Package com.google.code.lightssh.common.support.shiro

Source Code of com.google.code.lightssh.common.support.shiro.MyPermissionsAuthorizationFilter

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
package com.google.code.lightssh.common.support.shiro;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.RegExPatternMatcher;
import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
* 支持 URL使用正则表达式
* @author YangXiaojin
*
*/
public class MyPermissionsAuthorizationFilter extends PermissionsAuthorizationFilter{
 
    private static final Logger log = LoggerFactory.getLogger(MyPermissionsAuthorizationFilter.class);
   
  /**
   * 正式表达式匹配
   */
    protected boolean regexExpMatcher = false;
   
    /**
     * 临时授权服务
     */
    protected TemporaryAuthorizationService tempAuthService = new TemporaryAuthorizationService(){
    public boolean authorize(String[] perms,ServletRequest request) {
      return false;
    }
    };
   
    public void setTempAuthService(TemporaryAuthorizationService tempAuthService) {
    this.tempAuthService = tempAuthService;
  }

  public MyPermissionsAuthorizationFilter( ){
    this( true );
  }
 
  public MyPermissionsAuthorizationFilter( boolean regexExp ){
    super();
   
    this.regexExpMatcher = regexExp;
    if( regexExp ){
      pathMatcher = new RegExPatternMatcher();
    }
  }
 
    protected boolean pathsMatch(String pattern, ServletRequest request) {
        String requestURI = getPathWithinApplication(request);
        if( request instanceof HttpServletRequest ){
          String queryString = ((HttpServletRequest)request).getQueryString();
          if( regexExpMatcher && !StringUtils.isEmpty(queryString) )
            requestURI += ("?"+queryString);
        }
       
        String regex = pattern;
        if( regexExpMatcher )
          regex = MyPathMatchingFilterChainResolver.replacePattern(pattern);
       
        if (log.isTraceEnabled()) {
            log.trace((regexExpMatcher?"正则":"ANT")+"规则[" + regex
                + "]与当前请求地址[" + requestURI + "]...");
        }
       
        return pathsMatch(regex, requestURI);
    }
   
    /**
     * 是否允许访问
     */
    public boolean isAccessAllowed(ServletRequest request,
        ServletResponse response, Object mappedValue) throws IOException {

        Subject subject = getSubject(request, response);
        String[] perms = (String[]) mappedValue;
       

        boolean isPermitted = true;
        if(perms != null && perms.length > 0) {
          boolean tempAuthed = tempAuthService.authorize(perms,request);
         
            if (perms.length == 1) {
                if(!(tempAuthed || subject.isPermitted(perms[0]))) {
                    isPermitted = false;
                }
            }else{
                if(!(tempAuthed || subject.isPermittedAll(perms))) {
                    isPermitted = false;
                }
            }
        }

        return isPermitted;
    }

}
TOP

Related Classes of com.google.code.lightssh.common.support.shiro.MyPermissionsAuthorizationFilter

  • org.apache.shiro.subject.Subject
  • org.apache.shiro.util.RegExPatternMatcher
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.