Search in sources :

Example 6 with AuthorizationInfo

use of org.apache.shiro.authz.AuthorizationInfo in project ddf by codice.

the class AuthzRealm method isPermitted.

/**
     * Checks if the corresponding Subject/user implies the given Permissions and returns a boolean
     * array indicating which permissions are implied.
     * <p/>
     * <p/>
     * More specifically, this method should determine if each <tt>Permission</tt> in the array is
     * {@link Permission#implies(Permission) implied} by permissions already associated with the
     * subject.
     * <p/>
     * <p/>
     * This is primarily a performance-enhancing method to help reduce the number of
     * {@link #isPermitted} invocations over the wire in client/server systems.
     *
     * @param subjectPrincipal the application-specific subject/user identifier.
     * @param permissions      the permissions that are being checked.
     * @return an array of booleans whose indices correspond to the index of the permissions in the
     * given list. A true value at an index indicates the user is permitted for for the
     * associated <tt>Permission</tt> object in the list. A false value at an index
     * indicates otherwise.
     */
@Override
public boolean[] isPermitted(PrincipalCollection subjectPrincipal, List<Permission> permissions) {
    boolean[] results = new boolean[permissions.size()];
    AuthorizationInfo authorizationInfo = getAuthorizationInfo(subjectPrincipal);
    List<Permission> expandedPermissions = expandPermissions(permissions);
    int i = 0;
    for (Permission permission : expandedPermissions) {
        results[i++] = isPermitted(subjectPrincipal, permission, authorizationInfo);
    }
    return results;
}
Also used : MatchOneCollectionPermission(ddf.security.permission.MatchOneCollectionPermission) CollectionPermission(ddf.security.permission.CollectionPermission) KeyValuePermission(ddf.security.permission.KeyValuePermission) Permission(org.apache.shiro.authz.Permission) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) AuthorizationInfo(org.apache.shiro.authz.AuthorizationInfo)

Aggregations

AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)6 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)4 CollectionPermission (ddf.security.permission.CollectionPermission)2 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)2 KeyValuePermission (ddf.security.permission.KeyValuePermission)2 Permission (org.apache.shiro.authz.Permission)2 AuthzRealm (ddf.security.pdp.realm.AuthzRealm)1 MatchOneCollectionPermission (ddf.security.permission.MatchOneCollectionPermission)1 ArrayList (java.util.ArrayList)1 Properties (java.util.Properties)1 InitialLdapContext (javax.naming.ldap.InitialLdapContext)1 LdapContext (javax.naming.ldap.LdapContext)1 AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)1 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)1 AuthorizationException (org.apache.shiro.authz.AuthorizationException)1 WildcardPermission (org.apache.shiro.authz.permission.WildcardPermission)1 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)1 SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)1 XmlParser (org.codice.ddf.parser.xml.XmlParser)1 Before (org.junit.Before)1