Package de.businesscode.bcdui.subjectsettings

Class SecurityHelper

  • public class SecurityHelper
extends java.lang.Object
    helper to evaluate shiro security on Security settings

    • Constructor Summary

      Constructors 
      Constructor Description
      SecurityHelper()  

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void checkSecurity​(Security security, java.lang.String forOperationName)
      checks current security context of the user for given operation.
      static void checkSecurity​(Security security, java.lang.String forOperationName, boolean operationNameMandatory)
      checks current security context of the user for given operation.
      static Security.Operation findOperation​(Security security, java.lang.String operationName)  
      static java.util.Set<java.lang.String> getPermissions​(org.apache.shiro.subject.Subject subject, java.lang.String permissionType)
      retrieve list of permissions for given type on the subject.
      static java.util.Set<java.lang.String> getRoles​(org.apache.shiro.subject.Subject subject)
      retrieve list of roles on the subject.
      static org.apache.shiro.session.Session getSession()  
      static java.lang.String getUserId​(org.apache.shiro.authc.AuthenticationInfo authInfo)
      Returns a primary principal by sense of shiro's primary principle.
      static java.lang.String getUserId​(org.apache.shiro.subject.Subject subject)
      Returns a primary principal by sense of shiro's primary principle.
      static java.lang.String getUserLogin​(org.apache.shiro.subject.Subject subject)
      Returns a principal used by user to login into the system or any first principal made available by the realm.
      static boolean hasOperation​(Security security, java.lang.String operationName)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • SecurityHelper

        public SecurityHelper()

    • Method Detail

      • checkSecurity

        public static void checkSecurity​(Security security,
                                 java.lang.String forOperationName)
                          throws SecurityException
        checks current security context of the user for given operation. Security is retrieved via SecurityUtils provided by shiro. Please read specification in subjectsettings.xsd
        Parameters:
        security - to check against
        forOperationName - for operation name (which must be defined in security)
        Throws:
        SecurityException
        NoPermissionException

      • checkSecurity

        public static void checkSecurity​(Security security,
                                 java.lang.String forOperationName,
                                 boolean operationNameMandatory)
                          throws SecurityException
        checks current security context of the user for given operation. Security is retrieved via SecurityUtils provided by shiro. Please read specification in subjectsettings.xsd
        Parameters:
        security - to check against
        forOperationName - for operation name
        operationNameMandatory - if true, and operation name is not found in security, a SecurityException is thrown, otherwise execution passes
        Throws:
        SecurityException
        NoPermissionException

      • getSession

        public static org.apache.shiro.session.Session getSession()
        Returns:
        shiro's Session or null if no exits, does not create a session if there is none

      • hasOperation

        public static boolean hasOperation​(Security security,
                                   java.lang.String operationName)
        Parameters:
        security -
        operationName -
        Returns:
        TRUE if operation definition for operationName is found in security

      • findOperation

        public static Security.Operation findOperation​(Security security,
                                               java.lang.String operationName)
        Parameters:
        security -
        operationName -
        Returns:
        Operation object for given operationName from Security or NULL if none found

      • getUserLogin

        public static java.lang.String getUserLogin​(org.apache.shiro.subject.Subject subject)
        Returns a principal used by user to login into the system or any first principal made available by the realm. Also see getUserId(Subject)
        Parameters:
        subject -
        Returns:
        user login or null if either no subject provided or no such princpial found or subject is not authenticated

      • getUserId

        public static java.lang.String getUserId​(org.apache.shiro.subject.Subject subject)
        Returns a primary principal by sense of shiro's primary principle. When using JdbcRealm this is the technical user id. If you use any other realm the value returned by this method would equal to getUserLogin(Subject)
        Parameters:
        subject -
        Returns:
        user identifier or null if either no subject provided or no such princpial found or subject is not authenticated

      • getUserId

        public static java.lang.String getUserId​(org.apache.shiro.authc.AuthenticationInfo authInfo)
        Returns a primary principal by sense of shiro's primary principle. When using JdbcRealm this is the technical user id. If you use any other realm the value returned by this method would equal to getUserLogin(Subject)
        Parameters:
        authInfo -
        Returns:
        user identifier or null if either no authInfo provided or no principals found or no primary principal found

      • getPermissions

        public static java.util.Set<java.lang.String> getPermissions​(org.apache.shiro.subject.Subject subject,
                                                             java.lang.String permissionType)
        retrieve list of permissions for given type on the subject.
        Parameters:
        subject - the subject must be authenticated
        permissionType - to retrieve permissions for or NULL in order to retrieve full permission set, in such a case the permissions are returned as they are (with full permission domain)
        Returns:
        empty/non-empty set of permissions
        Throws:
        SecurityException - in case the subject is not authenticated

      • getRoles

        public static java.util.Set<java.lang.String> getRoles​(org.apache.shiro.subject.Subject subject)
        retrieve list of roles on the subject.
        Parameters:
        subject - the subject must be authenticated
        Returns:
        empty/non-empty set of permissions
        Throws:
        SecurityException - in case the subject is not authenticated