Search in sources :

Example 1 with PatternMatcher

use of org.apache.shiro.util.PatternMatcher in project pmph by BCSquad.

the class UrlPermission method implies.

/**
 * 一个很重要的方法,用户判断 Realm 中设置的权限和从数据库或者配置文件中传递进来的权限信息是否匹配 如果 Realm
 * 的授权方法中,一个认证主体有多个权限,会进行遍历,直到匹配成功为止 this.url 是在遍历状态中变化的
 *
 * urlPermission.url 是从 subject.isPermitted(url) 传递到 UrlPermissionResolver 中传递过来的,就一个固定值
 *
 * @param permission
 * @return
 */
@Override
public boolean implies(Permission permission) {
    if (!(permission instanceof UrlPermission)) {
        return false;
    }
    // 
    UrlPermission urlPermission = (UrlPermission) permission;
    PatternMatcher patternMatcher = new AntPathMatcher();
    logger.info("this.url(来自数据库中存放的通配符数据),在 Realm 的授权方法中注入的 => " + this.url);
    logger.info("urlPermission.url(来自浏览器正在访问的链接) => " + urlPermission.url);
    boolean matches = patternMatcher.matches(this.url, urlPermission.url);
    logger.info("matches => " + matches);
    return matches;
}
Also used : PatternMatcher(org.apache.shiro.util.PatternMatcher) AntPathMatcher(org.apache.shiro.util.AntPathMatcher)

Example 2 with PatternMatcher

use of org.apache.shiro.util.PatternMatcher in project shiro by apache.

the class FilterChainResolverProviderTest method testGet.

@Test
public void testGet() throws Exception {
    Injector injector = createMock(Injector.class);
    PatternMatcher patternMatcher = createMock(PatternMatcher.class);
    underTest.injector = injector;
    underTest.setPatternMatcher(patternMatcher);
    FilterChainResolver resolver = underTest.get();
    Field chainsField = SimpleFilterChainResolver.class.getDeclaredField("chains");
    chainsField.setAccessible(true);
    Field injectorField = SimpleFilterChainResolver.class.getDeclaredField("injector");
    injectorField.setAccessible(true);
    Field patternMatcherField = SimpleFilterChainResolver.class.getDeclaredField("patternMatcher");
    patternMatcherField.setAccessible(true);
    assertSame(chains, chainsField.get(resolver));
    assertSame(injector, injectorField.get(resolver));
    assertSame(patternMatcher, patternMatcherField.get(resolver));
}
Also used : Field(java.lang.reflect.Field) FilterChainResolver(org.apache.shiro.web.filter.mgt.FilterChainResolver) Injector(com.google.inject.Injector) PatternMatcher(org.apache.shiro.util.PatternMatcher) Test(org.junit.Test)

Example 3 with PatternMatcher

use of org.apache.shiro.util.PatternMatcher in project shiro by apache.

the class SimpleFilterChainResolverTest method testGetChain.

@Test
public void testGetChain() throws Exception {
    // test that it uses the pattern matcher - check
    // test that the FIRST chain found is the one that gets returned - check
    // test that the chain returned actually contains the filters returned by the injector - check
    // test that the keys specified for the chain are requested from the injector - check
    // test that filters are looked up lazily - check
    IMocksControl ctrl = createStrictControl();
    Injector injector = ctrl.createMock(Injector.class);
    Map<String, Key<? extends Filter>[]> chainMap = new LinkedHashMap<String, Key<? extends Filter>[]>();
    final String chainOne = "one";
    final String chainTwo = "two";
    final String chainThree = "three";
    final Key<? extends Filter> key1a = Key.get(Filter.class, Names.named("key1a"));
    final Key<? extends Filter> key1b = Key.get(Filter.class, Names.named("key1b"));
    final Key<? extends Filter> key2a = Key.get(Filter.class, Names.named("key2a"));
    final Key<? extends Filter> key2b = Key.get(Filter.class, Names.named("key2b"));
    final Key<? extends Filter> key3a = Key.get(Filter.class, Names.named("key3a"));
    final Key<? extends Filter> key3b = Key.get(Filter.class, Names.named("key3b"));
    chainMap.put(chainOne, new Key[] { key1a, key1b });
    chainMap.put(chainTwo, new Key[] { key2a, key2b });
    chainMap.put(chainThree, new Key[] { key3a, key3b });
    PatternMatcher patternMatcher = ctrl.createMock(PatternMatcher.class);
    ServletRequest request = ctrl.createMock(HttpServletRequest.class);
    ServletResponse response = ctrl.createMock(HttpServletResponse.class);
    FilterChain originalChain = ctrl.createMock(FilterChain.class);
    expect(request.getAttribute(WebUtils.INCLUDE_CONTEXT_PATH_ATTRIBUTE)).andReturn("/context");
    expect(request.getAttribute(WebUtils.INCLUDE_REQUEST_URI_ATTRIBUTE)).andReturn("/mychain");
    expect(request.getCharacterEncoding()).andStubReturn(null);
    expect(patternMatcher.matches(chainOne, "/mychain")).andReturn(false);
    expect(patternMatcher.matches(chainTwo, "/mychain")).andReturn(true);
    Filter filter2a = ctrl.createMock(Filter.class);
    Filter filter2b = ctrl.createMock(Filter.class);
    expect((Filter) injector.getInstance(key2a)).andReturn(filter2a);
    filter2a.doFilter(same(request), same(response), anyObject(FilterChain.class));
    expect((Filter) injector.getInstance(key2b)).andReturn(filter2b);
    filter2b.doFilter(same(request), same(response), anyObject(FilterChain.class));
    originalChain.doFilter(request, response);
    ctrl.replay();
    SimpleFilterChainResolver underTest = new SimpleFilterChainResolver(chainMap, injector, patternMatcher);
    FilterChain got = underTest.getChain(request, response, originalChain);
    got.doFilter(request, response);
    got.doFilter(request, response);
    got.doFilter(request, response);
    ctrl.verify();
    ctrl.reset();
    expect(request.getAttribute(WebUtils.INCLUDE_CONTEXT_PATH_ATTRIBUTE)).andReturn("/context");
    expect(request.getAttribute(WebUtils.INCLUDE_REQUEST_URI_ATTRIBUTE)).andReturn("/nochain");
    expect(request.getCharacterEncoding()).andStubReturn(null);
    expect(patternMatcher.matches(chainOne, "/nochain")).andReturn(false);
    expect(patternMatcher.matches(chainTwo, "/nochain")).andReturn(false);
    expect(patternMatcher.matches(chainThree, "/nochain")).andReturn(false);
    ctrl.replay();
    assertNull("Expected no chain to match, did not get a null value in return.", underTest.getChain(request, response, originalChain));
    ctrl.verify();
}
Also used : ServletRequest(javax.servlet.ServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletResponse(javax.servlet.ServletResponse) FilterChain(javax.servlet.FilterChain) LinkedHashMap(java.util.LinkedHashMap) IMocksControl(org.easymock.IMocksControl) Filter(javax.servlet.Filter) Injector(com.google.inject.Injector) PatternMatcher(org.apache.shiro.util.PatternMatcher) Key(com.google.inject.Key) Test(org.junit.Test)

Aggregations

PatternMatcher (org.apache.shiro.util.PatternMatcher)3 Injector (com.google.inject.Injector)2 Test (org.junit.Test)2 Key (com.google.inject.Key)1 Field (java.lang.reflect.Field)1 LinkedHashMap (java.util.LinkedHashMap)1 Filter (javax.servlet.Filter)1 FilterChain (javax.servlet.FilterChain)1 ServletRequest (javax.servlet.ServletRequest)1 ServletResponse (javax.servlet.ServletResponse)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 AntPathMatcher (org.apache.shiro.util.AntPathMatcher)1 FilterChainResolver (org.apache.shiro.web.filter.mgt.FilterChainResolver)1 IMocksControl (org.easymock.IMocksControl)1