本文整理了Java中org.apache.shiro.subject.Subject.checkPermission()
方法的一些代码示例,展示了Subject.checkPermission()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Subject.checkPermission()
方法的具体详情如下:
包路径:org.apache.shiro.subject.Subject
类名称:Subject
方法名:checkPermission
[英]Ensures this Subject implies the specified permission String.
If this subject's existing associated permissions do not Permission#implies(Permission) imply} the given permission, an org.apache.shiro.authz.AuthorizationException will be thrown.
This is an overloaded method for the corresponding type-safe Permission variant. Please see the class-level JavaDoc for more information on these String-based permission methods.
[中]确保此主题包含指定的权限字符串。
如果该主题的现有关联权限不是权限#暗示(权限)暗示}给定权限,则组织。阿帕奇。西罗。奥兹。将引发AuthorizationException。
这是对应类型安全权限变量的重载方法。有关这些基于字符串的权限方法的更多信息,请参阅类级JavaDoc。
代码示例来源:origin: apache/usergrid
public static void checkPermission( String permission ) {
Subject currentUser = getSubject();
if ( currentUser == null ) {
return;
}
try {
currentUser.checkPermission( permission );
}
catch ( org.apache.shiro.authz.UnauthenticatedException e ) {
if (logger.isTraceEnabled()) {
logger.trace("checkPermission(): Subject is anonymous");
}
}
}
代码示例来源:origin: killbill/killbill
@Override
public void checkCurrentUserPermissions(final List<Permission> permissions, final Logical logical, final TenantContext context) throws SecurityApiException {
final String[] permissionsString = Lists.<Permission, String>transform(permissions, Functions.toStringFunction()).toArray(new String[permissions.size()]);
try {
final Subject subject = SecurityUtils.getSubject();
if (permissionsString.length == 1) {
subject.checkPermission(permissionsString[0]);
} else if (Logical.AND.equals(logical)) {
subject.checkPermissions(permissionsString);
} else if (Logical.OR.equals(logical)) {
boolean hasAtLeastOnePermission = false;
for (final String permission : permissionsString) {
if (subject.isPermitted(permission)) {
hasAtLeastOnePermission = true;
break;
}
}
// Cause the exception if none match
if (!hasAtLeastOnePermission) {
subject.checkPermission(permissionsString[0]);
}
}
} catch (final AuthorizationException e) {
throw new SecurityApiException(e, ErrorCode.SECURITY_NOT_ENOUGH_PERMISSIONS);
}
}
代码示例来源:origin: apache/geode
@Override
public void authorize(ResourcePermission context, Subject currentUser) {
if (context == null) {
return;
}
if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) {
return;
}
try {
currentUser.checkPermission(context);
} catch (ShiroException e) {
String msg = currentUser.getPrincipal() + " not authorized for " + context;
logger.info("NotAuthorizedException: {}", msg);
throw new NotAuthorizedException(msg, e);
}
}
代码示例来源:origin: apache/shiro
subject.checkPermission(perms[0]);
return;
for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true;
if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]);
代码示例来源:origin: apache/geode
@Override
public void authorize(final ResourcePermission context) {
if (context == null) {
return;
}
if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) {
return;
}
Subject currentUser = getSubject();
try {
currentUser.checkPermission(context);
} catch (ShiroException e) {
String msg = currentUser.getPrincipal() + " not authorized for " + context;
logger.info("NotAuthorizedException: {}", msg);
throw new NotAuthorizedException(msg, e);
}
}
代码示例来源:origin: org.apache.shiro/shiro-core
subject.checkPermission(perms[0]);
return;
for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true;
if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]);
代码示例来源:origin: killbill/killbill
@Test(groups = "slow")
public void testAuthorization() throws SecurityApiException {
final String username = "i like";
final String password = "c0ff33";
securityApi.addRoleDefinition("restricted", ImmutableList.of("account:*", "invoice", "tag:create_tag_definition"), callContext);
securityApi.addUserRoles(username, password, ImmutableList.of("restricted"), callContext);
final AuthenticationToken goodToken = new UsernamePasswordToken(username, password);
final Subject subject = securityManager.login(null, goodToken);
subject.checkPermission(Permission.ACCOUNT_CAN_CHARGE.toString());
subject.checkPermission(Permission.INVOICE_CAN_CREDIT.toString());
subject.checkPermission(Permission.TAG_CAN_CREATE_TAG_DEFINITION.toString());
try {
subject.checkPermission(Permission.TAG_CAN_DELETE_TAG_DEFINITION.toString());
Assert.fail("Subject should not have rights to delete tag definitions");
} catch (AuthorizationException e) {
}
subject.logout();
securityApi.addRoleDefinition("newRestricted", ImmutableList.of("account:*", "invoice", "tag:delete_tag_definition"), callContext);
securityApi.updateUserRoles(username, ImmutableList.of("newRestricted"), callContext);
final Subject newSubject = securityManager.login(null, goodToken);
newSubject.checkPermission(Permission.ACCOUNT_CAN_CHARGE.toString());
newSubject.checkPermission(Permission.INVOICE_CAN_CREDIT.toString());
newSubject.checkPermission(Permission.TAG_CAN_DELETE_TAG_DEFINITION.toString());
try {
newSubject.checkPermission(Permission.TAG_CAN_CREATE_TAG_DEFINITION.toString());
Assert.fail("Subject should not have rights to create tag definitions");
} catch (AuthorizationException e) {
}
}
代码示例来源:origin: apache/shiro
public void run() {
// get the current subject
Subject subject = SecurityUtils.getSubject();
// Subject is not authenticated yet
Assert.isTrue(!subject.isAuthenticated());
// login the subject with a username / password
UsernamePasswordToken token = new UsernamePasswordToken("joe.coder", "password");
subject.login(token);
// joe.coder has the "user" role
subject.checkRole("user");
// joe.coder does NOT have the admin role
Assert.isTrue(!subject.hasRole("admin"));
// joe.coder has the "read" permission
subject.checkPermission("read");
// current user is allowed to execute this method.
simpleService.readRestrictedCall();
try {
// but not this one!
simpleService.writeRestrictedCall();
}
catch (AuthorizationException e) {
log.info("Subject was NOT allowed to execute method 'writeRestrictedCall'");
}
// logout
subject.logout();
Assert.isTrue(!subject.isAuthenticated());
}
代码示例来源:origin: apache/shiro
public void run() {
// get the current subject
Subject subject = SecurityUtils.getSubject();
// Subject is not authenticated yet
Assert.isTrue(!subject.isAuthenticated());
// login the subject with a username / password
UsernamePasswordToken token = new UsernamePasswordToken("joe.coder", "password");
subject.login(token);
// joe.coder has the "user" role
subject.checkRole("user");
// joe.coder does NOT have the admin role
Assert.isTrue(!subject.hasRole("admin"));
// joe.coder has the "read" permission
subject.checkPermission("read");
// current user is allowed to execute this method.
simpleService.readRestrictedCall();
try {
// but not this one!
simpleService.writeRestrictedCall();
}
catch (AuthorizationException e) {
log.info("Subject was NOT allowed to execute method 'writeRestrictedCall'");
}
// logout
subject.logout();
Assert.isTrue(!subject.isAuthenticated());
}
代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core
public boolean verifyPermission() {
boolean result = true;
try {
subject.checkPermission(namedPermission);
} catch (AuthorizationException e) {
result = false;
}
return result;
}
代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core
public boolean verifyPermission() {
boolean result = true;
try {
subject.checkPermission(namedRole);
} catch (AuthorizationException e) {
result = false;
}
return result;
}
代码示例来源:origin: com.github.sdorra/ssp-lib
/**
* Checks if the current authenticated user has the required permission.
*
* @throws AuthorizationException if current user lacks the required permission
*/
public void check() {
SecurityUtils.getSubject().checkPermission(permission);
}
代码示例来源:origin: org.seedstack.seed/seed-security-core
@Override
public void checkPermission(String permission) {
try {
SecurityUtils.getSubject().checkPermission(permission);
} catch (org.apache.shiro.authz.AuthorizationException e) {
throw new AuthorizationException("Subject doesn't have permission " + permission, e);
}
}
代码示例来源:origin: Dreampie/jfinal-shiro
@Override
public void assertAuthorized() throws AuthorizationException {
Subject subject = getSubject();
//数据库权限
if (jdbcPermission != null) {
subject.checkPermission(jdbcPermission);
return;
}
}
}
代码示例来源:origin: org.seedstack.seed/seed-security-core
protected void checkPermission(String permission) {
try {
SecurityUtils.getSubject().checkPermission(permission);
} catch (org.apache.shiro.authz.AuthorizationException e) {
throw new AuthorizationException("Subject doesn't have permission " + permission, e);
}
}
代码示例来源:origin: cn.dreampie/jfinal-shiro
@Override
public void assertAuthorized() throws AuthorizationException {
Subject subject = getSubject();
//数据库权限
if (jdbcPermission != null) {
subject.checkPermission(jdbcPermission);
return;
}
}
}
代码示例来源:origin: com.github.sdorra/ssp-lib
/**
* Checks if the current authenticated user has the permission for the action with the given object id.
*
* @param id id of permission object
*
* @throws AuthorizationException if current user lacks the required permission
*/
public void check(String id) throws AuthorizationException {
subject.checkPermission(asShiroString(id));
}
代码示例来源:origin: korpling/ANNIS
@Override
public List<Annotation> getMetadataDoc(String topLevelCorpus, String docname,
boolean path)
{
Subject user = SecurityUtils.getSubject();
user.checkPermission("meta:" + topLevelCorpus);
return getQueryDao().listCorpusAnnotations(topLevelCorpus, docname, path);
}
代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core
@Override
protected void checkPermission(AccessDecisionVoterContext accessDecisionVoterContext, Set<SecurityViolation> violations) {
try {
subject.checkPermission(namedRole);
} catch (AuthorizationException e) {
SecurityViolationInfoProducer infoProducer = BeanProvider.getContextualReference(SecurityViolationInfoProducer.class);
violations.add(newSecurityViolation(infoProducer.getViolationInfo(accessDecisionVoterContext, namedRole)));
}
}
代码示例来源:origin: be.c4j.ee.security.octopus/octopus-core
@Override
protected void checkPermission(AccessDecisionVoterContext accessDecisionVoterContext, Set<SecurityViolation> violations) {
try {
subject.checkPermission(namedPermission);
} catch (AuthorizationException e) {
SecurityViolationInfoProducer infoProducer = BeanProvider.getContextualReference(SecurityViolationInfoProducer.class);
violations.add(newSecurityViolation(infoProducer.getViolationInfo(accessDecisionVoterContext, namedPermission)));
}
}
内容来源于网络,如有侵权,请联系作者删除!