Search in sources :

Example 11 with RequiresRoles

use of org.apache.shiro.authz.annotation.RequiresRoles in project mica2 by obiba.

the class DataAccessFormResource method permissions.

@Path("/permissions")
@RequiresRoles(Roles.MICA_ADMIN)
public SubjectAclResource permissions() {
    SubjectAclResource subjectAclResource = applicationContext.getBean(SubjectAclResource.class);
    subjectAclResource.setResourceInstance("/data-access-request", "*");
    subjectAclResource.addOtherResourceName("action-logs");
    subjectAclResource.addOtherResourceName("private-comment");
    subjectAclResource.setFileResourceInstance("/file", "/data-access-request");
    return subjectAclResource;
}
Also used : SubjectAclResource(org.obiba.mica.security.rest.SubjectAclResource) Path(javax.ws.rs.Path) RequiresRoles(org.apache.shiro.authz.annotation.RequiresRoles)

Example 12 with RequiresRoles

use of org.apache.shiro.authz.annotation.RequiresRoles in project shiro by apache.

the class RoleAnnotationHandlerTest method testGuestMultipleRolesAssertion.

// Added to satisfy SHIRO-146
@Test(expected = UnauthenticatedException.class)
public void testGuestMultipleRolesAssertion() throws Throwable {
    RoleAnnotationHandler handler = new RoleAnnotationHandler();
    Annotation requiresRolesAnnotation = new RequiresRoles() {

        public String[] value() {
            return new String[] { "blah", "blah2" };
        }

        public Class<? extends Annotation> annotationType() {
            return RequiresRoles.class;
        }

        public Logical logical() {
            return Logical.AND;
        }
    };
    handler.assertAuthorized(requiresRolesAnnotation);
}
Also used : RequiresRoles(org.apache.shiro.authz.annotation.RequiresRoles) Annotation(java.lang.annotation.Annotation) Test(org.junit.Test)

Example 13 with RequiresRoles

use of org.apache.shiro.authz.annotation.RequiresRoles in project shiro by apache.

the class AccountInfoController method home.

@RequiresRoles("admin")
@RequestMapping("/account-info")
public String home(Model model) {
    String name = "World";
    Subject subject = SecurityUtils.getSubject();
    PrincipalCollection principalCollection = subject.getPrincipals();
    if (principalCollection != null && !principalCollection.isEmpty()) {
        name = principalCollection.getPrimaryPrincipal().toString();
    }
    model.addAttribute("name", name);
    return "account-info";
}
Also used : PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) Subject(org.apache.shiro.subject.Subject) RequiresRoles(org.apache.shiro.authz.annotation.RequiresRoles) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

RequiresRoles (org.apache.shiro.authz.annotation.RequiresRoles)13 Path (javax.ws.rs.Path)4 Timed (com.codahale.metrics.annotation.Timed)3 Annotation (java.lang.annotation.Annotation)3 Subject (org.apache.shiro.subject.Subject)3 Test (org.junit.Test)3 SubjectAclResource (org.obiba.mica.security.rest.SubjectAclResource)3 TaxonomiesUpdatedEvent (org.obiba.mica.micaConfig.event.TaxonomiesUpdatedEvent)2 JsonPath (com.jayway.jsonpath.JsonPath)1 Method (java.lang.reflect.Method)1 AroundInvoke (javax.interceptor.AroundInvoke)1 PUT (javax.ws.rs.PUT)1 UnauthenticatedException (org.apache.shiro.authz.UnauthenticatedException)1 RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)1 RequiresGuest (org.apache.shiro.authz.annotation.RequiresGuest)1 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)1 RequiresUser (org.apache.shiro.authz.annotation.RequiresUser)1 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)1 IndexContactsEvent (org.obiba.mica.contact.event.IndexContactsEvent)1 IndexDatasetsEvent (org.obiba.mica.dataset.event.IndexDatasetsEvent)1