Here are the examples of the java api org.springframework.security.access.ConfigAttribute taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.
93 Examples
19
Source : CustomAccessDecisionManager.java
with Apache License 2.0
from zhouxx
with Apache License 2.0
from zhouxx
public boolean supports(ConfigAttribute attribute) {
return true;
}
19
Source : AuthenticationService.java
with Apache License 2.0
from zhoutaoo
with Apache License 2.0
from zhoutaoo
/**
* url对应资源与用户拥有资源进行匹配
*
* @param urlConfigAttribute
* @param userResources
* @return
*/
public boolean isMatch(ConfigAttribute urlConfigAttribute, Set<Resource> userResources) {
return userResources.stream().anyMatch(resource -> resource.getCode().equals(urlConfigAttribute.getAttribute()));
}
19
Source : AccessPredicateVoter.java
with MIT License
from yidongnan
with MIT License
from yidongnan
/**
* Finds the first AccessPredicateConfigAttribute in the given collection.
*
* @param attributes The attributes to search in.
* @return The first found AccessPredicateConfigAttribute or null, if no such elements were found.
*/
private AccessPredicateConfigAttribute find(final Collection<ConfigAttribute> attributes) {
for (final ConfigAttribute attribute : attributes) {
if (attribute instanceof AccessPredicateConfigAttribute) {
return (AccessPredicateConfigAttribute) attribute;
}
}
return null;
}
19
Source : SecurityUtil.java
with Apache License 2.0
from Pardus-Engerek
with Apache License 2.0
from Pardus-Engerek
public static Collection<String> getActions(Collection<ConfigAttribute> configAttributes) {
Collection<String> actions = new ArrayList<String>(configAttributes.size());
for (ConfigAttribute attr : configAttributes) {
actions.add(attr.getAttribute());
}
return actions;
}
19
Source : UnlockedVoter.java
with MIT License
from PaperMC
with MIT License
from PaperMC
private UnlockedAttribute findUnlockedAttribute(Collection<ConfigAttribute> attributes) {
for (ConfigAttribute attribute : attributes) {
if (attribute instanceof UnlockedAttribute) {
return (UnlockedAttribute) attribute;
}
}
return null;
}
19
Source : UrlRoleVoter.java
with Apache License 2.0
from muxiangqiu
with Apache License 2.0
from muxiangqiu
public boolean supports(ConfigAttribute attribute) {
if ((attribute.getAttribute() != null) && attribute.getAttribute().startsWith(getRolePrefix())) {
return true;
} else {
return false;
}
}
19
Source : ExpressionVoter.java
with MIT License
from jobmission
with MIT License
from jobmission
private ExpressionConfigAttribute findConfigAttribute(Collection<ConfigAttribute> attributes) {
for (ConfigAttribute attribute : attributes) {
if (attribute instanceof ExpressionConfigAttribute) {
return (ExpressionConfigAttribute) attribute;
}
}
return null;
}
19
Source : AppFilterInvocationSecurityMetadataSource.java
with GNU General Public License v3.0
from chenCmengmengda
with GNU General Public License v3.0
from chenCmengmengda
/**
* 自定义方法。最好在项目启动时,去数据库查询一次就好。
* 数据库查询一次 权限表出现的所有要拦截的url
*/
public void loadResourceDefine() {
map = new HashMap<>();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
// 去数据库查询 使用dao层。 你使用自己的即可
TbPermissionExample example = new TbPermissionExample();
List<TbPermission> permissions = permissionMapper.selectByExample(example);
TbRoleExample roleExample = new TbRoleExample();
List<TbRole> roles = roleMapper.selectByExample(roleExample);
TbRolePermissionExample rolePermissionExample = new TbRolePermissionExample();
List<TbRolePermissionKey> rolePermissionKeys = rolePermissionMapper.selectByExample(rolePermissionExample);
for (TbRolePermissionKey rolePermissionKey : rolePermissionKeys) {
TbRoleCustom roleCustom = roleMapperCustom.findRolePermissionById(rolePermissionKey.getRoleid());
for (TbPermission permission : roleCustom.getPermissionList()) {
array = new ArrayList<>();
// 下面你可以添加你想要比较的信息过去。 注意的是,需要在用户登录时存储的权限信息一致
cfg = new SecurityConfig("ROLE_" + roleCustom.getRolename());
// 此处添加了资源菜单的名字,例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
array.add(cfg);
// 用权限的getUrl() 作为map的key,用ConfigAttribute的集合作为 value,
map.put(permission.getUrl(), array);
}
}
/*
for(TbPermission permission : permissions) {
array = new ArrayList<>();
//下面你可以添加你想要比较的信息过去。 注意的是,需要在用户登录时存储的权限信息一致
cfg = new SecurityConfig(permission.getPermissionname());
//此处添加了资源菜单的名字,例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
array.add(cfg);
//用权限的getUrl() 作为map的key,用ConfigAttribute的集合作为 value,
map.put(permission.getUrl(), array);
}*/
}
18
Source : UrlAccessDecisionManager.java
with Apache License 2.0
from ztgreat
with Apache License 2.0
from ztgreat
@Override
public boolean supports(ConfigAttribute configAttribute) {
return true;
}
18
Source : MyAccessDecisionManager.java
with MIT License
from zhaopei8948
with MIT License
from zhaopei8948
@Override
public boolean supports(ConfigAttribute attribute) {
return true;
}
18
Source : AccessPredicateVoter.java
with MIT License
from yidongnan
with MIT License
from yidongnan
@Override
public boolean supports(final ConfigAttribute attribute) {
return attribute instanceof AccessPredicateConfigAttribute;
}
18
Source : SpreadsheetAccessDecisionVoter.java
with MIT License
from timtebeek
with MIT License
from timtebeek
@Override
public boolean supports(ConfigAttribute attribute) {
return getProcessDomainObjectClreplaced().getName().equals(attribute.getAttribute());
}
18
Source : MyAccessDecisionManager.java
with MIT License
from smltq
with MIT License
from smltq
/**
* 表示此AccessDecisionManager是否能够处理传递的ConfigAttribute呈现的授权请求
*/
@Override
public boolean supports(ConfigAttribute configAttribute) {
return true;
}
18
Source : MidPointGuiAuthorizationEvaluator.java
with Apache License 2.0
from Pardus-Engerek
with Apache License 2.0
from Pardus-Engerek
@Override
public boolean supports(ConfigAttribute attribute) {
return securityEnforcer.supports(attribute);
}
18
Source : UserLockVoter.java
with MIT License
from PaperMC
with MIT License
from PaperMC
@Override
public boolean supports(ConfigAttribute attribute) {
return attribute instanceof UserLockAttribute;
}
18
Source : HangarPermissionVoter.java
with MIT License
from PaperMC
with MIT License
from PaperMC
@Override
public boolean supports(ConfigAttribute attribute) {
return attribute instanceof PermissionAttribute;
}
18
Source : UnlockedVoter.java
with MIT License
from PaperMC
with MIT License
from PaperMC
@Override
public boolean supports(ConfigAttribute attribute) {
return attribute instanceof UnlockedAttribute;
}
18
Source : HangarDecisionVoter.java
with MIT License
from PaperMC
with MIT License
from PaperMC
@SuppressWarnings("unchecked")
protected final A findAttribute(Collection<ConfigAttribute> attributes) {
for (ConfigAttribute attribute : attributes) {
if (attributeClreplaced.isreplacedignableFrom(attribute.getClreplaced())) {
return (A) attribute;
}
}
return null;
}
18
Source : HangarDecisionVoter.java
with MIT License
from PaperMC
with MIT License
from PaperMC
@Override
public boolean supports(ConfigAttribute attribute) {
return attributeClreplaced.isreplacedignableFrom(attribute.getClreplaced());
}
18
Source : AuthorityVoter.java
with MIT License
from njuro
with MIT License
from njuro
@Override
public boolean supports(ConfigAttribute attribute) {
return attribute instanceof AuthorityAttribute;
}
18
Source : MyAccessDecisionManager.java
with GNU General Public License v3.0
from microacup
with GNU General Public License v3.0
from microacup
/**
* @param attribute
* @return
*/
@Override
public boolean supports(ConfigAttribute attribute) {
return true;
}
18
Source : UrlAccessDecisionManager.java
with GNU General Public License v3.0
from luoye663
with GNU General Public License v3.0
from luoye663
@Override
public boolean supports(ConfigAttribute configAttribute) {
log.info("进入权限判断! ConfigAttribute configAttribute");
return true;
}
18
Source : ExpressionVoter.java
with MIT License
from jobmission
with MIT License
from jobmission
@Override
public boolean supports(ConfigAttribute attribute) {
return attribute instanceof ExpressionConfigAttribute;
}
18
Source : CustomAccessDecisionManager.java
with Apache License 2.0
from huifer
with Apache License 2.0
from huifer
@Override
public boolean supports(ConfigAttribute attribute) {
// 都要设为true
return true;
}
18
Source : AuthorizationService.java
with GNU General Public License v3.0
from GuoGuang
with GNU General Public License v3.0
from GuoGuang
/**
* url对应资源与用户拥有资源进行匹配
* @param urlConfigAttribute
* @param userResources
*/
public boolean isMatch(ConfigAttribute urlConfigAttribute, Set<Resource> userResources) {
boolean isMatchBool = userResources.stream().anyMatch(resource -> resource.getCode().equals(urlConfigAttribute.getAttribute()));
if (!isMatchBool) {
LogBack.error("url编码错误,请检查角色是否有此权限!");
throw new AccessDeniedException("url编码错误,请检查角色是否有此权限!");
}
return true;
}
18
Source : SimpleAccessVoter.java
with BSD 3-Clause "New" or "Revised" License
from dhis2
with BSD 3-Clause "New" or "Revised" License
from dhis2
@Override
public boolean supports(ConfigAttribute configAttribute) {
return configAttribute != null && configAttribute.getAttribute() != null && configAttribute.getAttribute().equals(requiredAuthority);
}
18
Source : ExternalAccessVoter.java
with BSD 3-Clause "New" or "Revised" License
from dhis2
with BSD 3-Clause "New" or "Revised" License
from dhis2
// -------------------------------------------------------------------------
// AccessDecisionVoter Implementation
// -------------------------------------------------------------------------
@Override
public boolean supports(ConfigAttribute attribute) {
return false;
}
18
Source : AbstractPrefixedAccessDecisionVoter.java
with BSD 3-Clause "New" or "Revised" License
from dhis2
with BSD 3-Clause "New" or "Revised" License
from dhis2
// -------------------------------------------------------------------------
// AccessDecisionVoter implementation
// -------------------------------------------------------------------------
@Override
public boolean supports(ConfigAttribute configAttribute) {
boolean result = configAttribute.getAttribute() != null && configAttribute.getAttribute().startsWith(attributePrefix);
log.debug("Supports configAttribute: " + configAttribute + ", " + result + " (" + getClreplaced().getSimpleName() + ")");
return result;
}
18
Source : RoleAccessDecisionManager.java
with MIT License
from ccfish86
with MIT License
from ccfish86
/* (non-Javadoc)
* @see org.springframework.security.access.AccessDecisionManager#supports(org.springframework.security.access.ConfigAttribute)
*/
@Override
public boolean supports(ConfigAttribute arg0) {
// TODO Auto-generated method stub
return false;
}
17
Source : MyInvocationSecurityMetadataSourceService.java
with Apache License 2.0
from luotuo
with Apache License 2.0
from luotuo
/**
* 加载权限表中所有权限
*/
public void loadResourceDefine() {
map = new HashMap<>();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
List<PrivilegeConfig> permissions = privilegeConfigService.findAll();
for (PrivilegeConfig permission : permissions) {
array = new ArrayList<>();
cfg = new SecurityConfig(permission.getName());
// 此处只添加了用户的名字,其实还可以添加更多权限的信息,例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
array.add(cfg);
// 用权限的getUrl() 作为map的key,用ConfigAttribute的集合作为 value,
map.put(permission.getUrl(), array);
}
}
17
Source : AuthenticationServiceTest.java
with Apache License 2.0
from jorrellz
with Apache License 2.0
from jorrellz
@Test
public void testGetConfigAttributesByUrl_假如存在如上资源信息_当请求url存在参数时_那么返回匹配的资源信息() {
AuthenticationService authenticationService = new AuthenticationService(this.resourceConfigAttributes);
ConfigAttribute attributesByUrl = authenticationService.findConfigAttributesByUrl(new HttpServletRequestAuthWrapper(new MockHttpServletRequest(), "/users/1/order", "GET"));
replacedert.replacedertEquals("user_order:view", attributesByUrl.getAttribute());
}
17
Source : AuthenticationServiceTest.java
with Apache License 2.0
from jorrellz
with Apache License 2.0
from jorrellz
@Test
public void testGetConfigAttributesByUrl_假如存在如上资源信息_当请求存在的资源时_那么返回url和method都匹配的资源信息() {
AuthenticationService authenticationService = new AuthenticationService(this.resourceConfigAttributes);
ConfigAttribute attributesByUrl = authenticationService.findConfigAttributesByUrl(new HttpServletRequestAuthWrapper(new MockHttpServletRequest(), "/users", "POST"));
replacedert.replacedertEquals("user_manager:btn_add", attributesByUrl.getAttribute());
}
17
Source : AuthenticationServiceTest.java
with Apache License 2.0
from jorrellz
with Apache License 2.0
from jorrellz
@Test
public void testGetConfigAttributesByUrl_假如存在如上资源信息_当请求不存在method的资源时_那么返回NONEXISTENT_URL() {
AuthenticationService authenticationService = new AuthenticationService(this.resourceConfigAttributes);
ConfigAttribute attributesByUrl = authenticationService.findConfigAttributesByUrl(new HttpServletRequestAuthWrapper(new MockHttpServletRequest(), "/users/1/order", "POST"));
replacedert.replacedertEquals("NONEXISTENT_URL", attributesByUrl.getAttribute());
}
17
Source : AuthAccessDecisionManager.java
with MIT License
from gzmuSoft
with MIT License
from gzmuSoft
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
for (ConfigAttribute configAttribute : configAttributes) {
String needRole = configAttribute.getAttribute();
if (ROLE_NO_AUTH.equals(needRole)) {
throw new AccessDeniedException("权限不足");
}
// 如果是 ROLE_NO_LOGIN 资源,放行
if (ROLE_NO_LOGIN.equals(needRole)) {
return;
}
// 如果是 ROLE_PUBLIC 资源且不是匿名用户,放行
if (ROLE_PUBLIC.equals(needRole) && !roleCondition(authentication, ROLE_ANONYMOUS)) {
return;
}
// 符合条件的,放行
if (roleCondition(authentication, needRole)) {
return;
}
}
throw new AccessDeniedException("权限不足");
}
17
Source : AuthorizationService.java
with GNU General Public License v3.0
from GuoGuang
with GNU General Public License v3.0
from GuoGuang
/**
* 根据url和method查询到对应的权限信息
* @param authRequest request
* @return ConfigAttribute
*/
public ConfigAttribute findConfigAttributesByUrl(HttpServletRequest authRequest) {
ConfigAttribute configAttribute = resourceConfigAttributes.keySet().stream().filter(requestMatcher -> requestMatcher.matches(authRequest)).map(requestMatcher -> resourceConfigAttributes.get(requestMatcher)).peek(urlConfigAttribute -> LogBack.info("url在资源池中配置:{}", urlConfigAttribute.getAttribute())).findFirst().orElse(new SecurityConfig(NONEXISTENT_URL));
return configAttribute;
}
17
Source : AuthorityManager.java
with Apache License 2.0
from Frodez
with Apache License 2.0
from Frodez
/**
* 权限匹配管理器
* @author Frodez
* @date 2018-12-03
*/
@Component
@DependsOn("contextUtil")
public clreplaced AuthorityManager implements AccessDecisionManager {
private ConfigAttribute defaultDeniedRole;
private void clear() {
defaultDeniedRole = null;
}
@PostConstruct
private void init() {
SecurityProperties properties = ContextUtil.bean(SecurityProperties.clreplaced);
defaultDeniedRole = new SecurityConfig(properties.getAuth().getDeniedRole());
replacedert.notNull(defaultDeniedRole, "defaultDeniedRole must not be null");
}
/**
* 更新权限信息
* @author Frodez
* @date 2019-03-17
*/
public void refresh() {
synchronized (this) {
clear();
init();
}
}
/**
* 判定是否拥有权限<br>
* authentication是UserDetailsServiceImpl中添加到GrantedAuthority中的权限信息.<br>
* object包含客户端请求的request信息,可转换为HttpServletRequest,方法如下:<br>
* request = ((FilterInvocation) object).getHttpRequest()<br>
* attributes是DatabaseSecurityMetadataSource的getAttributes方法的返回值.<br>
* 如果用户不具有请求的url的权限,抛出AccessDeniedException.<br>
* @author Frodez
* @date 2018-12-03
*/
@Override
public void decide(Authentication auth, Object object, Collection<ConfigAttribute> permissions) throws AccessDeniedException, InsufficientAuthenticationException {
FilterInvocation invocation = (FilterInvocation) object;
if (!Matcher.needVerify(invocation.getHttpRequest())) {
// 如果是免验证路径,则直接放行,因为免验证路径下为了防止报错,设置了一个默认的无访问权限
return;
}
// 如果用户不带有权限,说明用户信息可能有问题,必须直接驳回
// 详情见frodez.config.security.filter.TokenFilter.doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
// 和frodez.config.security.user.UserDetailsServiceImpl.loadUserByUsername(String username)方法
if (EmptyUtil.yes(auth.getAuthorities())) {
throw new AccessDeniedException("无访问权限!");
}
// 当包含无访问权限时,直接驳回(此时只有无访问权限一个权限)
if (permissions.contains(defaultDeniedRole)) {
throw new AccessDeniedException("无访问权限!");
}
Set<String> auths = StreamUtil.set(auth.getAuthorities(), GrantedAuthority::getAuthority);
for (ConfigAttribute permission : permissions) {
if (auths.contains(permission.getAttribute())) {
return;
}
}
// 当token携带权限与资源所需访问权限不符时,驳回
throw new AccessDeniedException("无访问权限!");
}
@Override
public boolean supports(ConfigAttribute attribute) {
return true;
}
@Override
public boolean supports(Clreplaced<?> clazz) {
return true;
}
}
17
Source : AppFilterInvocationSecurityMetadataSource.java
with GNU General Public License v3.0
from chenCmengmengda
with GNU General Public License v3.0
from chenCmengmengda
/**
* 自定义方法。最好在项目启动时,去数据库查询一次就好。
* 数据库查询一次 权限表出现的所有要拦截的url
*/
public void loadResourceDefine() {
map = new HashMap<>();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
// 去数据库查询 使用dao层。 你使用自己的即可
TbPermissionExample example = new TbPermissionExample();
List<TbPermission> permissions = permissionMapper.selectByExample(example);
for (TbPermission permission : permissions) {
array = new ArrayList<>();
// 下面你可以添加你想要比较的信息过去。 注意的是,需要在用户登录时存储的权限信息一致
cfg = new SecurityConfig(permission.getPermissionname());
// 此处添加了资源菜单的名字,例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
array.add(cfg);
// 用权限的getUrl() 作为map的key,用ConfigAttribute的集合作为 value,
map.put(permission.getUrl(), array);
}
}
16
Source : CustomSecurityMetadataSource.java
with Apache License 2.0
from zhouxx
with Apache License 2.0
from zhouxx
public Map<RequestMatcher, Collection<ConfigAttribute>> getRequestMatchersPermitAllMap() {
if (CollectionUtils.isEmpty(requestMatchersPermitAllMap)) {
List<AntPathRequestMatcher> requestMatchers = securityBizProperties.getPermitAllPatterns().stream().map(requestMatcher -> new AntPathRequestMatcher(requestMatcher.getPattern(), requestMatcher.getMethod().toString())).collect(Collectors.toList());
for (RequestMatcher requestMatcher : requestMatchers) {
ConfigAttribute configAttribute = new SecurityConfig("ROLE_PUBLIC");
requestMatchersPermitAllMap.put(requestMatcher, Collections.singletonList(configAttribute));
}
}
return requestMatchersPermitAllMap;
}
16
Source : ResourceServiceTest.java
with Apache License 2.0
from zhoutaoo
with Apache License 2.0
from zhoutaoo
@Test
@Ignore
public void testGetConfigAttributesByUrl_假如存在如上资源信息_当请求url存在参数时_那么返回匹配的资源信息() {
ConfigAttribute attributesByUrl = resourceService.findConfigAttributesByUrl(new HttpServletRequestAuthWrapper(new MockHttpServletRequest(), "/users/1/order", "GET"));
replacedert.replacedertEquals("NONEXISTENT_URL", attributesByUrl.getAttribute());
}
16
Source : ResourceServiceTest.java
with Apache License 2.0
from zhoutaoo
with Apache License 2.0
from zhoutaoo
@Test
@Ignore
public void testGetConfigAttributesByUrl_假如存在如上资源信息_当请求存在的资源时_那么返回url和method都匹配的资源信息() {
ConfigAttribute attributesByUrl = resourceService.findConfigAttributesByUrl(new HttpServletRequestAuthWrapper(new MockHttpServletRequest(), "/users", "POST"));
replacedert.replacedertEquals("user_manager:btn_add", attributesByUrl.getAttribute());
}
16
Source : ResourceServiceTest.java
with Apache License 2.0
from zhoutaoo
with Apache License 2.0
from zhoutaoo
@Test
@Ignore
public void testGetConfigAttributesByUrl_假如存在如上资源信息_当请求不存在method的资源时_那么返回NONEXISTENT_URL() {
ConfigAttribute attributesByUrl = resourceService.findConfigAttributesByUrl(new HttpServletRequestAuthWrapper(new MockHttpServletRequest(), "/users/1/order", "POST"));
replacedert.replacedertEquals("NONEXISTENT_URL", attributesByUrl.getAttribute());
}
16
Source : ResourceLocator.java
with MIT License
from uhonliu
with MIT License
from uhonliu
/**
* 加载授权列表
*/
public void loadAuthority() {
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
HashMap<String, Collection<ConfigAttribute>> configAttributes = Maps.newHashMap();
try {
// 查询所有接口
List<AuthorityResource> list = baseAuthorityServiceClient.findAuthorityResource().getData();
if (list != null) {
for (AuthorityResource item : list) {
String path = item.getPath();
if (path == null) {
continue;
}
String fullPath = getFullPath(item.getServiceId(), path);
item.setPath(fullPath);
array = configAttributes.get(fullPath);
if (array == null) {
array = new ArrayList<>();
}
// noinspection SuspiciousMethodCalls
if (!array.contains(item.getAuthority())) {
cfg = new SecurityConfig(item.getAuthority());
array.add(cfg);
}
configAttributes.put(fullPath, array);
}
this.configAttributes.clear();
this.authorityResources.clear();
this.configAttributes = configAttributes;
this.authorityResources = list;
}
log.info("=============加载动态权限:{}==============", this.authorityResources.size());
} catch (Exception e) {
log.error("加载动态权限错误:{}", e.getMessage());
}
}
16
Source : ResourceLocator.java
with MIT License
from uhonliu
with MIT License
from uhonliu
/**
* 加载授权列表
*/
public List<AuthorityResource> loadAuthorityResources() {
List<AuthorityResource> resources = Lists.newArrayList();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
try {
// 查询所有接口
resources = baseAuthorityServiceClient.findAuthorityResource().getData();
if (resources != null) {
for (AuthorityResource item : resources) {
String path = item.getPath();
if (path == null) {
continue;
}
String fullPath = getFullPath(item.getServiceId(), path);
item.setPath(fullPath);
array = configAttributes.get(fullPath);
if (array == null) {
array = new ArrayList<>();
}
if (!array.contains(item.getAuthority())) {
cfg = new SecurityConfig(item.getAuthority());
array.add(cfg);
}
configAttributes.put(fullPath, array);
}
log.info("=============加载动态权限:{}==============", resources.size());
}
} catch (Exception e) {
log.error("加载动态权限错误:{}", e.getMessage());
}
return resources;
}
16
Source : MyInvocationSecurityMetadataSourceService.java
with Apache License 2.0
from realXuJiang
with Apache License 2.0
from realXuJiang
/**
* 加载资源,初始化资源变量
*/
public void loadResourceDefine() {
map = new HashMap<>();
Collection<ConfigAttribute> array;
ConfigAttribute cfg;
List<SysPermission> permissions = permissionRepository.findAll();
for (SysPermission permission : permissions) {
array = new ArrayList<>();
cfg = new SecurityConfig(permission.getName());
array.add(cfg);
map.put(permission.getUrl(), array);
}
}
16
Source : UrlRoleVoter.java
with Apache License 2.0
from muxiangqiu
with Apache License 2.0
from muxiangqiu
public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
if (authentication == null) {
return ACCESS_DENIED;
}
int result = ACCESS_ABSTAIN;
Collection<? extends GrantedAuthority> authorities = extractAuthorities(authentication);
for (ConfigAttribute attribute : attributes) {
if (this.supports(attribute)) {
result = ACCESS_DENIED;
for (GrantedAuthority authority : authorities) {
if (attribute.getAttribute().equals(authority.getAuthority())) {
return ACCESS_GRANTED;
}
}
}
}
return result;
}
16
Source : ComponentRoleVoter.java
with Apache License 2.0
from muxiangqiu
with Apache License 2.0
from muxiangqiu
public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
if (authentication == null) {
return ACCESS_DENIED;
}
if (CollectionUtils.isEmpty(attributes)) {
return ACCESS_GRANTED;
}
int result = ACCESS_ABSTAIN;
Component component = (Component) object;
String componentType = "";
if (component.getComponentType() != null) {
componentType = component.getComponentType().name();
}
Collection<? extends GrantedAuthority> authorities = extractAuthorities(authentication);
for (ConfigAttribute attribute : attributes) {
if (this.supports(attribute)) {
result = ACCESS_DENIED;
for (GrantedAuthority authority : authorities) {
if (attribute.getAttribute().startsWith((authority.getAuthority() + "_" + componentType))) {
return ACCESS_GRANTED;
}
}
}
}
return result;
}
16
Source : LogicalOrAccessDecisionManager.java
with BSD 3-Clause "New" or "Revised" License
from dhis2
with BSD 3-Clause "New" or "Revised" License
from dhis2
@Override
public boolean supports(ConfigAttribute configAttribute) {
for (AccessDecisionManager accessDecisionManager : accessDecisionManagers) {
if (accessDecisionManager.supports(configAttribute)) {
return true;
}
}
return false;
}
15
Source : SpreadsheetAccessDecisionVoter.java
with MIT License
from timtebeek
with MIT License
from timtebeek
@Override
public int vote(Authentication authentication, MethodInvocation methodInvocation, Collection<ConfigAttribute> attributes) {
for (ConfigAttribute configAttribute : attributes) {
if (supports(configAttribute)) {
User principal = (User) authentication.getPrincipal();
Spreadsheet domainObjectInstance = (Spreadsheet) getDomainObjectInstance(methodInvocation);
return hreplacedpreadsheetAccess(principal, domainObjectInstance) ? ACCESS_GRANTED : ACCESS_DENIED;
}
}
return ACCESS_ABSTAIN;
}
15
Source : MyInvocationSecurityMetadataSourceService.java
with MIT License
from smltq
with MIT License
from smltq
/**
* 初始化 所有资源 对应的角色
*/
public void loadResourceDefine() {
map = new HashMap<>(16);
// 权限资源 和 角色对应的表 也就是 角色权限 中间表
List<RolePermisson> rolePermissons = permissionMapper.getRolePermissions();
// 某个资源 可以被哪些角色访问
for (RolePermisson rolePermisson : rolePermissons) {
String url = rolePermisson.getUrl();
String roleName = rolePermisson.getRoleName();
ConfigAttribute role = new SecurityConfig(roleName);
if (map.containsKey(url)) {
map.get(url).add(role);
} else {
List<ConfigAttribute> list = new ArrayList<>();
list.add(role);
map.put(url, list);
}
}
}
15
Source : MyAccessDecisionManager.java
with GNU General Public License v3.0
from microacup
with GNU General Public License v3.0
from microacup
/**
* @param authentication
* @param object
* @param configAttributes
* @throws org.springframework.security.access.AccessDeniedException
* @throws org.springframework.security.authentication.InsufficientAuthenticationException
*/
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) {
if (null == configAttributes || configAttributes.size() <= 0) {
return;
}
for (ConfigAttribute attr : configAttributes) {
String attribute = attr.getAttribute();
for (GrantedAuthority ga : authentication.getAuthorities()) {
if (attribute.equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}
See More Examples