Example usage for org.apache.shiro.authz SimpleAuthorizationInfo getObjectPermissions

List of usage examples for org.apache.shiro.authz SimpleAuthorizationInfo getObjectPermissions

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.authz.*
  5. SimpleAuthorizationInfo
  6. getObjectPermissions

Introduction

In this page you can find the example usage for org.apache.shiro.authz SimpleAuthorizationInfo getObjectPermissions.

Prototype

public Set<Permission> getObjectPermissions()

Source Link

Usage

From source file:com.stormpath.shiro.realm.ApplicationRealm.java

License:Apache License

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    assertState();//w  ww  .java  2  s.  c  om

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    String href = getAccountHref(principals);

    //TODO resource expansion (account + groups in one request instead of two):
    Account account = getClient().getDataStore().getResource(href, Account.class);

    GroupList groups = account.getGroups();

    for (Group group : groups) {
        Set<String> groupRoles = resolveRoles(group);
        for (String roleName : groupRoles) {
            info.addRole(roleName);
        }

        Set<Permission> permissions = resolvePermissions(group);
        for (Permission permission : permissions) {
            info.addObjectPermission(permission);
        }
    }

    //since 0.3:
    Set<String> accountRoles = resolveRoles(account);
    for (String roleName : accountRoles) {
        info.addRole(roleName);
    }

    //since 0.3:
    Set<Permission> accountPermissions = resolvePermissions(account);
    for (Permission permission : accountPermissions) {
        info.addObjectPermission(permission);
    }

    if (CollectionUtils.isEmpty(info.getRoles()) && CollectionUtils.isEmpty(info.getObjectPermissions())
            && CollectionUtils.isEmpty(info.getStringPermissions())) {
        //no authorization data associated with the Account
        return null;
    }

    return info;
}

From source file:StormpathShiro.src.main.java.com.stormpath.shiro.realm.ApplicationRealm.java

License:Apache License

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    assertState();/*www .  j  a  v a2  s  .  co  m*/

    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    String href = getAccountHref(principals);

    //TODO resource expansion (account + groups in one request instead of two):
    Account account = getClient().getDataStore().getResource(href, Account.class);

    GroupList groups = account.getGroups();

    for (Group group : groups) {
        Set<String> groupRoles = resolveRoles(group);
        for (String roleName : groupRoles) {
            info.addRole(roleName);
        }

        Set<Permission> permissions = resolvePermissions(group);
        for (Permission permission : permissions) {
            info.addObjectPermission(permission);
        }
    }

    //since 0.3:
    Set<String> accountRoles = resolveRoles(account);
    for (String roleName : accountRoles) {
        info.addRole(roleName);
    }

    //since 0.3:
    Set<Permission> accountPermissions = resolvePermissions(account);
    for (Permission permission : accountPermissions) {
        info.addObjectPermission(permission);
    }

    if (CollectionUtils.isEmpty(info.getRoles()) && CollectionUtils.isEmpty(info.getObjectPermissions())
            && CollectionUtils.isEmpty(info.getStringPermissions())) {
        //no authorization data associated with the Account
        return null;
    }

    return info;
}