@Override public void authorize(ResourcePermission context, Subject currentUser) { if (context == null) { return; } if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) { return; } try { currentUser.checkPermission(context); } catch (ShiroException e) { String msg = currentUser.getPrincipal() + " not authorized for " + context; logger.info("NotAuthorizedException: {}", msg); throw new NotAuthorizedException(msg, e); } }
ResourcePermission permission = new ResourcePermission(); assertThat(Resource.NULL).isEqualTo(permission.getResource()); assertThat(Operation.NULL).isEqualTo(permission.getOperation()); assertThat(ResourcePermission.ALL).isEqualTo(permission.getTarget()); assertThat(Operation.NULL).isEqualTo(permission.getOperation()); assertThat(ResourcePermission.ALL).isEqualTo(permission.getTarget()); assertThat(Operation.NULL).isEqualTo(permission.getOperation()); assertThat(ResourcePermission.ALL).isEqualTo(permission.getTarget()); assertThat(Operation.NULL).isEqualTo(permission.getOperation()); assertThat(ResourcePermission.ALL).isEqualTo(permission.getTarget()); assertThat(Operation.MANAGE).isEqualTo(permission.getOperation()); assertThat("REGIONA").isEqualTo(permission.getTarget()); assertThat(Operation.MANAGE).isEqualTo(permission.getOperation()); assertThat("REGIONA").isEqualTo(permission.getTarget()); assertThat(Operation.MANAGE).isEqualTo(permission.getOperation()); assertThat(ResourcePermission.ALL).isEqualTo(permission.getTarget()); assertThat(Operation.READ).isEqualTo(permission.getOperation()); assertThat("ALL").isEqualTo(permission.getTarget()); assertThat(permission.getOperation()).isEqualTo(Operation.NULL); assertThat(permission.getResourceString()).isEqualTo(ResourcePermission.NULL); assertThat(permission.getOperationString()).isEqualTo(ResourcePermission.NULL);
@Test public void testEmptyConstructor() { ResourcePermission context = new ResourcePermission(); assertThat(Resource.NULL).isEqualTo(context.getResource()); assertThat(Operation.NULL).isEqualTo(context.getOperation()); assertThat(ResourcePermission.ALL).isEqualTo(context.getTarget()); }
@Test public void regionNameIsStripped() { ResourcePermission permission = new ResourcePermission("DATA", "READ", "/regionA"); assertThat(permission.getResource()).isEqualTo(Resource.DATA); assertThat(permission.getOperation()).isEqualTo(Operation.READ); assertThat(permission.getTarget()).isEqualTo("regionA"); assertThat(permission.getKey()).isEqualTo(ResourcePermission.ALL); }
@Override public void authorize(final ResourcePermission context) { if (context == null) { return; } if (context.getResource() == Resource.NULL && context.getOperation() == Operation.NULL) { return; } Subject currentUser = getSubject(); try { currentUser.checkPermission(context); } catch (ShiroException e) { String msg = currentUser.getPrincipal() + " not authorized for " + context; logger.info("NotAuthorizedException: {}", msg); throw new NotAuthorizedException(msg, e); } }