List of usage examples for org.apache.shiro.authz.annotation Logical OR
Logical OR
To view the source code for org.apache.shiro.authz.annotation Logical OR.
Click Source Link
From source file:club.zhcs.agent.ext.shiro.aop.ThunderPermissionAnnotationHandler.java
License:Apache License
/** * Ensures that the calling <code>Subject</code> has the Annotation's * specified permissions, and if not, throws an * <code>AuthorizingException</code> indicating access is denied. * * @param a//from w w w .jav a2 s .com * the NutzRequiresPermissions annotation being inspected to * check for one or more permissions * @throws org.apache.shiro.authz.AuthorizationException * if the calling <code>Subject</code> does not have the * permission(s) necessary to continue access or execution. */ @Override public void assertAuthorized(Annotation a) throws AuthorizationException { if (!(a instanceof ThunderRequiresPermissions)) return; ThunderRequiresPermissions rpAnnotation = (ThunderRequiresPermissions) a; InstallPermission[] perms_ = rpAnnotation.value(); Subject subject = getSubject(); final String[] perms = new String[perms_.length]; Lang.each(perms_, new Each<InstallPermission>() { @Override public void invoke(int index, InstallPermission ele, int length) throws ExitLoop, ContinueLoop, LoopException { perms[index] = ele.getName(); } }); if (perms.length == 1) { subject.checkPermission(perms[0]); return; } if (Logical.AND.equals(rpAnnotation.logical())) { getSubject().checkPermissions(perms); return; } if (Logical.OR.equals(rpAnnotation.logical())) { boolean hasAtLeastOnePermission = false; for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true; if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]); } }
From source file:cn.dreampie.common.plugin.shiro.plugin.PermissionAuthzHandler.java
License:Apache License
@Override public void assertAuthorized() throws AuthorizationException { Subject subject = getSubject(); if (!(annotation instanceof RequiresPermissions)) return;//from w ww . j av a 2 s. c om RequiresPermissions rpAnnotation = (RequiresPermissions) annotation; String[] perms = rpAnnotation.value(); if (perms.length == 1) { subject.checkPermission(perms[0]); return; } if (Logical.AND.equals(rpAnnotation.logical())) { getSubject().checkPermissions(perms); return; } if (Logical.OR.equals(rpAnnotation.logical())) { // Avoid processing exceptions unnecessarily - "delay" throwing the // exception by calling hasRole first boolean hasAtLeastOnePermission = false; for (String permission : perms) if (subject.isPermitted(permission)) hasAtLeastOnePermission = true; // Cause the exception if none of the role match, note that the // exception message will be a bit misleading if (!hasAtLeastOnePermission) subject.checkPermission(perms[0]); } }
From source file:cn.dreampie.common.plugin.shiro.plugin.RoleAuthzHandler.java
License:Apache License
@Override public void assertAuthorized() throws AuthorizationException { Subject subject = getSubject(); if (!(annotation instanceof RequiresRoles)) return;/* w ww. j a va 2 s .co m*/ RequiresRoles rrAnnotation = (RequiresRoles) annotation; String[] roles = rrAnnotation.value(); if (roles.length == 1) { subject.checkRole(roles[0]); return; } if (Logical.AND.equals(rrAnnotation.logical())) { subject.checkRoles(Arrays.asList(roles)); return; } if (Logical.OR.equals(rrAnnotation.logical())) { // Avoid processing exceptions unnecessarily - "delay" throwing the exception by calling hasRole first boolean hasAtLeastOneRole = false; for (String role : roles) if (subject.hasRole(role)) hasAtLeastOneRole = true; // Cause the exception if none of the role match, note that the exception message will be a bit misleading if (!hasAtLeastOneRole) subject.checkRole(roles[0]); } }
From source file:com.dbumama.market.web.core.plugin.shiro.PermissionAuthzHandler.java
License:Apache License
public void assertAuthorized() throws AuthorizationException { if (!(annotation instanceof RequiresPermissions)) return;//w ww . j a va 2s . c om RequiresPermissions rpAnnotation = (RequiresPermissions) annotation; String[] perms = rpAnnotation.value(); Subject subject = getSubject(); if (perms.length == 1) { subject.checkPermission(perms[0]); return; } if (Logical.AND.equals(rpAnnotation.logical())) { getSubject().checkPermissions(perms); return; } if (Logical.OR.equals(rpAnnotation.logical())) { // Avoid processing exceptions unnecessarily - "delay" throwing the // exception by calling hasRole first boolean hasAtLeastOnePermission = false; for (String permission : perms) if (getSubject().isPermitted(permission)) hasAtLeastOnePermission = true; // Cause the exception if none of the role match, note that the // exception message will be a bit misleading if (!hasAtLeastOnePermission) getSubject().checkPermission(perms[0]); } }
From source file:com.dbumama.market.web.core.plugin.shiro.RoleAuthzHandler.java
License:Apache License
public void assertAuthorized() throws AuthorizationException { //if (!(annotation instanceof RequiresRoles)) return; RequiresRoles rrAnnotation = (RequiresRoles) annotation; String[] roles = rrAnnotation.value(); if (roles.length == 1) { getSubject().checkRole(roles[0]); return;/* w w w. j av a 2 s . c om*/ } if (Logical.AND.equals(rrAnnotation.logical())) { getSubject().checkRoles(Arrays.asList(roles)); return; } if (Logical.OR.equals(rrAnnotation.logical())) { // Avoid processing exceptions unnecessarily - "delay" throwing the exception by calling hasRole first boolean hasAtLeastOneRole = false; for (String role : roles) if (getSubject().hasRole(role)) hasAtLeastOneRole = true; // Cause the exception if none of the role match, note that the exception message will be a bit misleading if (!hasAtLeastOneRole) getSubject().checkRole(roles[0]); } }
From source file:com.eastcom.baseframe.web.modules.sys.web.controller.api.DictController.java
@RequiresPermissions(value = { "sys:dictmgr:add", "sys:dictmgr:edit" }, logical = Logical.OR) @OperationLog(content = "", type = OperationType.CREATE) @ResponseBody/* w w w . j av a 2 s.c om*/ @RequestMapping(value = "/addOrUpdate", method = RequestMethod.POST) public AjaxJson addOrUpdate(HttpSession session, HttpServletRequest request, @RequestParam Map<String, Object> params) { logger.info("----"); AjaxJson json = new AjaxJson(); try { String id = StringUtils.defaultIfBlank((String) params.get("id"), "0"); String parentId = StringUtils.defaultIfBlank((String) params.get("parentId"), "null"); String type = StringUtils.defaultIfBlank((String) params.get("type"), ""); String code = (String) params.get("code"); String name = (String) params.get("name"); String description = (String) params.get("description"); Dict dict = dictService.get(id); if (dict == null) { //?parentIdcode??parentId??code Map<String, Object> reqParam = Maps.newHashMap(); reqParam.put("parentId", parentId); reqParam.put("code", code); List<Dict> temps = dictService.find(reqParam); if (CollectionUtils.isNotEmpty(temps)) { json.setSuccess(false); json.setMessage("?,??"); return json; } dict = new Dict(); dict.setCode(code); json.setMessage("add"); } else { json.setMessage("update"); } dict.setName(name); dict.setType(type); dict.setDescription(description); Dict parentDict = dictService.get(parentId); if (parentDict != null) { dict.setParent(parentDict); } dictService.saveOrUpdate(dict); json.setSuccess(true); json.setModel(dict); DictCache.clearCache(); } catch (Exception e) { e.printStackTrace(); json.setSuccess(false); json.setMessage("?"); } return json; }
From source file:com.eastcom.hrmis.modules.emp.web.controller.api.EmployeeController.java
/** * /*from w w w. j a v a2 s. c o m*/ * @param session * @param request * @param params * @return */ @RequiresPermissions(value = { "emp:baseinfomgr:add", "emp:baseinfomgr:edit" }, logical = Logical.OR) @OperationLog(content = "?", type = OperationType.CREATE) @ResponseBody @RequestMapping(value = "/addOrUpdate", method = RequestMethod.POST) public AjaxJson addOrUpdate(HttpSession session, HttpServletRequest request, @RequestParam Map<String, Object> params) { logger.info("--?--"); AjaxJson json = new AjaxJson(); try { String addOrUpdate = (String) params.get("addOrUpdate"); if (StringUtils.isNotEmpty(addOrUpdate) && "add".equals(addOrUpdate)) { //??code Map<String, Object> reqParam = Maps.newHashMap(); reqParam.put("code", (String) params.get("code")); List<Employee> temps = employeeService.find(reqParam); if (CollectionUtils.isNotEmpty(temps)) { json.setSuccess(false); json.setMessage("?,??"); return json; } //????? reqParam = Maps.newHashMap(); reqParam.put("cardNo", (String) params.get("cardNo")); temps = employeeService.find(reqParam); if (CollectionUtils.isNotEmpty(temps)) { json.setSuccess(false); json.setMessage("?,????"); return json; } } String id = StringUtils.defaultIfBlank((String) params.get("id"), "0"); Employee employee = employeeService.get(id); if (employee == null) { employee = new Employee(); employee.setCreateDate(new Date()); } employee.setCode((String) params.get("code")); employee.setName((String) params.get("name")); employee.setSex(NumberUtils.toInt((String) params.get("sex"), 1)); employee.setAge(NumberUtils.toInt((String) params.get("age"), 0)); employee.setEnrtyDate(DateUtils.parseDate((String) params.get("enrtyDate"))); employee.setEnrtyDateType(NumberUtils.toInt((String) params.get("enrtyDateType"), 0)); employee.setRegularDate(DateUtils.parseDate((String) params.get("regularDate"))); employee.setRegularDateTwo(DateUtils.parseDate((String) params.get("regularDateTwo"))); employee.setRetireDate(DateUtils.parseDate((String) params.get("retireDate"))); employee.setNation((String) params.get("nation")); employee.setMarryType(NumberUtils.toInt((String) params.get("marryType"), 0)); employee.setHeight((String) params.get("height")); employee.setCardNo((String) params.get("cardNo")); employee.setCardNoValidDate(DateUtils.parseDate((String) params.get("cardNoValidDate"))); employee.setIsCardNoLongTerm(NumberUtils.toInt((String) params.get("isCardNoLongTerm"), 0)); employee.setBirthDate(DateUtils.parseDate((String) params.get("birthDate"))); employee.setEducation(NumberUtils.toInt((String) params.get("education"), 1)); employee.setManageLevel(NumberUtils.toInt((String) params.get("manageLevel"), 1)); employee.setJobTitle((String) params.get("jobTitle")); employee.setJobCapacity((String) params.get("jobCapacity")); employee.setPolity(NumberUtils.toInt((String) params.get("polity"), 1)); employee.setDriveLicenseType(NumberUtils.toInt((String) params.get("driveLicenseType"), 0)); employee.setDriveLicenseGetDate(DateUtils.parseDate((String) params.get("driveLicenseGetDate"))); employee.setDriveLicenseValidDate(DateUtils.parseDate((String) params.get("driveLicenseValidDate"))); employee.setMajor((String) params.get("major")); employee.setNativePlaceType(NumberUtils.toInt((String) params.get("nativePlaceType"), 1)); employee.setNativePlaceAddr((String) params.get("nativePlaceAddr")); employee.setNativePlace((String) params.get("nativePlace")); employee.setContactAddr((String) params.get("contactAddr")); employee.setTelephone((String) params.get("telephone")); employee.setEmergentName((String) params.get("emergentName")); employee.setEmergentTelephone((String) params.get("emergentTelephone")); employee.setMealRoomType(NumberUtils.toInt((String) params.get("mealRoomType"), 1)); employee.setPerformanceWageType(NumberUtils.toInt((String) params.get("performanceWageType"), 0)); employee.setLaborType(NumberUtils.toInt((String) params.get("laborType"), 1)); employee.setContractStartDate(DateUtils.parseDate((String) params.get("contractStartDate"))); employee.setContractEndDate(DateUtils.parseDate((String) params.get("contractEndDate"))); employee.setContractSignDateType(NumberUtils.toInt((String) params.get("contractSignDateType"), 1)); employee.setContractSignDate(DateUtils.parseDate((String) params.get("contractSignDate"))); employee.setContractTermCond(NumberUtils.toInt((String) params.get("contractTermCond"), 0)); employee.setHasRiskAgreement(NumberUtils.toInt((String) params.get("hasRiskAgreement"), 0)); employee.setHasPercentAgreement(NumberUtils.toInt((String) params.get("hasPercentAgreement"), 0)); employee.setBankType(NumberUtils.toInt((String) params.get("bankType"), 0)); employee.setBankCard((String) params.get("bankCard")); employee.setCharacterRemark((String) params.get("characterRemark")); employee.setHasLaborDispute(NumberUtils.toInt((String) params.get("hasLaborDispute"), 0)); employee.setLaborDisputeResult((String) params.get("laborDisputeResult")); employee.setEnrtyIntorducerCompany((String) params.get("enrtyIntorducerCompany")); employee.setEnrtyIntorducer((String) params.get("enrtyIntorducer")); employee.setHasDiseaseHistory(NumberUtils.toInt((String) params.get("hasDiseaseHistory"), 0)); employee.setDiseaseHistory((String) params.get("diseaseHistory")); employee.setHasFriendInCompany(NumberUtils.toInt((String) params.get("hasFriendInCompany"), 0)); employee.setFriendDept((String) params.get("friendDept")); employee.setFriendName((String) params.get("friendName")); employee.setFriendJobTitle((String) params.get("friendJobTitle")); employee.setContractType(NumberUtils.toInt((String) params.get("contractType"), 0)); employee.setHasSignForm(NumberUtils.toInt((String) params.get("hasSignForm"), 0)); employee.setHasInsure(NumberUtils.toInt((String) params.get("hasInsure"), 0)); employee.setInsureNo((String) params.get("insureNo")); employee.setInsureDate(DateUtils.parseDate((String) params.get("insureDate"))); employee.setInsurePayBase(NumberUtils.toDouble((String) params.get("insurePayBase"), 0)); employee.setHasPersionInsure(NumberUtils.toInt((String) params.get("hasPersionInsure"), 0)); employee.setHasInjuryInsure(NumberUtils.toInt((String) params.get("hasInjuryInsure"), 0)); employee.setHasBirthInsure(NumberUtils.toInt((String) params.get("hasBirthInsure"), 0)); employee.setHasMedicalInsure(NumberUtils.toInt((String) params.get("hasMedicalInsure"), 0)); employee.setHasSeriousInsure(NumberUtils.toInt((String) params.get("hasSeriousInsure"), 0)); employee.setHasGsbInsure(NumberUtils.toInt((String) params.get("hasGsbInsure"), 0)); employee.setHasNonPurchaseCommit(NumberUtils.toInt((String) params.get("hasNonPurchaseCommit"), 0)); employee.setHasPublicFund(NumberUtils.toInt((String) params.get("hasPublicFund"), 0)); employee.setPublicFundPayBase(NumberUtils.toDouble((String) params.get("publicFundPayBase"), 0)); employee.setPublicFundDate(DateUtils.parseDate((String) params.get("publicFundDate"))); employee.setHasQuitCompany(NumberUtils.toInt((String) params.get("hasQuitCompany"), 0)); employee.setQuitCompanyType(NumberUtils.toInt((String) params.get("quitCompanyType"), 0)); employee.setQuitCompanyDate(DateUtils.parseDate((String) params.get("quitCompanyDate"))); employee.setQuitCompanyResult((String) params.get("quitCompanyResult")); employee.setPostChangeRemark((String) params.get("postChangeRemark")); employee.setDeptChangeRemark((String) params.get("deptChangeRemark")); employee.setOperaChangeRemark((String) params.get("operaChangeRemark")); employee.setWageChangeRemark((String) params.get("wageChangeRemark")); employee.setEmployeeDept( employeeDeptService.get(StringUtils.defaultIfBlank((String) params.get("employeeDept"), "0"))); employee.setEmployeePost( employeePostService.get(StringUtils.defaultIfBlank((String) params.get("employeePost"), "0"))); employee.setWagePlan( wagePlanService.get(StringUtils.defaultIfBlank((String) params.get("wagePlan"), "0"))); employee.setOverTimeRate(NumberUtils.toInt((String) params.get("overTimeRate"), 1)); employee.setModifyer(SecurityCache.getLoginUser().getName()); employee.setModifyDate(new Date()); employee.setRecordStatus(1); //,??,??? employee.setAuditStatus(NumberUtils.toInt((String) params.get("auditStatus"), 0)); //?--??? employeeCheckWorkStatMonthService.deleteByEmployeeId(employee.getId()); // ????? Map<String, Object> orderParam = Maps.newHashMap(); orderParam.put("employeeId", employee.getId()); orderParam.put("type", 4); orderParam.put("status", 0); List<EmployeeOrder> orders = employeeOrderService.find(orderParam); if (CollectionUtils.isNotEmpty(orders)) { for (EmployeeOrder employeeOrder : orders) { employeeOrder.setStatus(1); employeeOrderService.saveOrUpdate(employeeOrder); } } //? 5??? orderParam = Maps.newHashMap(); orderParam.put("employeeId", employee.getId()); orderParam.put("type", 5); orderParam.put("status", 0); orders = employeeOrderService.find(orderParam); //????? if (CollectionUtils.isEmpty(orders) && employee.getAuditStatus() == 1) { EmployeeOrder order = new EmployeeOrder(); order.setEmployee(employee); order.setContent(employee.getName() + "???"); order.setStatus(0); order.setType(5); employeeOrderService.save(order); logger.info(employee.getName() + " ?:" + order.getTypeDict() + "??"); } //????? if (CollectionUtils.isNotEmpty(orders) && (employee.getAuditStatus() == 2 || employee.getAuditStatus() == 3)) { for (EmployeeOrder employeeOrder : orders) { employeeOrder.setStatus(1); employeeOrderService.saveOrUpdate(employeeOrder); } } employeeService.saveOrUpdate(employee); json.setSuccess(true); json.setMessage("??"); } catch (Exception e) { e.printStackTrace(); json.setSuccess(false); json.setMessage("?"); } return json; }
From source file:com.eastcom.hrmis.modules.emp.web.controller.api.EmployeeController.java
/** * ?ID/*from www . ja v a 2 s. c o m*/ * @param session * @param request * @param params * @return */ @RequiresPermissions(value = { "emp:baseinfomgr:add", "emp:baseinfomgr:edit" }, logical = Logical.OR) @OperationLog(content = "?ID", type = OperationType.VIEW) @ResponseBody @RequestMapping(value = "/detail", method = RequestMethod.POST) public AjaxJson detail(HttpSession session, HttpServletRequest request, @RequestParam Map<String, Object> params) { logger.info("--?ID--"); AjaxJson json = new AjaxJson(); try { String id = StringUtils.defaultIfBlank((String) params.get("id"), "0"); Employee employee = employeeService.get(id); json.setModel(employee); json.setSuccess(true); } catch (Exception e) { e.printStackTrace(); json.setSuccess(false); json.setMessage("?"); } return json; }
From source file:com.fangxin365.wechat.web.UserController.java
License:Apache License
@RequiresRoles(value = { "Admin", "User" }, logical = Logical.OR) @RequestMapping(value = "") public String list(Model model, ServletRequest request) { Map<String, Object> searchParams = Servlets.getParametersStartingWith(request, "search_"); List<User> users = accountService.searchUser(searchParams); model.addAttribute("users", users); model.addAttribute("allStatus", allStatus); return "account/userList"; }
From source file:com.ftww.basic.plugin.shiro.core.handler.PermissionAuthzHandler.java
License:Apache License
@Override public void assertAuthorized() throws AuthorizationException { Subject subject = getSubject(); if (!(annotation instanceof RequiresPermissions)) return;/* w ww .ja va 2 s . com*/ RequiresPermissions rpAnnotation = (RequiresPermissions) annotation; String[] perms = rpAnnotation.value(); if (perms.length == 1) { subject.checkPermission(perms[0]); return; } if (Logical.AND.equals(rpAnnotation.logical())) { getSubject().checkPermissions(perms); return; } if (Logical.OR.equals(rpAnnotation.logical())) { // Avoid processing exceptions unnecessarily - "delay" throwing the // exception by calling hasRole first boolean hasAtLeastOnePermission = false; for (String permission : perms) if (subject.isPermitted(permission)) hasAtLeastOnePermission = true; // Cause the exception if none of the role match, note that the // exception message will be a bit misleading if (!hasAtLeastOnePermission) subject.checkPermission(perms[0]); } }