Examples with IamRole com.diboot.iam.entity.IamRole used on opensource projects

Example 1 with IamRole

use of com.diboot.iam.entity.IamRole in project diboot by dibo-software.

the class BaseJwtRealm method doGetAuthorizationInfo.

/**
 * 获取授权信息
 * @param principals
 * @return
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    BaseLoginUser currentUser = (BaseLoginUser) principals.getPrimaryPrincipal();
    // 根据用户类型与用户id获取roleList
    Long extentionObjId = null;
    LabelValue extentionObj = currentUser.getExtentionObj();
    if (extentionObj != null) {
        extentionObjId = (Long) extentionObj.getValue();
    }
    // 获取角色列表
    List<IamRole> roleList = getIamUserRoleService().getUserRoleList(currentUser.getClass().getSimpleName(), currentUser.getId(), extentionObjId);
    // 如果没有任何角色，返回
    if (V.isEmpty(roleList)) {
        return authorizationInfo;
    }
    // 整理所有角色许可列表
    Set<String> allRoleCodes = new HashSet<>();
    List<Long> roleIds = new ArrayList<>();
    roleList.stream().forEach(role -> {
        // 添加当前角色到角色列表中
        allRoleCodes.add(role.getCode());
        roleIds.add(role.getId());
    });
    // 整理所有权限许可列表，从缓存匹配
    Set<String> allPermissionCodes = new HashSet<>();
    List<String> apiUrlList = getIamRoleResourceService().getApiUrlList(Cons.APPLICATION, roleIds);
    if (V.notEmpty(apiUrlList)) {
        apiUrlList.stream().forEach(set -> {
            for (String uri : set.split(Cons.SEPARATOR_COMMA)) {
                String permissionCode = IamCacheManager.getPermissionCode(uri);
                if (permissionCode != null) {
                    allPermissionCodes.add(permissionCode);
                }
            }
        });
    }
    // 将所有角色和权限许可授权给用户
    authorizationInfo.setRoles(allRoleCodes);
    authorizationInfo.setStringPermissions(allPermissionCodes);
    return authorizationInfo;
}