Package org.apache.shiro.authz.annotation

Examples of org.apache.shiro.authz.annotation.RequiresPermissions

291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
    boolean requiresPermissions = false;
    List<String> requiredPermissions = null;

    try
    {
      RequiresPermissions annotation = runtimeClass.getAnnotation(RequiresPermissions.class);
      requiresPermissions = (annotation != null);
      requiredPermissions = Arrays.asList(annotation.value());
    }
    catch (NullPointerException e)
    {
      requiresPermissions = false;
    }

    if (requiresPermissions && requiredPermissions != null
        && !ApplicationSecurity.hasAllPermissions(requiredPermissions))
    {
      final String message = String.format("Insufficient permission for %s on %s", userName, viewName);
      logger.warn(message);
      throw new AuthorizationException(message);
    }

    try
    {
      RequiresPermissions annotation = method.getAnnotation(RequiresPermissions.class);
      requiresPermissions = (annotation != null);
      requiredPermissions = Arrays.asList(annotation.value());
    }
    catch (NullPointerException e)
    {
      requiresPermissions = false;
    }
View Full Code Here
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
    }
   
    final HandlerMethod handlerMethod = (HandlerMethod)handler;
    Method method = handlerMethod.getMethod();
   
    final RequiresPermissions rps = method.getAnnotation(RequiresPermissions.class);
    if (rps == null) {
      return true;
    }
    Logical logical = rps.logical();
    String[] pv = rps.value();
   
    // 假如验证逻辑为OR,并且有些权限不需要做数据权限检查的,直接返回true。
    if (logical.equals(Logical.OR)) {
      for (String p : pv) {
        if (p.split(PART_DIVIDER_TOKEN).length < 3) {
View Full Code Here
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
    Subject subject = getSubject();

    if (!(annotation instanceof RequiresPermissions))
      return;

    RequiresPermissions rpAnnotation = (RequiresPermissions) annotation;
    String[] perms = rpAnnotation.value();

    if (perms.length == 1) {
      subject.checkPermission(perms[0]);
      return;
    }
    if (Logical.AND.equals(rpAnnotation.logical())) {
      getSubject().checkPermissions(perms);
      return;
    }
    if (Logical.OR.equals(rpAnnotation.logical())) {
      // Avoid processing exceptions unnecessarily - "delay" throwing the
      // exception by calling hasRole first
      boolean hasAtLeastOnePermission = false;
      for (String permission : perms)
        if (subject.isPermitted(permission))
View Full Code Here
TOP

Related Classes of org.apache.shiro.authz.annotation.RequiresPermissions

  • cn.dreampie.common.plugin.shiro.plugin.PermissionAuthzHandler
  • cn.dreampie.shiro.core.handler.PermissionAuthzHandler
  • com.jfinal.ext.plugin.shiro.PermissionAuthzHandler
  • com.ketayao.ketacustom.spring.DataControlInterceptor
  • com.piercey.app.framework.ApplicationSecurityInterceptor
  • org.apache.shiro.authz.aop.PermissionAnnotationHandler
  • org.apache.shiro.authz.aop.PermissionAnnotationHandlerTest
  • org.graylog2.security.ShiroSecurityBinding
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.