List of usage examples for org.springframework.security.core GrantedAuthority getAuthority
String getAuthority();
GrantedAuthority
can be represented as a String
and that String
is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String
. From source file:eu.cloud4soa.frontend.commons.server.security.C4sSubjectImpl.java
@Override public boolean hasRole(String role) { if (isLoggedIn()) for (GrantedAuthority authority : getAuthentication().getAuthorities()) if (authority.getAuthority().equals(role)) return true; return false; }
From source file:oobbit.orm.Users.java
public ArrayList<String> getCurrentUserRoles() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); ArrayList<String> asStrings = new ArrayList<>(); for (GrantedAuthority authority : auth.getAuthorities()) { asStrings.add(authority.getAuthority()); }/* w w w . j a v a 2 s . c om*/ return asStrings; }
From source file:org.opendatakit.security.spring.UserImpl.java
UserImpl(String uriUser, String email, String nickName, Collection<? extends GrantedAuthority> groupsAndGrantedAuthorities, Datastore datastore) { this.uriUser = uriUser; this.email = email; this.nickName = nickName; this.datastore = datastore; for (GrantedAuthority g : groupsAndGrantedAuthorities) { if (GrantedAuthorityName.permissionsCanBeAssigned(g.getAuthority())) { groups.add(g);//from ww w. java 2s. c om } } this.directAuthorities.addAll(groupsAndGrantedAuthorities); }
From source file:uk.co.threeonefour.ifictionary.web.user.service.DaoUserService.java
public uk.co.threeonefour.ifictionary.web.user.model.User getLoggedInUser() { // TODO use session Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth != null) { String username = auth.getName(); if (auth.isAuthenticated() && username != null && !username.equals("anonymousUser")) { org.springframework.security.core.userdetails.User userDetails = (org.springframework.security.core.userdetails.User) auth .getPrincipal();//from w ww . j a va 2 s .c o m User user = userDao.findUser(userDetails.getUsername()); List<Role> roles = new ArrayList<Role>(); for (GrantedAuthority authority : userDetails.getAuthorities()) { roles.add(Role.valueOf(authority.getAuthority())); } user.setRoles(roles); return user; } } return null; }
From source file:org.opendatakit.api.users.RoleService.java
@GET @ApiOperation(response = String.class, responseContainer = "List", value = "Returns list of roles granted to the currently authenticated (or anonymous) user.") @Path("granted") @Produces({ MediaType.APPLICATION_JSON, ApiConstants.MEDIA_TEXT_XML_UTF8, ApiConstants.MEDIA_APPLICATION_XML_UTF8 }) public Response getGranted(@Context ServletContext sc, @Context HttpServletRequest req, @Context HttpHeaders httpHeaders) throws IOException { Set<GrantedAuthority> grants = callingContext.getCurrentUser().getDirectAuthorities(); RoleHierarchy rh = (RoleHierarchy) callingContext.getHierarchicalRoleRelationships(); Collection<? extends GrantedAuthority> roles = rh.getReachableGrantedAuthorities(grants); ArrayList<String> roleNames = new ArrayList<String>(); for (GrantedAuthority a : roles) { if (a.getAuthority().startsWith(GrantedAuthorityName.ROLE_PREFIX)) { roleNames.add(a.getAuthority()); }/*from w ww . j ava 2 s .c o m*/ } // Need to set host header? original has // resp.addHeader(HttpHeaders.HOST, cc.getServerURL()); return Response.ok(mapper.writeValueAsString(roleNames)).encoding(BasicConsts.UTF8_ENCODE) .type(MediaType.APPLICATION_JSON) .header(ApiConstants.OPEN_DATA_KIT_VERSION_HEADER, ApiConstants.OPEN_DATA_KIT_VERSION) .header("Access-Control-Allow-Origin", "*").header("Access-Control-Allow-Credentials", "true") .build(); }
From source file:org.apigw.authserver.types.domain.User.java
public Set<String> getUserRolesAsStrings() { Set<String> roles = new HashSet<>(); final Iterator<GrantedAuthority> iterator = userRoles.iterator(); while (iterator.hasNext()) { GrantedAuthority grantedAuthority = iterator.next(); roles.add(grantedAuthority.getAuthority()); }/* w w w . ja v a2 s.c om*/ return roles; }
From source file:architecture.user.security.authentication.impl.DefaultAuthenticationProvider.java
private boolean isGranted(String role) { Authentication auth = getAuthentication(); if ((auth == null) || (auth.getPrincipal() == null)) { return false; }//from ww w. j a va 2 s . c o m Collection<? extends GrantedAuthority> authorities = auth.getAuthorities(); if (authorities == null) { return false; } for (GrantedAuthority grantedAuthority : authorities) { if (role.equals(grantedAuthority.getAuthority())) { return true; } } return false; }
From source file:com.sample.webserviceprocess.security.RoleVoter.java
public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) { int result = ACCESS_ABSTAIN; Collection<? extends GrantedAuthority> authorities = extractAuthorities(authentication); for (ConfigAttribute attribute : attributes) { if (this.supports(attribute)) { result = ACCESS_DENIED;// w w w .j a v a2 s. c o m // Attempt to find a matching granted authority for (GrantedAuthority authority : authorities) { if (attribute.getAttribute().equals(authority.getAuthority())) { return ACCESS_GRANTED; } } } } return result; }
From source file:nz.net.orcon.kanban.security.GravityPermissionEvaluator.java
public boolean isAuthorised(Authentication authentication, Map<String, String> roles, List<String> filter) { if (authentication == null) { LOG.warn("No Authentication"); return false; }/*from ww w . ja v a 2 s . c o m*/ String username = (String) authentication.getPrincipal(); Set<String> teams = new HashSet<String>(); for (GrantedAuthority authority : authentication.getAuthorities()) { teams.add(authority.getAuthority()); } for (Entry<String, String> entry : roles.entrySet()) { if (filter == null || filter.contains(entry.getValue())) { if (username.equals(entry.getKey())) { return true; } if (teams.contains(entry.getKey())) { return true; } } } LOG.warn("Unauthorized: " + username); return false; }
From source file:waffle.spring.DelegatingNegotiateSecurityFilterTest.java
/** * Test the delegating filter ,in case no custom authentication was passed, the filter would store the auth in the * security context./*w ww.jav a 2 s.c o m*/ * * @throws IOException * Signals that an I/O exception has occurred. * @throws ServletException * the servlet exception */ @Test public void testNegotiate() throws IOException, ServletException { final String securityPackage = "Negotiate"; final SimpleFilterChain filterChain = new SimpleFilterChain(); final SimpleHttpRequest request = new SimpleHttpRequest(); final String clientToken = Base64.getEncoder() .encodeToString(WindowsAccountImpl.getCurrentUsername().getBytes(StandardCharsets.UTF_8)); request.addHeader("Authorization", securityPackage + " " + clientToken); final SimpleHttpResponse response = new SimpleHttpResponse(); this.filter.doFilter(request, response, filterChain); final Authentication auth = SecurityContextHolder.getContext().getAuthentication(); Assertions.assertNotNull(auth); final Collection<? extends GrantedAuthority> authorities = auth.getAuthorities(); Assertions.assertNotNull(authorities); Assertions.assertEquals(3, authorities.size()); final List<String> list = new ArrayList<>(); for (final GrantedAuthority grantedAuthority : authorities) { list.add(grantedAuthority.getAuthority()); } Collections.sort(list); Assertions.assertEquals("ROLE_EVERYONE", list.get(0)); Assertions.assertEquals("ROLE_USER", list.get(1)); Assertions.assertEquals("ROLE_USERS", list.get(2)); Assertions.assertEquals(0, response.getHeaderNamesSize()); }