public class SimpleAuthorizationInfo extends Object implements AuthorizationInfo
AuthorizationInfo
interface that stores roles and permissions as internal
attributes.AuthorizingRealm
,
Serialized FormModifier and Type | Field and Description |
---|---|
protected Set<Permission> |
objectPermissions
Collection of all object-based permissions associated with the account.
|
protected Set<String> |
roles
The internal roles collection.
|
protected Set<String> |
stringPermissions
Collection of all string-based permissions associated with the account.
|
Constructor and Description |
---|
SimpleAuthorizationInfo()
Default no-argument constructor.
|
SimpleAuthorizationInfo(Set<String> roles)
Creates a new instance with the specified roles and no permissions.
|
Modifier and Type | Method and Description |
---|---|
void |
addObjectPermission(Permission permission)
Adds (assigns) a permission to those directly associated with the account.
|
void |
addObjectPermissions(Collection<Permission> permissions)
Adds (assigns) multiple permissions to those associated directly with the account.
|
void |
addRole(String role)
Adds (assigns) a role to those associated with the account.
|
void |
addRoles(Collection<String> roles)
Adds (assigns) multiple roles to those associated with the account.
|
void |
addStringPermission(String permission)
Adds (assigns) a permission to those directly associated with the account.
|
void |
addStringPermissions(Collection<String> permissions)
Adds (assigns) multiple permissions to those associated directly with the account.
|
Set<Permission> |
getObjectPermissions()
Returns all type-safe
Permission s assigned to the corresponding Subject. |
Set<String> |
getRoles()
Returns the names of all roles assigned to a corresponding Subject.
|
Set<String> |
getStringPermissions()
Returns all string-based permissions assigned to the corresponding Subject.
|
void |
setObjectPermissions(Set<Permission> objectPermissions)
Sets the object-based permissions assigned directly to the account.
|
void |
setRoles(Set<String> roles)
Sets the roles assigned to the account.
|
void |
setStringPermissions(Set<String> stringPermissions)
Sets the string-based permissions assigned directly to the account.
|
protected Set<String> stringPermissions
protected Set<Permission> objectPermissions
public SimpleAuthorizationInfo()
public SimpleAuthorizationInfo(Set<String> roles)
roles
- the roles assigned to the realm account.public Set<String> getRoles()
AuthorizationInfo
getRoles
in interface AuthorizationInfo
public void setRoles(Set<String> roles)
roles
- the roles assigned to the account.public void addRole(String role)
role
- the role to add to those associated with the account.public void addRoles(Collection<String> roles)
roles
- the roles to add to those associated with the account.public Set<String> getStringPermissions()
AuthorizationInfo
getObjectPermissions()
represent the total set of permissions
assigned. The aggregate set is used to perform a permission authorization check.
This method is a convenience mechanism that allows Realms to represent permissions as Strings if they choose.
When performing a security check, a Realm
usually converts these strings to object
Permission
s via an internal
PermissionResolver
in order to perform the actual permission check. This is not a requirement of course, since Realm
s
can perform security checks in whatever manner deemed necessary, but this explains the conversion mechanism that
most Shiro Realms execute for string-based permission checks.getStringPermissions
in interface AuthorizationInfo
public void setStringPermissions(Set<String> stringPermissions)
object permissions
constitute the total permissions assigned directly to the
account.stringPermissions
- the string-based permissions assigned directly to the account.public void addStringPermission(String permission)
permission
- the permission to add to those directly assigned to the account.public void addStringPermissions(Collection<String> permissions)
permissions
- the permissions to add to those associated directly with the account.public Set<Permission> getObjectPermissions()
AuthorizationInfo
Permission
s assigned to the corresponding Subject. The permissions
returned from this method plus any returned from getStringPermissions()
represent the total set of permissions. The aggregate set is used to perform a permission authorization check.getObjectPermissions
in interface AuthorizationInfo
Permission
s assigned to the corresponding Subject.public void setObjectPermissions(Set<Permission> objectPermissions)
string permissions
constitute the total permissions assigned directly to the
account.objectPermissions
- the object-based permissions assigned directly to the account.public void addObjectPermission(Permission permission)
Permission
>) will be created automatically.permission
- the permission to add to those directly assigned to the account.public void addObjectPermissions(Collection<Permission> permissions)
Permission
>)
will be created automatically.permissions
- the permissions to add to those associated directly with the account.Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.