List of usage examples for org.apache.shiro.authz.permission WildcardPermissionResolver resolvePermission
public Permission resolvePermission(String permissionString)
From source file:org.mobicents.servlet.restcomm.http.SecuredEndpoint.java
License:Open Source License
/** * Low level permission checking. roleNames are checked for neededPermissionString permission using permission * mappings contained in restcomm.xml. The permission mappings are stored in RestcommRoles. * * Note: Administrator is granted access with eyes closed /*from ww w .j a v a 2s.c o m*/ * @param neededPermissionString * @param roleNames * @return */ private AuthOutcome checkPermission(String neededPermissionString, Set<String> roleNames) { // if this is an administrator ask no more questions if (roleNames.contains(getAdministratorRole())) return AuthOutcome.OK; // normalize the permission string //neededPermissionString = "domain:" + neededPermissionString; WildcardPermissionResolver resolver = new WildcardPermissionResolver(); Permission neededPermission = resolver.resolvePermission(neededPermissionString); // check the neededPermission against all roles of the user RestcommRoles restcommRoles = identityContext.getRestcommRoles(); for (String roleName : roleNames) { SimpleRole simpleRole = restcommRoles.getRole(roleName); if (simpleRole == null) { return AuthOutcome.FAILED; } else { Set<Permission> permissions = simpleRole.getPermissions(); // check the permissions one by one for (Permission permission : permissions) { if (permission.implies(neededPermission)) { if (logger.isDebugEnabled()) { logger.debug("Granted access by permission " + permission.toString()); } return AuthOutcome.OK; } } if (logger.isDebugEnabled()) { logger.debug("Role " + roleName + " does not allow " + neededPermissionString); } } } return AuthOutcome.FAILED; }