| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>ModularRealmAuthorizer.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Apache Shiro :: Core</a> > <a href="index.source.html" class="el_package">org.apache.shiro.authz</a> > <span class="el_source">ModularRealmAuthorizer.java</span></div><h1>ModularRealmAuthorizer.java</h1><pre class="source lang-java linenums">/* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.shiro.authz; |
| |
| import org.apache.shiro.authz.permission.PermissionResolver; |
| import org.apache.shiro.authz.permission.PermissionResolverAware; |
| import org.apache.shiro.authz.permission.RolePermissionResolver; |
| import org.apache.shiro.authz.permission.RolePermissionResolverAware; |
| import org.apache.shiro.realm.Realm; |
| import org.apache.shiro.subject.PrincipalCollection; |
| |
| import java.util.Collection; |
| import java.util.List; |
| |
| |
| /** |
| * A <tt>ModularRealmAuthorizer</tt> is an <tt>Authorizer</tt> implementation that consults one or more configured |
| * {@link Realm Realm}s during an authorization operation. |
| * |
| * @since 0.2 |
| */ |
| public class ModularRealmAuthorizer implements Authorizer, PermissionResolverAware, RolePermissionResolverAware { |
| |
| /** |
| * The realms to consult during any authorization check. |
| */ |
| protected Collection<Realm> realms; |
| |
| /** |
| * A PermissionResolver to be used by <em>all</em> configured realms. Leave <code>null</code> if you wish |
| * to configure different resolvers for different realms. |
| */ |
| protected PermissionResolver permissionResolver; |
| |
| /** |
| * A RolePermissionResolver to be used by <em>all</em> configured realms. Leave <code>null</code> if you wish |
| * to configure different resolvers for different realms. |
| */ |
| protected RolePermissionResolver rolePermissionResolver; |
| |
| /** |
| * Default no-argument constructor, does nothing. |
| */ |
| <span class="fc" id="L60"> public ModularRealmAuthorizer() {</span> |
| <span class="fc" id="L61"> }</span> |
| |
| /** |
| * Constructor that accepts the <code>Realm</code>s to consult during an authorization check. Immediately calls |
| * {@link #setRealms setRealms(realms)}. |
| * |
| * @param realms the realms to consult during an authorization check. |
| */ |
| <span class="nc" id="L69"> public ModularRealmAuthorizer(Collection<Realm> realms) {</span> |
| <span class="nc" id="L70"> setRealms(realms);</span> |
| <span class="nc" id="L71"> }</span> |
| |
| /** |
| * Returns the realms wrapped by this <code>Authorizer</code> which are consulted during an authorization check. |
| * |
| * @return the realms wrapped by this <code>Authorizer</code> which are consulted during an authorization check. |
| */ |
| public Collection<Realm> getRealms() { |
| <span class="fc" id="L79"> return this.realms;</span> |
| } |
| |
| /** |
| * Sets the realms wrapped by this <code>Authorizer</code> which are consulted during an authorization check. |
| * |
| * @param realms the realms wrapped by this <code>Authorizer</code> which are consulted during an authorization check. |
| */ |
| public void setRealms(Collection<Realm> realms) { |
| <span class="fc" id="L88"> this.realms = realms;</span> |
| <span class="fc" id="L89"> applyPermissionResolverToRealms();</span> |
| <span class="fc" id="L90"> applyRolePermissionResolverToRealms();</span> |
| <span class="fc" id="L91"> }</span> |
| |
| /** |
| * Returns the PermissionResolver to be used on <em>all</em> configured realms, or <code>null</code (the default) |
| * if all realm instances will each configure their own permission resolver. |
| * |
| * @return the PermissionResolver to be used on <em>all</em> configured realms, or <code>null</code (the default) |
| * if realm instances will each configure their own permission resolver. |
| * @since 1.0 |
| */ |
| public PermissionResolver getPermissionResolver() { |
| <span class="fc" id="L102"> return this.permissionResolver;</span> |
| } |
| |
| /** |
| * Sets the specified {@link PermissionResolver PermissionResolver} on <em>all</em> of the wrapped realms that |
| * implement the {@link org.apache.shiro.authz.permission.PermissionResolverAware PermissionResolverAware} interface. |
| * <p/> |
| * Only call this method if you want the permission resolver to be passed to all realms that implement the |
| * <code>PermissionResolver</code> interface. If you do not want this to occur, the realms must |
| * configure themselves individually (or be configured individually). |
| * |
| * @param permissionResolver the permissionResolver to set on all of the wrapped realms that implement the |
| * {@link org.apache.shiro.authz.permission.PermissionResolverAware PermissionResolverAware} interface. |
| */ |
| public void setPermissionResolver(PermissionResolver permissionResolver) { |
| <span class="nc" id="L117"> this.permissionResolver = permissionResolver;</span> |
| <span class="nc" id="L118"> applyPermissionResolverToRealms();</span> |
| <span class="nc" id="L119"> }</span> |
| |
| /** |
| * Sets the internal {@link #getPermissionResolver} on any internal configured |
| * {@link #getRealms Realms} that implement the {@link org.apache.shiro.authz.permission.PermissionResolverAware PermissionResolverAware} interface. |
| * <p/> |
| * This method is called after setting a permissionResolver on this ModularRealmAuthorizer via the |
| * {@link #setPermissionResolver(org.apache.shiro.authz.permission.PermissionResolver) setPermissionResolver} method. |
| * <p/> |
| * It is also called after setting one or more realms via the {@link #setRealms setRealms} method to allow these |
| * newly available realms to be given the <code>PermissionResolver</code> already in use. |
| * |
| * @since 1.0 |
| */ |
| protected void applyPermissionResolverToRealms() { |
| <span class="fc" id="L134"> PermissionResolver resolver = getPermissionResolver();</span> |
| <span class="fc" id="L135"> Collection<Realm> realms = getRealms();</span> |
| <span class="pc bpc" id="L136" title="5 of 6 branches missed."> if (resolver != null && realms != null && !realms.isEmpty()) {</span> |
| <span class="nc bnc" id="L137" title="All 2 branches missed."> for (Realm realm : realms) {</span> |
| <span class="nc bnc" id="L138" title="All 2 branches missed."> if (realm instanceof PermissionResolverAware) {</span> |
| <span class="nc" id="L139"> ((PermissionResolverAware) realm).setPermissionResolver(resolver);</span> |
| } |
| <span class="nc" id="L141"> }</span> |
| } |
| <span class="fc" id="L143"> }</span> |
| |
| /** |
| * Returns the RolePermissionResolver to be used on <em>all</em> configured realms, or <code>null</code (the default) |
| * if all realm instances will each configure their own permission resolver. |
| * |
| * @return the RolePermissionResolver to be used on <em>all</em> configured realms, or <code>null</code (the default) |
| * if realm instances will each configure their own role permission resolver. |
| * @since 1.0 |
| */ |
| public RolePermissionResolver getRolePermissionResolver() { |
| <span class="fc" id="L154"> return this.rolePermissionResolver;</span> |
| } |
| |
| /** |
| * Sets the specified {@link RolePermissionResolver RolePermissionResolver} on <em>all</em> of the wrapped realms that |
| * implement the {@link org.apache.shiro.authz.permission.RolePermissionResolverAware PermissionResolverAware} interface. |
| * <p/> |
| * Only call this method if you want the permission resolver to be passed to all realms that implement the |
| * <code>RolePermissionResolver</code> interface. If you do not want this to occur, the realms must |
| * configure themselves individually (or be configured individually). |
| * |
| * @param rolePermissionResolver the rolePermissionResolver to set on all of the wrapped realms that implement the |
| * {@link org.apache.shiro.authz.permission.RolePermissionResolverAware RolePermissionResolverAware} interface. |
| */ |
| public void setRolePermissionResolver(RolePermissionResolver rolePermissionResolver) { |
| <span class="fc" id="L169"> this.rolePermissionResolver = rolePermissionResolver;</span> |
| <span class="fc" id="L170"> applyRolePermissionResolverToRealms();</span> |
| <span class="fc" id="L171"> }</span> |
| |
| |
| /** |
| * Sets the internal {@link #getRolePermissionResolver} on any internal configured |
| * {@link #getRealms Realms} that implement the {@link org.apache.shiro.authz.permission.RolePermissionResolverAware RolePermissionResolverAware} interface. |
| * <p/> |
| * This method is called after setting a rolePermissionResolver on this ModularRealmAuthorizer via the |
| * {@link #setRolePermissionResolver(org.apache.shiro.authz.permission.RolePermissionResolver) setRolePermissionResolver} method. |
| * <p/> |
| * It is also called after setting one or more realms via the {@link #setRealms setRealms} method to allow these |
| * newly available realms to be given the <code>RolePermissionResolver</code> already in use. |
| * |
| * @since 1.0 |
| */ |
| protected void applyRolePermissionResolverToRealms() { |
| <span class="fc" id="L187"> RolePermissionResolver resolver = getRolePermissionResolver();</span> |
| <span class="fc" id="L188"> Collection<Realm> realms = getRealms();</span> |
| <span class="pc bpc" id="L189" title="2 of 6 branches missed."> if (resolver != null && realms != null && !realms.isEmpty()) {</span> |
| <span class="fc bfc" id="L190" title="All 2 branches covered."> for (Realm realm : realms) {</span> |
| <span class="pc bpc" id="L191" title="1 of 2 branches missed."> if (realm instanceof RolePermissionResolverAware) {</span> |
| <span class="fc" id="L192"> ((RolePermissionResolverAware) realm).setRolePermissionResolver(resolver);</span> |
| } |
| <span class="fc" id="L194"> }</span> |
| } |
| <span class="fc" id="L196"> }</span> |
| |
| |
| /** |
| * Used by the {@link Authorizer Authorizer} implementation methods to ensure that the {@link #setRealms realms} |
| * has been set. The default implementation ensures the property is not null and not empty. |
| * |
| * @throws IllegalStateException if the <tt>realms</tt> property is configured incorrectly. |
| */ |
| protected void assertRealmsConfigured() throws IllegalStateException { |
| <span class="fc" id="L206"> Collection<Realm> realms = getRealms();</span> |
| <span class="pc bpc" id="L207" title="2 of 4 branches missed."> if (realms == null || realms.isEmpty()) {</span> |
| <span class="nc" id="L208"> String msg = "Configuration error: No realms have been configured! One or more realms must be " +</span> |
| "present to execute an authorization operation."; |
| <span class="nc" id="L210"> throw new IllegalStateException(msg);</span> |
| } |
| <span class="fc" id="L212"> }</span> |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, String)} returns <code>true</code>, |
| * <code>false</code> otherwise. |
| */ |
| public boolean isPermitted(PrincipalCollection principals, String permission) { |
| <span class="fc" id="L220"> assertRealmsConfigured();</span> |
| <span class="fc bfc" id="L221" title="All 2 branches covered."> for (Realm realm : getRealms()) {</span> |
| <span class="pc bpc" id="L222" title="1 of 2 branches missed."> if (!(realm instanceof Authorizer)) continue;</span> |
| <span class="fc bfc" id="L223" title="All 2 branches covered."> if (((Authorizer) realm).isPermitted(principals, permission)) {</span> |
| <span class="fc" id="L224"> return true;</span> |
| } |
| <span class="fc" id="L226"> }</span> |
| <span class="fc" id="L227"> return false;</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission)} call returns <code>true</code>, |
| * <code>false</code> otherwise. |
| */ |
| public boolean isPermitted(PrincipalCollection principals, Permission permission) { |
| <span class="nc" id="L236"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L237" title="All 2 branches missed."> for (Realm realm : getRealms()) {</span> |
| <span class="nc bnc" id="L238" title="All 2 branches missed."> if (!(realm instanceof Authorizer)) continue;</span> |
| <span class="nc bnc" id="L239" title="All 2 branches missed."> if (((Authorizer) realm).isPermitted(principals, permission)) {</span> |
| <span class="nc" id="L240"> return true;</span> |
| } |
| <span class="nc" id="L242"> }</span> |
| <span class="nc" id="L243"> return false;</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #isPermittedAll(org.apache.shiro.subject.PrincipalCollection, String...)} call returns |
| * <code>true</code>, <code>false</code> otherwise. |
| */ |
| public boolean[] isPermitted(PrincipalCollection principals, String... permissions) { |
| <span class="nc" id="L252"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L253" title="All 4 branches missed."> if (permissions != null && permissions.length > 0) {</span> |
| <span class="nc" id="L254"> boolean[] isPermitted = new boolean[permissions.length];</span> |
| <span class="nc bnc" id="L255" title="All 2 branches missed."> for (int i = 0; i < permissions.length; i++) {</span> |
| <span class="nc" id="L256"> isPermitted[i] = isPermitted(principals, permissions[i]);</span> |
| } |
| <span class="nc" id="L258"> return isPermitted;</span> |
| } |
| <span class="nc" id="L260"> return new boolean[0];</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, List)} call returns <code>true</code>, |
| * <code>false</code> otherwise. |
| */ |
| public boolean[] isPermitted(PrincipalCollection principals, List<Permission> permissions) { |
| <span class="nc" id="L269"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L270" title="All 4 branches missed."> if (permissions != null && !permissions.isEmpty()) {</span> |
| <span class="nc" id="L271"> boolean[] isPermitted = new boolean[permissions.size()];</span> |
| <span class="nc" id="L272"> int i = 0;</span> |
| <span class="nc bnc" id="L273" title="All 2 branches missed."> for (Permission p : permissions) {</span> |
| <span class="nc" id="L274"> isPermitted[i++] = isPermitted(principals, p);</span> |
| <span class="nc" id="L275"> }</span> |
| <span class="nc" id="L276"> return isPermitted;</span> |
| } |
| |
| <span class="nc" id="L279"> return new boolean[0];</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, String)} call returns <code>true</code> |
| * for <em>all</em> of the specified string permissions, <code>false</code> otherwise. |
| */ |
| public boolean isPermittedAll(PrincipalCollection principals, String... permissions) { |
| <span class="nc" id="L288"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L289" title="All 4 branches missed."> if (permissions != null && permissions.length > 0) {</span> |
| <span class="nc bnc" id="L290" title="All 2 branches missed."> for (String perm : permissions) {</span> |
| <span class="nc bnc" id="L291" title="All 2 branches missed."> if (!isPermitted(principals, perm)) {</span> |
| <span class="nc" id="L292"> return false;</span> |
| } |
| } |
| } |
| <span class="nc" id="L296"> return true;</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission)} call returns <code>true</code> |
| * for <em>all</em> of the specified Permissions, <code>false</code> otherwise. |
| */ |
| public boolean isPermittedAll(PrincipalCollection principals, Collection<Permission> permissions) { |
| <span class="nc" id="L305"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L306" title="All 4 branches missed."> if (permissions != null && !permissions.isEmpty()) {</span> |
| <span class="nc bnc" id="L307" title="All 2 branches missed."> for (Permission permission : permissions) {</span> |
| <span class="nc bnc" id="L308" title="All 2 branches missed."> if (!isPermitted(principals, permission)) {</span> |
| <span class="nc" id="L309"> return false;</span> |
| } |
| <span class="nc" id="L311"> }</span> |
| } |
| <span class="nc" id="L313"> return true;</span> |
| } |
| |
| /** |
| * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, String) isPermitted(permission)}, throws |
| * an <code>UnauthorizedException</code> otherwise returns quietly. |
| */ |
| public void checkPermission(PrincipalCollection principals, String permission) throws AuthorizationException { |
| <span class="nc" id="L321"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L322" title="All 2 branches missed."> if (!isPermitted(principals, permission)) {</span> |
| <span class="nc" id="L323"> throw new UnauthorizedException("Subject does not have permission [" + permission + "]");</span> |
| } |
| <span class="nc" id="L325"> }</span> |
| |
| /** |
| * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission) isPermitted(permission)}, throws |
| * an <code>UnauthorizedException</code> otherwise returns quietly. |
| */ |
| public void checkPermission(PrincipalCollection principals, Permission permission) throws AuthorizationException { |
| <span class="nc" id="L332"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L333" title="All 2 branches missed."> if (!isPermitted(principals, permission)) {</span> |
| <span class="nc" id="L334"> throw new UnauthorizedException("Subject does not have permission [" + permission + "]");</span> |
| } |
| <span class="nc" id="L336"> }</span> |
| |
| /** |
| * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, String...) isPermitted(permission)}, |
| * throws an <code>UnauthorizedException</code> otherwise returns quietly. |
| */ |
| public void checkPermissions(PrincipalCollection principals, String... permissions) throws AuthorizationException { |
| <span class="nc" id="L343"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L344" title="All 4 branches missed."> if (permissions != null && permissions.length > 0) {</span> |
| <span class="nc bnc" id="L345" title="All 2 branches missed."> for (String perm : permissions) {</span> |
| <span class="nc" id="L346"> checkPermission(principals, perm);</span> |
| } |
| } |
| <span class="nc" id="L349"> }</span> |
| |
| /** |
| * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission) isPermitted(permission)} for |
| * <em>all</em> the given Permissions, throws |
| * an <code>UnauthorizedException</code> otherwise returns quietly. |
| */ |
| public void checkPermissions(PrincipalCollection principals, Collection<Permission> permissions) throws AuthorizationException { |
| <span class="nc" id="L357"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L358" title="All 2 branches missed."> if (permissions != null) {</span> |
| <span class="nc bnc" id="L359" title="All 2 branches missed."> for (Permission permission : permissions) {</span> |
| <span class="nc" id="L360"> checkPermission(principals, permission);</span> |
| <span class="nc" id="L361"> }</span> |
| } |
| <span class="nc" id="L363"> }</span> |
| |
| /** |
| * Returns <code>true</code> if any of the configured realms' |
| * {@link #hasRole(org.apache.shiro.subject.PrincipalCollection, String)} call returns <code>true</code>, |
| * <code>false</code> otherwise. |
| */ |
| public boolean hasRole(PrincipalCollection principals, String roleIdentifier) { |
| <span class="fc" id="L371"> assertRealmsConfigured();</span> |
| <span class="fc bfc" id="L372" title="All 2 branches covered."> for (Realm realm : getRealms()) {</span> |
| <span class="pc bpc" id="L373" title="1 of 2 branches missed."> if (!(realm instanceof Authorizer)) continue;</span> |
| <span class="fc bfc" id="L374" title="All 2 branches covered."> if (((Authorizer) realm).hasRole(principals, roleIdentifier)) {</span> |
| <span class="fc" id="L375"> return true;</span> |
| } |
| <span class="fc" id="L377"> }</span> |
| <span class="fc" id="L378"> return false;</span> |
| } |
| |
| /** |
| * Calls {@link #hasRole(org.apache.shiro.subject.PrincipalCollection, String)} for each role name in the specified |
| * collection and places the return value from each call at the respective location in the returned array. |
| */ |
| public boolean[] hasRoles(PrincipalCollection principals, List<String> roleIdentifiers) { |
| <span class="nc" id="L386"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L387" title="All 4 branches missed."> if (roleIdentifiers != null && !roleIdentifiers.isEmpty()) {</span> |
| <span class="nc" id="L388"> boolean[] hasRoles = new boolean[roleIdentifiers.size()];</span> |
| <span class="nc" id="L389"> int i = 0;</span> |
| <span class="nc bnc" id="L390" title="All 2 branches missed."> for (String roleId : roleIdentifiers) {</span> |
| <span class="nc" id="L391"> hasRoles[i++] = hasRole(principals, roleId);</span> |
| <span class="nc" id="L392"> }</span> |
| <span class="nc" id="L393"> return hasRoles;</span> |
| } |
| |
| <span class="nc" id="L396"> return new boolean[0];</span> |
| } |
| |
| /** |
| * Returns <code>true</code> iff any of the configured realms' |
| * {@link #hasRole(org.apache.shiro.subject.PrincipalCollection, String)} call returns <code>true</code> for |
| * <em>all</em> roles specified, <code>false</code> otherwise. |
| */ |
| public boolean hasAllRoles(PrincipalCollection principals, Collection<String> roleIdentifiers) { |
| <span class="nc" id="L405"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L406" title="All 2 branches missed."> for (String roleIdentifier : roleIdentifiers) {</span> |
| <span class="nc bnc" id="L407" title="All 2 branches missed."> if (!hasRole(principals, roleIdentifier)) {</span> |
| <span class="nc" id="L408"> return false;</span> |
| } |
| <span class="nc" id="L410"> }</span> |
| <span class="nc" id="L411"> return true;</span> |
| } |
| |
| /** |
| * If !{@link #hasRole(org.apache.shiro.subject.PrincipalCollection, String) hasRole(role)}, throws |
| * an <code>UnauthorizedException</code> otherwise returns quietly. |
| */ |
| public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException { |
| <span class="nc" id="L419"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L420" title="All 2 branches missed."> if (!hasRole(principals, role)) {</span> |
| <span class="nc" id="L421"> throw new UnauthorizedException("Subject does not have role [" + role + "]");</span> |
| } |
| <span class="nc" id="L423"> }</span> |
| |
| /** |
| * Calls {@link #checkRoles(PrincipalCollection principals, String... roles) checkRoles(PrincipalCollection principals, String... roles) }. |
| */ |
| public void checkRoles(PrincipalCollection principals, Collection<String> roles) throws AuthorizationException { |
| //SHIRO-234 - roles.toArray() -> roles.toArray(new String[roles.size()]) |
| <span class="nc bnc" id="L430" title="All 4 branches missed."> if (roles != null && !roles.isEmpty()) checkRoles(principals, roles.toArray(new String[roles.size()]));</span> |
| <span class="nc" id="L431"> }</span> |
| |
| /** |
| * Calls {@link #checkRole(org.apache.shiro.subject.PrincipalCollection, String) checkRole} for each role specified. |
| */ |
| public void checkRoles(PrincipalCollection principals, String... roles) throws AuthorizationException { |
| <span class="nc" id="L437"> assertRealmsConfigured();</span> |
| <span class="nc bnc" id="L438" title="All 2 branches missed."> if (roles != null) {</span> |
| <span class="nc bnc" id="L439" title="All 2 branches missed."> for (String role : roles) {</span> |
| <span class="nc" id="L440"> checkRole(principals, role);</span> |
| } |
| } |
| <span class="nc" id="L443"> }</span> |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.8.3.201901230119</span></div></body></html> |