Package org.apache.shiro.authz

Class SimpleAuthorizationInfo

    • Field Detail

      • roles

        protected Set<String> roles
        The internal roles collection.

      • stringPermissions

        protected Set<String> stringPermissions
        Collection of all string-based permissions associated with the account.

      • objectPermissions

        protected Set<Permission> objectPermissions
        Collection of all object-based permissions associated with the account.

    • Constructor Detail

      • SimpleAuthorizationInfo

        public SimpleAuthorizationInfo()
        Default no-argument constructor.

      • SimpleAuthorizationInfo

        public SimpleAuthorizationInfo(Set<String> roles)
        Creates a new instance with the specified roles and no permissions.
        Parameters:
        roles - the roles assigned to the realm account.

    • Method Detail

      • getRoles

        public Set<String> getRoles()
        Description copied from interface: AuthorizationInfo
        Returns the names of all roles assigned to a corresponding Subject.
        Specified by:
        getRoles in interface AuthorizationInfo
        Returns:
        the names of all roles assigned to a corresponding Subject.

      • setRoles

        public void setRoles(Set<String> roles)
        Sets the roles assigned to the account.
        Parameters:
        roles - the roles assigned to the account.

      • addRole

        public void addRole(String role)
        Adds (assigns) a role to those associated with the account. If the account doesn't yet have any roles, a new roles collection (a Set) will be created automatically.
        Parameters:
        role - the role to add to those associated with the account.

      • addRoles

        public void addRoles(Collection<String> roles)
        Adds (assigns) multiple roles to those associated with the account. If the account doesn't yet have any roles, a new roles collection (a Set) will be created automatically.
        Parameters:
        roles - the roles to add to those associated with the account.

      • getStringPermissions

        public Set<String> getStringPermissions()
        Description copied from interface: AuthorizationInfo
        Returns all string-based permissions assigned to the corresponding Subject. The permissions here plus those returned from getObjectPermissions() represent the total set of permissions assigned. The aggregate set is used to perform a permission authorization check.

        This method is a convenience mechanism that allows Realms to represent permissions as Strings if they choose. When performing a security check, a Realm usually converts these strings to object Permissions via an internal PermissionResolver in order to perform the actual permission check. This is not a requirement of course, since Realms can perform security checks in whatever manner deemed necessary, but this explains the conversion mechanism that most Shiro Realms execute for string-based permission checks.
        Specified by:
        getStringPermissions in interface AuthorizationInfo
        Returns:
        all string-based permissions assigned to the corresponding Subject.

      • setStringPermissions

        public void setStringPermissions(Set<String> stringPermissions)
        Sets the string-based permissions assigned directly to the account. The permissions set here, in addition to any object permissions constitute the total permissions assigned directly to the account.
        Parameters:
        stringPermissions - the string-based permissions assigned directly to the account.

      • addStringPermission

        public void addStringPermission(String permission)
        Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any direct permissions, a new permission collection (a Set<String>) will be created automatically.
        Parameters:
        permission - the permission to add to those directly assigned to the account.

      • addStringPermissions

        public void addStringPermissions(Collection<String> permissions)
        Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet have any string-based permissions, a new permissions collection (a Set<String>) will be created automatically.
        Parameters:
        permissions - the permissions to add to those associated directly with the account.

      • setObjectPermissions

        public void setObjectPermissions(Set<Permission> objectPermissions)
        Sets the object-based permissions assigned directly to the account. The permissions set here, in addition to any string permissions constitute the total permissions assigned directly to the account.
        Parameters:
        objectPermissions - the object-based permissions assigned directly to the account.

      • addObjectPermission

        public void addObjectPermission(Permission permission)
        Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any direct permissions, a new permission collection (a Set<Permission>) will be created automatically.
        Parameters:
        permission - the permission to add to those directly assigned to the account.

      • addObjectPermissions

        public void addObjectPermissions(Collection<Permission> permissions)
        Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet have any object-based permissions, a new permissions collection (a Set<Permission>) will be created automatically.
        Parameters:
        permissions - the permissions to add to those associated directly with the account.