UsernamePasswordToken("joe.coder", "password");
  subject.login(token);
  // joe.coder has the "user" role
  subject.checkRole("user");
  // joe.coder does NOT have the admin role
  Assert.isTrue(!subject.hasRole("admin"));
  // joe.coder has the "read" permission
  subject.checkPermission("read");
  // current user is allowed to execute this method.
  simpleService.readRestrictedCall();
  try {
    // but not this one!
    simpleService.writeRestrictedCall();
  }
  catch (AuthorizationException e) {
    log.info("Subject was NOT allowed to execute method 'writeRestrictedCall'");
  }
  // logout
  subject.logout();
  Assert.isTrue(!subject.isAuthenticated());
}

代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core

public boolean verifyPermission() {
  boolean result = true;
  try {
    subject.checkPermission(namedPermission);
  } catch (AuthorizationException e) {
    result = false;
  }
  return result;
}

代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core

public boolean verifyPermission() {
  boolean result = true;
  try {
    subject.checkPermission(namedRole);
  } catch (AuthorizationException e) {
    result = false;
  }
  return result;
}

代码示例来源:origin: com.github.sdorra/ssp-lib

/**
 * Checks if the current authenticated user has the required permission.
 *
 * @throws AuthorizationException if current user lacks the required permission
 */
public void check() {
 SecurityUtils.getSubject().checkPermission(permission);
}

代码示例来源:origin: org.seedstack.seed/seed-security-core

@Override
public void checkPermission(String permission) {
  try {
    SecurityUtils.getSubject().checkPermission(permission);
  } catch (org.apache.shiro.authz.AuthorizationException e) {
    throw new AuthorizationException("Subject doesn't have permission " + permission, e);
  }
}

代码示例来源:origin: Dreampie/jfinal-shiro

@Override
 public void assertAuthorized() throws AuthorizationException {
  Subject subject = getSubject();
  //数据库权限
  if (jdbcPermission != null) {
   subject.checkPermission(jdbcPermission);
   return;
  }
 }
}

代码示例来源:origin: org.seedstack.seed/seed-security-core

protected void checkPermission(String permission) {
  try {
    SecurityUtils.getSubject().checkPermission(permission);
  } catch (org.apache.shiro.authz.AuthorizationException e) {
    throw new AuthorizationException("Subject doesn't have permission " + permission, e);
  }
}

代码示例来源:origin: cn.dreampie/jfinal-shiro

@Override
 public void assertAuthorized() throws AuthorizationException {
  Subject subject = getSubject();
  //数据库权限
  if (jdbcPermission != null) {
   subject.checkPermission(jdbcPermission);
   return;
  }
 }
}

代码示例来源:origin: com.github.sdorra/ssp-lib

/**
 * Checks if the current authenticated user has the permission for the action with the given object id.
 *
 * @param id id of permission object
 *
 * @throws AuthorizationException if current user lacks the required permission
 */
public void check(String id) throws AuthorizationException {
 subject.checkPermission(asShiroString(id));
}

代码示例来源:origin: korpling/ANNIS

@Override
public List<Annotation> getMetadataDoc(String topLevelCorpus, String docname,
 boolean path)
{
 Subject user = SecurityUtils.getSubject();
 user.checkPermission("meta:" + topLevelCorpus);
 return getQueryDao().listCorpusAnnotations(topLevelCorpus, docname, path);
}

代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core

@Override
protected void checkPermission(AccessDecisionVoterContext accessDecisionVoterContext, Set<SecurityViolation> violations) {
  try {
    subject.checkPermission(namedRole);
  } catch (AuthorizationException e) {
    SecurityViolationInfoProducer infoProducer = BeanProvider.getContextualReference(SecurityViolationInfoProducer.class);
    violations.add(newSecurityViolation(infoProducer.getViolationInfo(accessDecisionVoterContext, namedRole)));
  }
}

代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core

@Override
protected void checkPermission(AccessDecisionVoterContext accessDecisionVoterContext, Set<SecurityViolation> violations) {
  try {
    subject.checkPermission(namedPermission);
  } catch (AuthorizationException e) {
    SecurityViolationInfoProducer infoProducer = BeanProvider.getContextualReference(SecurityViolationInfoProducer.class);
    violations.add(newSecurityViolation(infoProducer.getViolationInfo(accessDecisionVoterContext, namedPermission)));
  }
}

相关文章