Example usage for org.apache.shiro.authz.permission WildcardPermission implies

List of usage examples for org.apache.shiro.authz.permission WildcardPermission implies

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.authz.permission.*
  5. WildcardPermission
  6. implies

Introduction

In this page you can find the example usage for org.apache.shiro.authz.permission WildcardPermission implies.

Prototype

public boolean implies(Permission p)

Source Link

Usage

From source file:com.ace.console.service.sys.impl.ResourceServiceImpl.java

License:Apache License

private boolean hasPermission(String permission, String actualResourceIdentity) {

    //?? ?a:b:create --->?a:b
    String permissionResourceIdentity = permission.substring(0, permission.lastIndexOf(":"));

    //???  ?? ?? a:b a:b??
    if (permissionResourceIdentity.startsWith(actualResourceIdentity)) {
        return true;
    }// ww  w . j a  v  a 2  s. co m

    //??
    WildcardPermission p1 = new WildcardPermission(permissionResourceIdentity);
    WildcardPermission p2 = new WildcardPermission(actualResourceIdentity);

    return p1.implies(p2) || p2.implies(p1);
}

From source file:ddf.security.permission.KeyValuePermission.java

License:Open Source License

/**
 * Returns {@code true} if this current instance <em>implies</em> all the functionality and/or
 * resource access described by the specified {@code Permission} argurment, {@code false}
 * otherwise.//  w  w w  . j a va2  s . co  m
 *
 * <p>That is, this current instance must be exactly equal to or a <em>superset</em> of the
 * functionality and/or resource access described by the given {@code Permission} argument. Yet
 * another way of saying this would be:
 *
 * <p>If &quot;permission1 implies permission2&quot;, i.e. <code>permission1.implies(permission2)
 * </code> , then any Subject granted {@code permission1} would have ability greater than or equal
 * to that defined by {@code permission2}.
 *
 * <p>For KeyValuePermission objects this is determined as follows:
 *
 * <p>If the keys of each permission are equal and if the values from this object implies the
 * values from the passed in permission, then this permission will imply the passed in permission.
 *
 * @param p permission to checked to see if this permission implies p
 * @return {@code true} if this current instance <em>implies</em> all the functionality and/or
 *     resource access described by the specified {@code Permission} argument, {@code false}
 *     otherwise.
 */
@Override
public boolean implies(Permission p) {
    if (p instanceof KeyValuePermission) {
        if (getKey().equals(((KeyValuePermission) p).getKey())) {
            WildcardPermission thisWildCard = buildWildcardFromKeyValue(this);
            WildcardPermission implied = buildWildcardFromKeyValue((KeyValuePermission) p);
            return thisWildCard.implies(implied);
        }
    } else if (p instanceof KeyValueCollectionPermission) {
        WildcardPermission thisWildCard = buildWildcardFromKeyValue(this);
        List<KeyValuePermission> permissionList = ((KeyValueCollectionPermission) p)
                .getKeyValuePermissionList();
        for (KeyValuePermission keyValuePermission : permissionList) {
            if (getKey().equals(keyValuePermission.getKey())) {
                WildcardPermission implied = buildWildcardFromKeyValue(keyValuePermission);
                return thisWildCard.implies(implied);
            }
        }
    } else if (p instanceof MatchOneCollectionPermission) {
        MatchOneCollectionPermission matchOneCollectionPermission = (MatchOneCollectionPermission) p;
        return matchOneCollectionPermission.implies(this);
    } else if (p instanceof WildcardPermission) {
        WildcardPermission thisWildCard = buildWildcardFromKeyValue(this);
        return thisWildCard.implies(p);
    }
    return false;
}

From source file:org.apache.geode.management.internal.security.ResourcePermissionTest.java

License:Apache License

@Test
public void testImples() {
    WildcardPermission role = new WildcardPermission("*:read");
    role.implies(new ResourcePermission("data", "read"));
    role.implies(new ResourcePermission("cluster", "read"));

    role = new WildcardPermission("*:read:*");
    role.implies(new ResourcePermission("data", "read", "testRegion"));
    role.implies(new ResourcePermission("cluster", "read", "anotherRegion", "key1"));

    role = new WildcardPermission("data:*:testRegion");
    role.implies(new ResourcePermission("data", "read", "testRegion"));
    role.implies(new ResourcePermission("data", "write", "testRegion"));
}

From source file:org.obiba.mica.security.realm.ExtendedWildcardPermission.java

License:Open Source License

@Override
public boolean implies(Permission p) {
    boolean rval = impliesInternal(p);
    if (rval)/*from  w w  w  . j a  v a2s  . c om*/
        return true;

    for (WildcardPermission derived : derivedPermissions) {
        if (derived.implies(p))
            return true;
    }

    return false;
}

From source file:org.sonatype.security.realms.MemoryRealm.java

License:Open Source License

/**
 * This method is overridden, explicitly to dis-allow access to certain permissions
 * that aren't going to be used when using an external security system
 * //from w w  w.  ja v a  2 s  .  c o m
 * @see org.jsecurity.realm.AuthorizingRealm#isPermitted(org.jsecurity.subject.PrincipalCollection, org.jsecurity.authz.Permission)
 */
@Override
public boolean isPermitted(PrincipalCollection principals, Permission permission) {
    if (WildcardPermission.class.isAssignableFrom(permission.getClass())) {
        for (WildcardPermission perm : blockedPermissions) {
            if (perm.implies(permission)) {
                return false;
            }
        }
    }

    return super.isPermitted(principals, permission);
}

From source file:uk.q3c.krail.core.option.cache.OptionPermissionTest.java

License:Apache License

@Test
public void userLevelOnly() {
    //given/*from  w w  w  .j  a  va2s. com*/
    OptionKey<Integer> optionKey = new OptionKey<>(33, LocaleContainer.class, LabelKey.Error);
    //when
    OptionPermission permissionToVerifyDs = new OptionPermission(OptionPermission.Action.EDIT, simpleHierarchy,
            0, optionKey, "ds");
    OptionPermission permissionToVerifyDa = new OptionPermission(OptionPermission.Action.EDIT, simpleHierarchy,
            0, optionKey, "da");
    WildcardPermission editAllUserLevelOptions = new WildcardPermission(
            "option:edit:SimpleUserHierarchy:ds:0:*:*");
    WildcardPermission editAllUserLevelOptions_differentUser = new WildcardPermission(
            "option:edit:SimpleUserHierarchy:da:0:*:*");
    //then
    assertThat(editAllUserLevelOptions.implies(permissionToVerifyDs)).isTrue();
    assertThat(editAllUserLevelOptions.implies(permissionToVerifyDa)).isFalse();
    assertThat(editAllUserLevelOptions_differentUser.implies(permissionToVerifyDs)).isFalse();
}

From source file:uk.q3c.krail.core.shiro.PagePermissionTest.java

License:Apache License

@Test
public void implies() {

    // given/*from  w w  w.ja v a 2  s.  co m*/
    String uri = "private/wiggly/id=1";
    NavigationState navigationState = uriHandler.navigationState(uri);
    WildcardPermission wcp = new WildcardPermission("page:view:private:*");
    // when
    PagePermission p = new PagePermission(navigationState, true);
    // then
    assertThat(p.implies(wcp)).isFalse();
    assertThat(wcp.implies(p)).isTrue();
}