securityutil.java

来自「spring+acegi编写的网上书城」· Java 代码 · 共 65 行

JAVA
65
字号 
package net.livebookstore.security;

import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UserDetails;

public class SecurityUtil {

    public static String getCurrentUsername() {
        String username = getCurrentUsernameOrNull();
        if(username==null)
            throw new AccessDeniedException("Access denied.");
        return username;
    }

    public static String getCurrentUsernameOrNull() {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        return _getUsernameFromAuth(auth);
    }

    public static boolean isAdminRole() {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        return _hasRole(auth, "ROLE_ADMIN");
    }

    public static void assertUsername(String username) {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        _assertUsername(auth, username);
    }

    public static void assertRoleOrUsername(String role, String username) {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        if(!_hasRole(auth, role))
            _assertUsername(auth, username);
    }

    private static String _getUsernameFromAuth(Authentication auth) {
        if(auth==null)
            return null;
        if (auth.getPrincipal() instanceof UserDetails) {
            return ((UserDetails) auth.getPrincipal()).getUsername();
        }
        return auth.getPrincipal().toString();
    }

    private static boolean _hasRole(Authentication auth, String role) {
        if(auth==null)
            return false;
        GrantedAuthority[] gas = auth.getAuthorities();
        for(GrantedAuthority ga : gas) {
            if(ga.getAuthority().equals(role))
                return true;
        }
        return false;
    }

    private static void _assertUsername(Authentication auth, String username) {
        String s = _getUsernameFromAuth(auth);
        if(s==null || !s.equals(username))
            throw new AccessDeniedException("Access denied.");
    }
}

securityutil.java - 源码说明

本页面展示了「spring+acegi编写的网上书城」中的 securityutil.java 源码文件,采用 Java 编程语言编写,共 65 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与spring相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?