com.roncoo.pay.permission.shiro.realm.OperatorRealm.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.roncoo.pay.permission.shiro.realm.OperatorRealm.java

Introduction

Here is the source code for com.roncoo.pay.permission.shiro.realm.OperatorRealm.java

Source

/*
 * Copyright 2015-2102 RonCoo(http://www.roncoo.com) Group.
 *  
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *  
 *      http://www.apache.org/licenses/LICENSE-2.0
 *  
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.roncoo.pay.permission.shiro.realm;

import java.util.Set;

import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.roncoo.pay.common.core.enums.PublicStatusEnum;
import com.roncoo.pay.permission.entity.PmsOperator;
import com.roncoo.pay.permission.service.PmsOperatorRoleService;
import com.roncoo.pay.permission.service.PmsOperatorService;
import com.roncoo.pay.permission.service.PmsRolePermissionService;

/**
 * realm .
 *
 * www.roncoo.com
 * 
 * @authorshenjialong
 */
public class OperatorRealm extends AuthorizingRealm {

    @Autowired
    private PmsOperatorService pmsOperatorService;
    @Autowired
    private PmsOperatorRoleService pmsOperatorRoleService;
    @Autowired
    private PmsRolePermissionService pmsRolePermissionService;

    @SuppressWarnings("unchecked")
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String loginName = (String) principals.getPrimaryPrincipal();

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

        Subject subject = SecurityUtils.getSubject();
        Session session = subject.getSession();
        PmsOperator operator = (PmsOperator) session.getAttribute("PmsOperator");
        if (operator == null) {
            operator = pmsOperatorService.findOperatorByLoginName(loginName);
            session.setAttribute("PmsOperator", operator);
        }
        // ????
        Long operatorId = operator.getId();

        Set<String> roles = (Set<String>) session.getAttribute("ROLES");
        if (roles == null || roles.isEmpty()) {
            roles = pmsOperatorRoleService.getRoleCodeByOperatorId(operatorId);
            session.setAttribute("ROLES", roles);
        }
        // ?
        authorizationInfo.setRoles(roles);

        Set<String> permisstions = (Set<String>) session.getAttribute("PERMISSIONS");
        if (permisstions == null || permisstions.isEmpty()) {
            permisstions = pmsRolePermissionService.getPermissionsByOperatorId(operatorId);
            session.setAttribute("PERMISSIONS", permisstions);
        }
        // ?????
        authorizationInfo.setStringPermissions(permisstions);
        return authorizationInfo;
    }

    @Override
    // ?
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String loginName = (String) token.getPrincipal();
        if (StringUtils.isEmpty(loginName.trim())) {
            throw new UnknownAccountException();// ??
        }

        // ????
        PmsOperator operator = pmsOperatorService.findOperatorByLoginName(loginName);

        if (operator == null) {
            throw new UnknownAccountException();// ??
        }

        if (PublicStatusEnum.UNACTIVE.equals(operator.getStatus())) {
            throw new LockedAccountException(); // ???
        }

        // AuthenticatingRealmCredentialsMatcher????
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(operator.getLoginName(), // ??
                operator.getLoginPwd(), // ?
                ByteSource.Util.bytes(operator.getCredentialsSalt()), // salt=username+salt
                getName() // realm name
        );

        return authenticationInfo;
    }

    @Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
        super.clearCachedAuthorizationInfo(principals);
    }

    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }

}