Class SimpleAuthorizationInfo

java.lang.Object
org.apache.shiro.authz.SimpleAuthorizationInfo
All Implemented Interfaces:
Serializable, AuthorizationInfo
public class SimpleAuthorizationInfo extends Object implements AuthorizationInfo
Simple POJO implementation of the AuthorizationInfo interface that stores roles and permissions as internal attributes.
Since:
0.9
See Also:

  • Field Details

  • Constructor Details

    • SimpleAuthorizationInfo

      public SimpleAuthorizationInfo()
      Default no-argument constructor.

    • SimpleAuthorizationInfo

      public SimpleAuthorizationInfo(Set<String> roles)
      Creates a new instance with the specified roles and no permissions.
      Parameters:
      roles - the roles assigned to the realm account.

  • Method Details

    • getRoles

      public Set<String> getRoles()
      Description copied from interface: AuthorizationInfo
      Returns the names of all roles assigned to a corresponding Subject.
      Specified by:
      getRoles in interface AuthorizationInfo
      Returns:
      the names of all roles assigned to a corresponding Subject.

    • setRoles

      public void setRoles(Set<String> roles)
      Sets the roles assigned to the account.
      Parameters:
      roles - the roles assigned to the account.

    • addRole

      public void addRole(String role)
      Adds (assigns) a role to those associated with the account. If the account doesn't yet have any roles, a new roles collection (a Set) will be created automatically.
      Parameters:
      role - the role to add to those associated with the account.

    • addRoles

      public void addRoles(Collection<String> roles)
      Adds (assigns) multiple roles to those associated with the account. If the account doesn't yet have any roles, a new roles collection (a Set) will be created automatically.
      Parameters:
      roles - the roles to add to those associated with the account.

    • getStringPermissions

      public Set<String> getStringPermissions()
      Description copied from interface: AuthorizationInfo
      Returns all string-based permissions assigned to the corresponding Subject. The permissions here plus those returned from getObjectPermissions() represent the total set of permissions assigned. The aggregate set is used to perform a permission authorization check.

      This method is a convenience mechanism that allows Realms to represent permissions as Strings if they choose. When performing a security check, a Realm usually converts these strings to object Permissions via an internal PermissionResolver in order to perform the actual permission check. This is not a requirement of course, since Realms can perform security checks in whatever manner deemed necessary, but this explains the conversion mechanism that most Shiro Realms execute for string-based permission checks.

      Specified by:
      getStringPermissions in interface AuthorizationInfo
      Returns:
      all string-based permissions assigned to the corresponding Subject.

    • setStringPermissions

      public void setStringPermissions(Set<String> stringPermissions)
      Sets the string-based permissions assigned directly to the account. The permissions set here, in addition to any object permissions constitute the total permissions assigned directly to the account.
      Parameters:
      stringPermissions - the string-based permissions assigned directly to the account.

    • addStringPermission

      public void addStringPermission(String permission)
      Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any direct permissions, a new permission collection (a Set<String>) will be created automatically.
      Parameters:
      permission - the permission to add to those directly assigned to the account.

    • addStringPermissions

      public void addStringPermissions(Collection<String> permissions)
      Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet have any string-based permissions, a new permissions collection (a Set<String>) will be created automatically.
      Parameters:
      permissions - the permissions to add to those associated directly with the account.

    • getObjectPermissions

      public Set<Permission> getObjectPermissions()
      Description copied from interface: AuthorizationInfo
      Returns all type-safe Permissions assigned to the corresponding Subject. The permissions returned from this method plus any returned from getStringPermissions() represent the total set of permissions. The aggregate set is used to perform a permission authorization check.
      Specified by:
      getObjectPermissions in interface AuthorizationInfo
      Returns:
      all type-safe Permissions assigned to the corresponding Subject.

    • setObjectPermissions

      public void setObjectPermissions(Set<Permission> objectPermissions)
      Sets the object-based permissions assigned directly to the account. The permissions set here, in addition to any string permissions constitute the total permissions assigned directly to the account.
      Parameters:
      objectPermissions - the object-based permissions assigned directly to the account.

    • addObjectPermission

      public void addObjectPermission(Permission permission)
      Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any direct permissions, a new permission collection (a Set<Permission>) will be created automatically.
      Parameters:
      permission - the permission to add to those directly assigned to the account.

    • addObjectPermissions

      public void addObjectPermissions(Collection<Permission> permissions)
      Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet have any object-based permissions, a new permissions collection (a Set<Permission>) will be created automatically.
      Parameters:
      permissions - the permissions to add to those associated directly with the account.