Example 11 with RequiresRoles
use of org.apache.shiro.authz.annotation.RequiresRoles in project mica2 by obiba.
the class DataAccessFormResource method permissions.
@Path("/permissions")
@RequiresRoles(Roles.MICA_ADMIN)
public SubjectAclResource permissions() {
SubjectAclResource subjectAclResource = applicationContext.getBean(SubjectAclResource.class);
subjectAclResource.setResourceInstance("/data-access-request", "*");
subjectAclResource.addOtherResourceName("action-logs");
subjectAclResource.addOtherResourceName("private-comment");
subjectAclResource.setFileResourceInstance("/file", "/data-access-request");
return subjectAclResource;
}
Also used :
SubjectAclResource(org.obiba.mica.security.rest.SubjectAclResource)
Path(javax.ws.rs.Path)
RequiresRoles(org.apache.shiro.authz.annotation.RequiresRoles)
Example 12 with RequiresRoles
use of org.apache.shiro.authz.annotation.RequiresRoles in project shiro by apache.
the class RoleAnnotationHandlerTest method testGuestMultipleRolesAssertion.
// Added to satisfy SHIRO-146
@Test(expected = UnauthenticatedException.class)
public void testGuestMultipleRolesAssertion() throws Throwable {
RoleAnnotationHandler handler = new RoleAnnotationHandler();
Annotation requiresRolesAnnotation = new RequiresRoles() {
public String[] value() {
return new String[] { "blah", "blah2" };
}
public Class<? extends Annotation> annotationType() {
return RequiresRoles.class;
}
public Logical logical() {
return Logical.AND;
}
};
handler.assertAuthorized(requiresRolesAnnotation);
}
Also used :
RequiresRoles(org.apache.shiro.authz.annotation.RequiresRoles)
Annotation(java.lang.annotation.Annotation)
Test(org.junit.Test)
Example 13 with RequiresRoles
use of org.apache.shiro.authz.annotation.RequiresRoles in project shiro by apache.
the class AccountInfoController method home.
@RequiresRoles("admin")
@RequestMapping("/account-info")
public String home(Model model) {
String name = "World";
Subject subject = SecurityUtils.getSubject();
PrincipalCollection principalCollection = subject.getPrincipals();
if (principalCollection != null && !principalCollection.isEmpty()) {
name = principalCollection.getPrimaryPrincipal().toString();
}
model.addAttribute("name", name);
return "account-info";
}
Also used :
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
Subject(org.apache.shiro.subject.Subject)
RequiresRoles(org.apache.shiro.authz.annotation.RequiresRoles)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
RequiresRoles (org.apache.shiro.authz.annotation.RequiresRoles)13
Path (javax.ws.rs.Path)4
Timed (com.codahale.metrics.annotation.Timed)3
Annotation (java.lang.annotation.Annotation)3
Subject (org.apache.shiro.subject.Subject)3
Test (org.junit.Test)3
SubjectAclResource (org.obiba.mica.security.rest.SubjectAclResource)3
TaxonomiesUpdatedEvent (org.obiba.mica.micaConfig.event.TaxonomiesUpdatedEvent)2
JsonPath (com.jayway.jsonpath.JsonPath)1
Method (java.lang.reflect.Method)1
AroundInvoke (javax.interceptor.AroundInvoke)1
PUT (javax.ws.rs.PUT)1
UnauthenticatedException (org.apache.shiro.authz.UnauthenticatedException)1
RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)1
RequiresGuest (org.apache.shiro.authz.annotation.RequiresGuest)1
RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)1
RequiresUser (org.apache.shiro.authz.annotation.RequiresUser)1
PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)1
IndexContactsEvent (org.obiba.mica.contact.event.IndexContactsEvent)1
IndexDatasetsEvent (org.obiba.mica.dataset.event.IndexDatasetsEvent)1
