SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//
ProjectUserService projectUserService = beanFactory.getBean(ProjectUserService.class);
ProjectRoleService projectRoleService = beanFactory.getBean(ProjectRoleService.class);
ProjectMemberService projectMemberService = beanFactory.getBean(ProjectMemberService.class);
ProjectAuthorityService projectAuthorityService = beanFactory.getBean(ProjectAuthorityService.class);
//
Project project = getProjectFromWebSubject();
ProjectUser projectUser = getProjectUserFromWebSubject();
if(project==null) {
authorizationInfo.addObjectPermission(new AllPermission());
} else if(project.getCreatedById()==projectUser.getId()) {// owner
//
List<ProjectAuthority> projectAuthorities = projectAuthorityService.listProjectAuthorities();
for(ProjectAuthority projectAuthority : projectAuthorities) {
//
String authorityCode = projectAuthority.getCode();
StringUtils.replace(authorityCode, "-", ":");
authorizationInfo.addStringPermission(authorityCode.replaceAll("-", ":"));