Examples of org.apache.shiro.subject.Subject.checkPermission()

org.apache.shiro.subject.Subject.checkPermission()
Ensures this Subject implies the specified permission String.
If this subject's existing associated permissions do not {@link Permission#implies(Permission)} imply}the given permission, an {@link org.apache.shiro.authz.AuthorizationException} will be thrown.
This is an overloaded method for the corresponding type-safe {@link Permission Permission} variant.Please see the class-level JavaDoc for more information on these String-based permission methods. @param permission the String representation of the Permission to check. @throws org.apache.shiro.authz.AuthorizationException if the user does not have the permission. @since 0.9

        UsernamePasswordToken token = new UsernamePasswordToken(u1.getUsername(), password);
        subject.login(token);


        Assert.assertTrue(subject.isAuthenticated());
        subject.checkRole("admin");
        subject.checkPermission("user:create");


        userService.changePassword(u1.getId(), password + "1");
        userRealm.clearCache(subject.getPrincipals());


        token = new UsernamePasswordToken(u1.getUsername(), password + "1");

View Full Code Here

public class PermissionServlet extends HttpServlet {


    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        Subject subject = SecurityUtils.getSubject();
        subject.checkPermission("user:create");
        req.getRequestDispatcher("/WEB-INF/jsp/hasPermission.jsp").forward(req, resp);
    }
}

View Full Code Here

        Set<String> perms = PermissionUtils.toPermissionStrings(p);


        Subject subject = getSubject();


        if (perms.size() == 1) {
            subject.checkPermission(perms.iterator().next());
        } else {
            String[] permStrings = new String[perms.size()];
            permStrings = perms.toArray(permStrings);
            subject.checkPermissions(permStrings);
        }

View Full Code Here


    RequiresPermissions rpAnnotation = (RequiresPermissions) annotation;
    String[] perms = rpAnnotation.value();


    if (perms.length == 1) {
      subject.checkPermission(perms[0]);
      return;
    }
    if (Logical.AND.equals(rpAnnotation.logical())) {
      getSubject().checkPermissions(perms);
      return;

View Full Code Here

        if (subject.isPermitted(permission))
          hasAtLeastOnePermission = true;
      // Cause the exception if none of the role match, note that the
      // exception message will be a bit misleading
      if (!hasAtLeastOnePermission)
        subject.checkPermission(perms[0]);


    }


  }

View Full Code Here

  @Override
  public void assertAuthorized() throws AuthorizationException {
    Subject subject = getSubject();
    //数据库权限
    if (jdbcPermission != null) {
      subject.checkPermission(jdbcPermission);
      return;
    }
  }
}

View Full Code Here

    securitySystem.addUser(user, "password");


    // now authorize the user
    Subject subject = securitySystem.login(new UsernamePasswordToken(user.getUserId(), "password"));
    // check if the user is able to be authenticated if he has an empty role
    subject.checkPermission("app:config:read");
  }


  public void testSearchForUserWithEmptyRole()
      throws Exception
  {

View Full Code Here

    RequiresPermissions rpAnnotation = (RequiresPermissions) annotation;
    String[] perms = rpAnnotation.value();
    Subject subject = getSubject();


    if (perms.length == 1) {
      subject.checkPermission(perms[0]);
      return;
    }
    if (Logical.AND.equals(rpAnnotation.logical())) {
      getSubject().checkPermissions(perms);
      return;

View Full Code Here

        RequiresPermissions rpAnnotation = (RequiresPermissions) a;
        String[] perms = getAnnotationValue(a);
        Subject subject = getSubject();


        if (perms.length == 1) {
            subject.checkPermission(perms[0]);
            return;
        }
        if (Logical.AND.equals(rpAnnotation.logical())) {
            getSubject().checkPermissions(perms);
            return;

View Full Code Here

  @Override
  public void assertAuthorized() throws AuthorizationException {
    Subject subject = getSubject();
    //数据库权限
    if (jdbcPermission != null) {
      subject.checkPermission(jdbcPermission);
      return;
    }
  }
}

View Full Code Here

0 1

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.