Examples with SimpleAuthorizationInfo org.apache.shiro.authz.SimpleAuthorizationInfo used on opensource projects

Example 11 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project dubidubi by lzzzz4.

the class LoginRealm method doGetAuthorizationInfo.

// 授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    UserDO userDO = (UserDO) principals.getPrimaryPrincipal();
    Integer roleId = userLoginService.getRoleIdByUserId(userDO.getId());
    if (roleId == null) {
        return null;
    }
    List<PermissionDO> list = userLoginService.listPermissionByRoleId(roleId);
    int length = list.size();
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    for (int i = 0; i < length; i++) {
        String temp = list.get(i).getEnabled();
        if (temp.equals("Y")) {
            simpleAuthorizationInfo.addStringPermission(list.get(i).getRemark());
        }
    }
    return simpleAuthorizationInfo;
}

Example 12 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project Workload by amoxu.

the class loginRealm method doGetAuthorizationInfo.

/**
 * 获取身份信息，我们可以在这个方法中，从数据库获取该用户的权限和角色信息
 * 当调用权限验证时，就会调用此方法
 */
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    String teacherName = (String) getAvailablePrincipal(principalCollection);
    com.hfut.entity.UserRole role = null;
    try {
        User userlogin = userService.findByName(teacherName);
        // 获取角色对象
        role = userRoleService.findByid(userlogin.getLevel());
    } catch (Exception e) {
        try {
            throw new CustomException("用户不存在或密码错误");
        } catch (CustomException e1) {
            e1.printStackTrace();
        }
    }
    // 通过用户名从数据库获取权限/角色信息
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<String> r = new HashSet<String>();
    if (role != null) {
        r.add(role.getName());
        info.setRoles(r);
    }
    return info;
}

Example 13 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project springBoot-learn-demo by nbfujx.

the class ShiroRealm method doGetAuthorizationInfo.

/**
 *权限验证
 * *
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
    SysUser user = sysUserService.getSysUserByUsername((String) principalCollection.getPrimaryPrincipal());
    // 把principals放session中 key=userId value=principals
    SecurityUtils.getSubject().getSession().setAttribute(String.valueOf(user.getId()), SecurityUtils.getSubject().getPrincipals());
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    Set<UserRolePO> urpos = sysUserService.listUserRolePO(user);
    Set<UserPermissionPO> uppos = sysUserService.listUserPermissionPO(user);
    // 赋予角色
    for (UserRolePO userRole : urpos) {
        this.logger.info(userRole.getRoleId());
        info.addRole(userRole.getRoleId());
    }
    // 赋予权限
    for (UserPermissionPO userPermission : uppos) {
        this.logger.info(userPermission.getPermission());
        info.addStringPermission(userPermission.getPermission());
    }
    return info;
}

Example 14 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project shiro by apache.

the class SampleRealm method doGetAuthorizationInfo.

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    Long userId = (Long) principals.fromRealm(getName()).iterator().next();
    User user = userDAO.getUser(userId);
    if (user != null) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        for (Role role : user.getRoles()) {
            info.addRole(role.getName());
            info.addStringPermissions(role.getPermissions());
        }
        return info;
    } else {
        return null;
    }
}

Example 15 with SimpleAuthorizationInfo

use of org.apache.shiro.authz.SimpleAuthorizationInfo in project shiro by apache.

the class JdbcRealm method doGetAuthorizationInfo.

/**
 * This implementation of the interface expects the principals collection to return a String username keyed off of
 * this realm's {@link #getName() name}
 *
 * @see #getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    // null usernames are invalid
    if (principals == null) {
        throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
    }
    String username = (String) getAvailablePrincipal(principals);
    Connection conn = null;
    Set<String> roleNames = null;
    Set<String> permissions = null;
    try {
        conn = dataSource.getConnection();
        // Retrieve roles and permissions from database
        roleNames = getRoleNamesForUser(conn, username);
        if (permissionsLookupEnabled) {
            permissions = getPermissions(conn, username, roleNames);
        }
    } catch (SQLException e) {
        final String message = "There was a SQL error while authorizing user [" + username + "]";
        if (log.isErrorEnabled()) {
            log.error(message, e);
        }
        // Rethrow any SQL errors as an authorization exception
        throw new AuthorizationException(message, e);
    } finally {
        JdbcUtils.closeConnection(conn);
    }
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
    info.setStringPermissions(permissions);
    return info;
}