shiro mgt包下AuthorizingSecurityManager类

2021SC@SDUSC
Shiro 支持委托所有的 SecurityManager 类层次结构对包装的链接 Authorizer 实例的授权访问控制操作。这个类实现了 SecurityManager 接口中的所有 Authorizer 方法，但实际上，这些方法只是对底层的Authorizer 实例的传递调用。

类继承图如下

此 SecurityManager 实例将用于执行所有身份验证操作的内部 Authenticator mdelegate 实例。

private Authorizer authorizer;

public AuthorizingSecurityManager() {
        super();
        this.authorizer = new ModularRealmAuthorizer();
    }

构造方法

得到 Authorizer

手动设置Authorizer

protected void afterRealmsSet() {
        super.afterRealmsSet();
        if (this.authenticator instanceof ModularRealmAuthenticator) {
            ((ModularRealmAuthenticator) this.authenticator).setRealms(getRealms());
        }
    }

将realm传递给内部委托 Authenticator 实例，以便它可以在身份验证尝试期间使用它们。

public void destroy() {
        LifecycleUtils.destroy(getAuthenticator());
        this.authenticator = null;
        super.destroy();
    }

销毁authenticator对象

public boolean isPermitted(PrincipalCollection principals, String permissionString) {
        return this.authorizer.isPermitted(principals, permissionString);
    }

查看authorizer是否被principals允许
其中可以：
传入(PrincipalCollection principals, Permission permission) 返回boolean
传入(PrincipalCollection principals, String… permissions) 返回boolean数组
传入(PrincipalCollection principals, List permissions) 返回boolean 数组

public boolean isPermittedAll(PrincipalCollection principals, String... permissions) {
        return this.authorizer.isPermittedAll(principals, permissions);
    }

查看authorizer是否拥有全部的权限
其中还可以传入(PrincipalCollection principals, Collection permissions) 返回boolean

public void checkPermission(PrincipalCollection principals, String permission) throws AuthorizationException {
        this.authorizer.checkPermission(principals, permission);
    }

检查authorizer是否拥有permission对象
其中还可以传入(PrincipalCollection principals, Permission permission)
传入(PrincipalCollection principals, String… permissions)
或者传入(PrincipalCollection principals, Collection permissions)

public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
        return this.authorizer.hasRole(principals, roleIdentifier);
    }

检查authorizer是否拥有某一个role对象

public boolean hasAllRoles(PrincipalCollection principals, Collection roleIdentifiers) {
        return this.authorizer.hasAllRoles(principals, roleIdentifiers);
    }

检查authorizer是否拥有全部的role对象

public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException {
        this.authorizer.checkRole(principals, role);
    }

检查某个role对象是否拥有权限

public void checkRoles(PrincipalCollection principals, Collection roles) throws AuthorizationException {
        this.authorizer.checkRoles(principals, roles);
    }

检查所有roles是否拥有权限
其中还可以传入(PrincipalCollection principals, String… roles)