1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 package org.apache.shiro.authz; 20 21 import java.util.Collection; 22 import java.util.HashSet; 23 import java.util.Set; 24 25 /** 26 * Simple POJO implementation of the {@link AuthorizationInfo} interface that stores roles and permissions as internal 27 * attributes. 28 * 29 * @see org.apache.shiro.realm.AuthorizingRealm 30 * @since 0.9 31 */ 32 public class SimpleAuthorizationInfo implements AuthorizationInfo { 33 34 /** 35 * The internal roles collection. 36 */ 37 protected Set<String> roles; 38 39 /** 40 * Collection of all string-based permissions associated with the account. 41 */ 42 protected Set<String> stringPermissions; 43 44 /** 45 * Collection of all object-based permissions associated with the account. 46 */ 47 protected Set<Permission> objectPermissions; 48 49 /** 50 * Default no-argument constructor. 51 */ 52 public SimpleAuthorizationInfo() { 53 } 54 55 /** 56 * Creates a new instance with the specified roles and no permissions. 57 * @param roles the roles assigned to the realm account. 58 */ 59 public SimpleAuthorizationInfo(Set<String> roles) { 60 this.roles = roles; 61 } 62 63 public Set<String> getRoles() { 64 return roles; 65 } 66 67 /** 68 * Sets the roles assigned to the account. 69 * @param roles the roles assigned to the account. 70 */ 71 public void setRoles(Set<String> roles) { 72 this.roles = roles; 73 } 74 75 /** 76 * Adds (assigns) a role to those associated with the account. If the account doesn't yet have any roles, a 77 * new roles collection (a Set) will be created automatically. 78 * @param role the role to add to those associated with the account. 79 */ 80 public void addRole(String role) { 81 if (this.roles == null) { 82 this.roles = new HashSet<String>(); 83 } 84 this.roles.add(role); 85 } 86 87 /** 88 * Adds (assigns) multiple roles to those associated with the account. If the account doesn't yet have any roles, a 89 * new roles collection (a Set) will be created automatically. 90 * @param roles the roles to add to those associated with the account. 91 */ 92 public void addRoles(Collection<String> roles) { 93 if (this.roles == null) { 94 this.roles = new HashSet<String>(); 95 } 96 this.roles.addAll(roles); 97 } 98 99 public Set<String> getStringPermissions() { 100 return stringPermissions; 101 } 102 103 /** 104 * Sets the string-based permissions assigned directly to the account. The permissions set here, in addition to any 105 * {@link #getObjectPermissions() object permissions} constitute the total permissions assigned directly to the 106 * account. 107 * 108 * @param stringPermissions the string-based permissions assigned directly to the account. 109 */ 110 public void setStringPermissions(Set<String> stringPermissions) { 111 this.stringPermissions = stringPermissions; 112 } 113 114 /** 115 * Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any 116 * direct permissions, a new permission collection (a Set<String>) will be created automatically. 117 * @param permission the permission to add to those directly assigned to the account. 118 */ 119 public void addStringPermission(String permission) { 120 if (this.stringPermissions == null) { 121 this.stringPermissions = new HashSet<String>(); 122 } 123 this.stringPermissions.add(permission); 124 } 125 126 /** 127 * Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet 128 * have any string-based permissions, a new permissions collection (a Set<String>) will be created automatically. 129 * @param permissions the permissions to add to those associated directly with the account. 130 */ 131 public void addStringPermissions(Collection<String> permissions) { 132 if (this.stringPermissions == null) { 133 this.stringPermissions = new HashSet<String>(); 134 } 135 this.stringPermissions.addAll(permissions); 136 } 137 138 public Set<Permission> getObjectPermissions() { 139 return objectPermissions; 140 } 141 142 /** 143 * Sets the object-based permissions assigned directly to the account. The permissions set here, in addition to any 144 * {@link #getStringPermissions() string permissions} constitute the total permissions assigned directly to the 145 * account. 146 * 147 * @param objectPermissions the object-based permissions assigned directly to the account. 148 */ 149 public void setObjectPermissions(Set<Permission> objectPermissions) { 150 this.objectPermissions = objectPermissions; 151 } 152 153 /** 154 * Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any 155 * direct permissions, a new permission collection (a Set<{@link Permission Permission}>) will be created automatically. 156 * @param permission the permission to add to those directly assigned to the account. 157 */ 158 public void addObjectPermission(Permission permission) { 159 if (this.objectPermissions == null) { 160 this.objectPermissions = new HashSet<Permission>(); 161 } 162 this.objectPermissions.add(permission); 163 } 164 165 /** 166 * Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet 167 * have any object-based permissions, a new permissions collection (a Set<{@link Permission Permission}>) 168 * will be created automatically. 169 * @param permissions the permissions to add to those associated directly with the account. 170 */ 171 public void addObjectPermissions(Collection<Permission> permissions) { 172 if (this.objectPermissions == null) { 173 this.objectPermissions = new HashSet<Permission>(); 174 } 175 this.objectPermissions.addAll(permissions); 176 } 177 }