/** * Iterates over the internal {@link #getMethodInterceptors() methodInterceptors} collection, and for each one, * ensures that if the interceptor * {@link AuthorizingAnnotationMethodInterceptor#supports(org.apache.shiro.aop.MethodInvocation) supports} * the invocation, that the interceptor * {@link AuthorizingAnnotationMethodInterceptor#assertAuthorized(org.apache.shiro.aop.MethodInvocation) asserts} * that the invocation is authorized to proceed. */ protected void assertAuthorized(MethodInvocation methodInvocation) throws AuthorizationException { //default implementation just ensures no deny votes are cast: Collection<AuthorizingAnnotationMethodInterceptor> aamis = getMethodInterceptors(); if (aamis != null && !aamis.isEmpty()) { for (AuthorizingAnnotationMethodInterceptor aami : aamis) { if (aami.supports(methodInvocation)) { aami.assertAuthorized(methodInvocation); } } } } }
/** * Creates a Shiro {@link MethodInvocation MethodInvocation} instance and then immediately calls * {@link org.apache.shiro.authz.aop.AuthorizingMethodInterceptor#invoke super.invoke}. * * @param methodInvocation the AOP Alliance-specific <code>methodInvocation</code> instance. * @return the return value from invoking the method invocation. * @throws Throwable if the underlying AOP Alliance method invocation throws a <code>Throwable</code>. */ public Object invoke(MethodInvocation methodInvocation) throws Throwable { org.apache.shiro.aop.MethodInvocation mi = createMethodInvocation(methodInvocation); return super.invoke(mi); } }
public void assertAuthorized(final Object resource, final Method handler) throws AuthorizationException { super.assertAuthorized(new MethodInvocation() { @Override public Object proceed() throws Throwable { return null; } @Override public Method getMethod() { return handler; } @Override public Object[] getArguments() { return new Object[0]; } @Override public Object getThis() { return resource; } }); } }
public void assertAuthorized(final Object resource, final Method handler) throws AuthorizationException { super.assertAuthorized(new MethodInvocation() { @Override public Object proceed() throws Throwable { return null; } @Override public Method getMethod() { return handler; } @Override public Object[] getArguments() { return new Object[0]; } @Override public Object getThis() { return resource; } }); } }
public void assertAuthorized(final ExecutionContext context) throws AuthorizationException { super.assertAuthorized(new MethodInvocation() { @Override public Object proceed() throws Throwable { return null; } @Override public Method getMethod() { return context.getHandler(); } @Override public Object[] getArguments() { return new Object[0]; } @Override public Object getThis() { return context.getActionBean(); } }); } }
/** * Performs the method interception of the before advice at the specified joint point. * * @param aJoinPoint The joint point to intercept. * @throws Throwable If an error occurs berforming the method invocation. */ protected void performBeforeInterception(JoinPoint aJoinPoint) throws Throwable { if (log.isTraceEnabled()) log.trace("#### Invoking a method decorated with a Shiro annotation" + "\n\tkind : " + aJoinPoint.getKind() + "\n\tjoinPoint : " + aJoinPoint + "\n\tannotations: " + Arrays.toString(((MethodSignature) aJoinPoint.getSignature()).getMethod().getAnnotations()) + "\n\ttarget : " + aJoinPoint.getTarget() ); // 1. Adapt the join point into a method invocation BeforeAdviceMethodInvocationAdapter mi = BeforeAdviceMethodInvocationAdapter.createFrom(aJoinPoint); // 2. Delegate the authorization of the method call to the super class super.invoke(mi); } }
/** * Iterates over the internal {@link #getMethodInterceptors() methodInterceptors} collection, and for each one, * ensures that if the interceptor * {@link AuthorizingAnnotationMethodInterceptor#supports(org.apache.shiro.aop.MethodInvocation) supports} * the invocation, that the interceptor * {@link AuthorizingAnnotationMethodInterceptor#assertAuthorized(org.apache.shiro.aop.MethodInvocation) asserts} * that the invocation is authorized to proceed. */ protected void assertAuthorized(MethodInvocation methodInvocation) throws AuthorizationException { //default implementation just ensures no deny votes are cast: Collection<AuthorizingAnnotationMethodInterceptor> aamis = getMethodInterceptors(); if (aamis != null && !aamis.isEmpty()) { for (AuthorizingAnnotationMethodInterceptor aami : aamis) { if (aami.supports(methodInvocation)) { aami.assertAuthorized(methodInvocation); } } } } }
public void assertAuthorized(final Object resource, final Method handler) throws AuthorizationException { super.assertAuthorized(new MethodInvocation() { @Override public Object proceed() throws Throwable { return null; } @Override public Method getMethod() { return handler; } @Override public Object[] getArguments() { return new Object[handler.getParameterTypes().length]; } @Override public Object getThis() { return resource; } }); } }
/** * Creates a Shiro {@link MethodInvocation MethodInvocation} instance and then immediately calls * {@link org.apache.shiro.authz.aop.AuthorizingMethodInterceptor#invoke super.invoke}. * * @param methodInvocation the AOP Alliance-specific <code>methodInvocation</code> instance. * @return the return value from invoking the method invocation. * @throws Throwable if the underlying AOP Alliance method invocation throws a <code>Throwable</code>. */ public Object invoke(MethodInvocation methodInvocation) throws Throwable { org.apache.shiro.aop.MethodInvocation mi = createMethodInvocation(methodInvocation); return super.invoke(mi); } }
/** * Iterates over the internal {@link #getMethodInterceptors() methodInterceptors} collection, and for each one, * ensures that if the interceptor * {@link AuthorizingAnnotationMethodInterceptor#supports(org.apache.shiro.aop.MethodInvocation) supports} * the invocation, that the interceptor * {@link AuthorizingAnnotationMethodInterceptor#assertAuthorized(org.apache.shiro.aop.MethodInvocation) asserts} * that the invocation is authorized to proceed. */ protected void assertAuthorized(MethodInvocation methodInvocation) throws AuthorizationException { //default implementation just ensures no deny votes are cast: Collection<AuthorizingAnnotationMethodInterceptor> aamis = getMethodInterceptors(); if (aamis != null && !aamis.isEmpty()) { for (AuthorizingAnnotationMethodInterceptor aami : aamis) { if (aami.supports(methodInvocation)) { aami.assertAuthorized(methodInvocation); } } } } }
/** * Performs the method interception of the before advice at the specified joint point. * * @param aJoinPoint The joint point to intercept. * @throws Throwable If an error occurs berforming the method invocation. */ protected void performBeforeInterception(JoinPoint aJoinPoint) throws Throwable { if (log.isTraceEnabled()) log.trace("#### Invoking a method decorated with a Shiro annotation" + "\n\tkind : " + aJoinPoint.getKind() + "\n\tjoinPoint : " + aJoinPoint + "\n\tannotations: " + Arrays.toString(((MethodSignature) aJoinPoint.getSignature()).getMethod().getAnnotations()) + "\n\ttarget : " + aJoinPoint.getTarget() ); // 1. Adapt the join point into a method invocation BeforeAdviceMethodInvocationAdapter mi = BeforeAdviceMethodInvocationAdapter.createFrom(aJoinPoint); // 2. Delegate the authorization of the method call to the super class super.invoke(mi); } }