adding roles and adding permissions

Thu, 21 Mar 2013 06:40:54 -0700 

Folks, My domain model it thoroughly fortified with java code to supply 
sufficient roles and perms. So in my authentication method I attempt to add 
them. Can someone confirm this for me? My security model is simple...psuedo 
semantics follow:here are my users - administrator - anonymous here are my 
roles - administrator - anonymous here are my perms - create - read - update - 
delete Les said name collisions are fine with the above. But in my code I 
attempt to add these into shiro during authorization as follows. PERMS 
Question: do I need to embellish and manipulate the strings as they are added ? 
you know like CLASS:PERM:INSTANCE as in String permString = "*:" + 
permission.name() + ":*";
or will shiro take care of this for me? can I just add it like  String 
permString = permission.name();
   if (!principals.fromRealm(getName()).isEmpty()) 
info.addStringPermission(permString);
 Is there any difference in adding roles? Or can I just throw the string at 
shiro and be done with it? This is how I am doing it...
 // do roles
 Set<String> rroles = new HashSet<String>(user.getRoles().size());
 Set<Role> roles = user.getRoles();
 for (Role role : roles)
  rroles.add(role.name());  
 SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(rroles);
 
 // do permissions
 Set<Permission> permissions = user.getPermissions();
 for (Permission permission : permissions) {
  //String permString = "*:" + permission.name() + ":*";
  String permString = permission.name();
  if (!principals.fromRealm(getName()).isEmpty()) 
info.addStringPermission(permString);
 }
 return info;
}  below is my full method -----------------------------------------protected 
AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals)
{
 if (principals == null)
  throw new AuthorizationException("PrincipalCollection was null, which should 
not happen"); if (principals.isEmpty())
 {
  System.out.println("principals collection is empty");
  return null;
 }
 
 if (principals.fromRealm(getName()).size() <= 0)
 {
  System.out.println("principals from realm collection is empty");
  return null;
 }
 
 Person user = applicationStateManager.get(Person.class);
 
 // do roles
 Set<String> rroles = new HashSet<String>(user.getRoles().size());
 Set<Role> roles = user.getRoles();
 for (Role role : roles)
  rroles.add(role.name());  
 SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(rroles);
 
 // do permissions
 Set<Permission> permissions = user.getPermissions();
 for (Permission permission : permissions) {
  //String permString = "*:" + permission.name() + ":*";
  String permString = permission.name();
  if (!principals.fromRealm(getName()).isEmpty()) 
info.addStringPermission(permString);
 }
 return info;
}

Reply via email to