[seam-commits] Seam SVN: r7931 - in trunk/src/main/org/jboss/seam/security: permission/dynamic and 1 other directory.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Mon Apr 14 00:13:40 EDT 2008
Author: shane.bryzak at jboss.com
Date: 2008-04-14 00:13:40 -0400 (Mon, 14 Apr 2008)
New Revision: 7931
Added:
trunk/src/main/org/jboss/seam/security/management/BeanProperty.java
Modified:
trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
trunk/src/main/org/jboss/seam/security/permission/dynamic/DynamicPermissionResolver.java
trunk/src/main/org/jboss/seam/security/permission/dynamic/JpaDynamicPermissionStore.java
Log:
minor refactoring, initial configuration work for JpaDynamicPermissionStore
Added: trunk/src/main/org/jboss/seam/security/management/BeanProperty.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/BeanProperty.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/management/BeanProperty.java 2008-04-14 04:13:40 UTC (rev 7931)
@@ -0,0 +1,173 @@
+package org.jboss.seam.security.management;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+
+/**
+ * A convenience class for working with an annotated property (either a field or method) of
+ * a JavaBean class.
+ *
+ * @author Shane Bryzak
+ */
+public class BeanProperty
+{
+ private Field propertyField;
+ private Method propertyGetter;
+ private Method propertySetter;
+ private Annotation annotation;
+ private String name;
+ private Class propertyClass;
+
+ private boolean isFieldProperty;
+
+ private BeanProperty(Field propertyField, Annotation annotation)
+ {
+ this.propertyField = propertyField;
+ isFieldProperty = true;
+ this.annotation = annotation;
+ this.name = propertyField.getName();
+ this.propertyClass = propertyField.getDeclaringClass();
+ }
+
+ private BeanProperty(Method propertyMethod, Annotation annotation)
+ {
+ if (!(propertyMethod.getName().startsWith("get") || (propertyMethod.getName().startsWith("is"))))
+ {
+ throw new IllegalArgumentException("Bean property method name " + propertyMethod.getClass().getName() +
+ "." + propertyMethod.getName() + "() must start with \"get\" or \"is\".");
+ }
+
+ if (propertyMethod.getReturnType().equals(void.class) || propertyMethod.getParameterTypes().length > 0)
+ {
+ throw new IllegalArgumentException("Bean property method " + propertyMethod.getClass().getName() +
+ "." + propertyMethod.getName() + "() must return a value and take no parameters");
+ }
+
+ this.propertyGetter = propertyMethod;
+ this.propertyClass = propertyMethod.getReturnType();
+
+ String methodName = propertyMethod.getName();
+
+ this.name = methodName.startsWith("get") ?
+ (methodName.substring(3,4).toLowerCase() + methodName.substring(4)) :
+ (methodName.substring(2,3).toLowerCase() + methodName.substring(3));
+
+ String setterName = propertyMethod.getName().startsWith("get") ?
+ ("set" + methodName.substring(3)) : ("set" + methodName.substring(2));
+
+ try
+ {
+ propertySetter = propertyMethod.getDeclaringClass().getMethod(setterName, new Class[] {propertyMethod.getReturnType()});
+ }
+ catch (NoSuchMethodException ex)
+ {
+ throw new IllegalArgumentException("Bean property method " + propertyMethod.getClass().getName() +
+ "." + propertyMethod.getName() + "() must have a corresponding setter method.");
+ }
+
+ isFieldProperty = false;
+ this.annotation = annotation;
+ }
+
+ public void setValue(Object bean, Object value)
+ {
+ if (isFieldProperty)
+ {
+ boolean accessible = propertyField.isAccessible();
+ try
+ {
+ propertyField.setAccessible(true);
+ propertyField.set(bean, value);
+ }
+ catch (IllegalAccessException ex)
+ {
+ throw new RuntimeException("Exception setting bean property", ex);
+ }
+ finally
+ {
+ propertyField.setAccessible(accessible);
+ }
+ }
+ else
+ {
+ try
+ {
+ propertySetter.invoke(bean, value);
+ }
+ catch (Exception ex)
+ {
+ throw new RuntimeException("Exception setting bean property", ex);
+ }
+ }
+ }
+
+ public Object getValue(Object bean)
+ {
+ if (isFieldProperty)
+ {
+ boolean accessible = propertyField.isAccessible();
+ try
+ {
+ propertyField.setAccessible(true);
+ return propertyField.get(bean);
+ }
+ catch (IllegalAccessException ex)
+ {
+ throw new RuntimeException("Exception getting bean property", ex);
+ }
+ finally
+ {
+ propertyField.setAccessible(accessible);
+ }
+ }
+ else
+ {
+ try
+ {
+ return propertyGetter.invoke(bean);
+ }
+ catch (Exception ex)
+ {
+ throw new RuntimeException("Exception getting bean property", ex);
+ }
+ }
+ }
+
+ public Annotation getAnnotation()
+ {
+ return annotation;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public Class getPropertyClass()
+ {
+ return propertyClass;
+ }
+
+
+ public static BeanProperty scanForProperty(Class cls, Class<? extends Annotation> annotation)
+ {
+ for (Field f : cls.getFields())
+ {
+ if (f.isAnnotationPresent(annotation))
+ {
+ return new BeanProperty(f, f.getAnnotation(annotation));
+ }
+ }
+
+ for (Method m : cls.getMethods())
+ {
+ if (m.isAnnotationPresent(annotation))
+ {
+ return new BeanProperty(m, m.getAnnotation(annotation));
+ }
+ }
+
+ return null;
+ }
+}
\ No newline at end of file
Modified: trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-04-14 04:11:00 UTC (rev 7930)
+++ trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-04-14 04:13:40 UTC (rev 7931)
@@ -4,9 +4,6 @@
import static org.jboss.seam.annotations.Install.BUILT_IN;
import java.io.Serializable;
-import java.lang.annotation.Annotation;
-import java.lang.reflect.Field;
-import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
@@ -62,148 +59,8 @@
private ValueExpression<EntityManager> entityManager;
private Class userClass;
- private Class roleClass;
+ private Class roleClass;
- protected final class BeanProperty
- {
- private Field propertyField;
- private Method propertyGetter;
- private Method propertySetter;
- private Annotation annotation;
- private String name;
- private Class propertyClass;
-
- private boolean isFieldProperty;
-
- public BeanProperty(Field propertyField, Annotation annotation)
- {
- this.propertyField = propertyField;
- isFieldProperty = true;
- this.annotation = annotation;
- this.name = propertyField.getName();
- this.propertyClass = propertyField.getDeclaringClass();
- }
-
- public BeanProperty(Method propertyMethod, Annotation annotation)
- {
- if (!(propertyMethod.getName().startsWith("get") || (propertyMethod.getName().startsWith("is"))))
- {
- throw new IllegalArgumentException("Bean property method name " + propertyMethod.getClass().getName() +
- "." + propertyMethod.getName() + "() must start with \"get\" or \"is\".");
- }
-
- if (propertyMethod.getReturnType().equals(void.class) || propertyMethod.getParameterTypes().length > 0)
- {
- throw new IllegalArgumentException("Bean property method " + propertyMethod.getClass().getName() +
- "." + propertyMethod.getName() + "() must return a value and take no parameters");
- }
-
- this.propertyGetter = propertyMethod;
- this.propertyClass = propertyMethod.getReturnType();
-
- String methodName = propertyMethod.getName();
-
- this.name = methodName.startsWith("get") ?
- (methodName.substring(3,4).toLowerCase() + methodName.substring(4)) :
- (methodName.substring(2,3).toLowerCase() + methodName.substring(3));
-
- String setterName = propertyMethod.getName().startsWith("get") ?
- ("set" + methodName.substring(3)) : ("set" + methodName.substring(2));
-
- try
- {
- propertySetter = propertyMethod.getDeclaringClass().getMethod(setterName, new Class[] {propertyMethod.getReturnType()});
- }
- catch (NoSuchMethodException ex)
- {
- throw new IllegalArgumentException("Bean property method " + propertyMethod.getClass().getName() +
- "." + propertyMethod.getName() + "() must have a corresponding setter method.");
- }
-
- isFieldProperty = false;
- this.annotation = annotation;
- }
-
- public void setValue(Object bean, Object value)
- {
- if (isFieldProperty)
- {
- boolean accessible = propertyField.isAccessible();
- try
- {
- propertyField.setAccessible(true);
- propertyField.set(bean, value);
- }
- catch (IllegalAccessException ex)
- {
- throw new RuntimeException("Exception setting bean property", ex);
- }
- finally
- {
- propertyField.setAccessible(accessible);
- }
- }
- else
- {
- try
- {
- propertySetter.invoke(bean, value);
- }
- catch (Exception ex)
- {
- throw new RuntimeException("Exception setting bean property", ex);
- }
- }
- }
-
- public Object getValue(Object bean)
- {
- if (isFieldProperty)
- {
- boolean accessible = propertyField.isAccessible();
- try
- {
- propertyField.setAccessible(true);
- return propertyField.get(bean);
- }
- catch (IllegalAccessException ex)
- {
- throw new RuntimeException("Exception getting bean property", ex);
- }
- finally
- {
- propertyField.setAccessible(accessible);
- }
- }
- else
- {
- try
- {
- return propertyGetter.invoke(bean);
- }
- catch (Exception ex)
- {
- throw new RuntimeException("Exception getting bean property", ex);
- }
- }
- }
-
- public Annotation getAnnotation()
- {
- return annotation;
- }
-
- public String getName()
- {
- return name;
- }
-
- public Class getPropertyClass()
- {
- return propertyClass;
- }
- }
-
private BeanProperty userPrincipalProperty;
private BeanProperty userPasswordProperty;
private BeanProperty userRolesProperty;
@@ -259,15 +116,15 @@
private void initProperties()
{
- userPrincipalProperty = scanForProperty(userClass, UserPrincipal.class);
- userPasswordProperty = scanForProperty(userClass, UserPassword.class);
- userRolesProperty = scanForProperty(userClass, UserRoles.class);
- userEnabledProperty = scanForProperty(userClass, UserEnabled.class);
- userFirstNameProperty = scanForProperty(userClass, UserFirstName.class);
- userLastNameProperty = scanForProperty(userClass, UserLastName.class);
+ userPrincipalProperty = BeanProperty.scanForProperty(userClass, UserPrincipal.class);
+ userPasswordProperty = BeanProperty.scanForProperty(userClass, UserPassword.class);
+ userRolesProperty = BeanProperty.scanForProperty(userClass, UserRoles.class);
+ userEnabledProperty = BeanProperty.scanForProperty(userClass, UserEnabled.class);
+ userFirstNameProperty = BeanProperty.scanForProperty(userClass, UserFirstName.class);
+ userLastNameProperty = BeanProperty.scanForProperty(userClass, UserLastName.class);
- roleNameProperty = scanForProperty(roleClass, RoleName.class);
- roleGroupsProperty = scanForProperty(roleClass, RoleGroups.class);
+ roleNameProperty = BeanProperty.scanForProperty(roleClass, RoleName.class);
+ roleGroupsProperty = BeanProperty.scanForProperty(roleClass, RoleGroups.class);
if (userPrincipalProperty == null)
{
@@ -294,27 +151,6 @@
}
}
- private BeanProperty scanForProperty(Class cls, Class<? extends Annotation> annotation)
- {
- for (Field f : cls.getFields())
- {
- if (f.isAnnotationPresent(annotation))
- {
- return new BeanProperty(f, f.getAnnotation(annotation));
- }
- }
-
- for (Method m : cls.getMethods())
- {
- if (m.isAnnotationPresent(annotation))
- {
- return new BeanProperty(m, m.getAnnotation(annotation));
- }
- }
-
- return null;
- }
-
public boolean createUser(String username, String password, String firstname, String lastname)
{
try
Modified: trunk/src/main/org/jboss/seam/security/permission/dynamic/DynamicPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/dynamic/DynamicPermissionResolver.java 2008-04-14 04:11:00 UTC (rev 7930)
+++ trunk/src/main/org/jboss/seam/security/permission/dynamic/DynamicPermissionResolver.java 2008-04-14 04:13:40 UTC (rev 7931)
@@ -34,7 +34,7 @@
@Startup
public class DynamicPermissionResolver implements PermissionResolver, Serializable
{
- private static final String DEFAULT_PERMISSION_STORE_NAME = "accountPermissionStore";
+ private static final String DEFAULT_PERMISSION_STORE_NAME = "jpaDynamicPermissionStore";
private PermissionStore permissionStore;
@@ -90,7 +90,7 @@
for (Permission permission : permissions)
{
- if (username.equals(permission.getRecipient()))
+ if (username.equals(permission.getRecipient().getName()))
{
return true;
}
Modified: trunk/src/main/org/jboss/seam/security/permission/dynamic/JpaDynamicPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/dynamic/JpaDynamicPermissionStore.java 2008-04-14 04:11:00 UTC (rev 7930)
+++ trunk/src/main/org/jboss/seam/security/permission/dynamic/JpaDynamicPermissionStore.java 2008-04-14 04:13:40 UTC (rev 7931)
@@ -1,6 +1,7 @@
package org.jboss.seam.security.permission.dynamic;
import static org.jboss.seam.ScopeType.APPLICATION;
+import static org.jboss.seam.annotations.Install.BUILT_IN;
import java.io.Serializable;
import java.util.List;
@@ -8,9 +9,22 @@
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
-import org.jboss.seam.Component;
+import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.annotations.security.permission.PermissionAction;
+import org.jboss.seam.annotations.security.permission.PermissionDiscriminator;
+import org.jboss.seam.annotations.security.permission.PermissionRole;
+import org.jboss.seam.annotations.security.permission.PermissionTarget;
+import org.jboss.seam.annotations.security.permission.PermissionUser;
+import org.jboss.seam.core.Expressions;
+import org.jboss.seam.core.Expressions.ValueExpression;
+import org.jboss.seam.log.LogProvider;
+import org.jboss.seam.log.Logging;
+import org.jboss.seam.security.management.BeanProperty;
+import org.jboss.seam.security.management.IdentityManagementException;
import org.jboss.seam.security.permission.Permission;
import org.jboss.seam.security.permission.PermissionStore;
@@ -19,29 +33,94 @@
*
* @author Shane Bryzak
*/
+ at Name("org.jboss.seam.security.permission.jpaDynamicPermissionStore")
+ at Install(precedence = BUILT_IN, value=false)
@Scope(APPLICATION)
@BypassInterceptors
public class JpaDynamicPermissionStore implements PermissionStore, Serializable
{
- private String entityManagerName = "entityManager";
+ private static final LogProvider log = Logging.getLogProvider(JpaDynamicPermissionStore.class);
- private Class permissionClass;
+ private ValueExpression<EntityManager> entityManager;
+ private Class userPermissionClass;
+ private Class rolePermissionClass;
+
+ private BeanProperty userProperty;
+ private BeanProperty roleProperty;
+
+ private BeanProperty targetProperty;
+ private BeanProperty actionProperty;
+ private BeanProperty discriminatorProperty;
+
+ private BeanProperty roleTargetProperty;
+ private BeanProperty roleActionProperty;
+
+ @Create
+ public void init()
+ {
+ if (userPermissionClass == null)
+ {
+ log.debug("No permissionClass set, JpaDynamicPermissionStore will be unavailable.");
+ return;
+ }
+
+ if (entityManager == null)
+ {
+ entityManager = Expressions.instance().createValueExpression("#{entityManager}", EntityManager.class);
+ }
+
+ initProperties();
+ }
+
+ private void initProperties()
+ {
+ userProperty = BeanProperty.scanForProperty(userPermissionClass, PermissionUser.class);
+ targetProperty = BeanProperty.scanForProperty(userPermissionClass, PermissionTarget.class);
+ actionProperty = BeanProperty.scanForProperty(userPermissionClass, PermissionAction.class);
+
+ if (rolePermissionClass != null)
+ {
+ roleProperty = BeanProperty.scanForProperty(rolePermissionClass, PermissionRole.class);
+ if (roleProperty != null)
+ {
+ roleTargetProperty = BeanProperty.scanForProperty(rolePermissionClass, PermissionTarget.class);
+ roleActionProperty = BeanProperty.scanForProperty(rolePermissionClass, PermissionAction.class);
+ }
+ }
+ else
+ {
+ roleProperty = BeanProperty.scanForProperty(userPermissionClass, PermissionRole.class);
+ if (roleProperty != null)
+ {
+ discriminatorProperty = BeanProperty.scanForProperty(userPermissionClass, PermissionDiscriminator.class);
+ }
+ }
+
+ if (userProperty == null)
+ {
+ throw new IdentityManagementException("Invalid userPermissionClass " + userPermissionClass.getName() +
+ " - required annotation @PermissionUser not found on any Field or Method.");
+ }
+
+ // TODO additional validation checks for both permission classes
+ }
+
public boolean grantPermission(Permission permission)
{
try
{
- if (permissionClass == null)
+ if (userPermissionClass == null)
{
throw new RuntimeException("Could not grant permission, permissionClass not set");
}
- Object instance = permissionClass.newInstance();
+ Object instance = userPermissionClass.newInstance();
// instance.setTarget(permission.getTarget());
// instance.setAction(permission.getAction());
// instance.setAccount(permission.getRecipient());
- getEntityManager().persist(instance);
+ lookupEntityManager().persist(instance);
return true;
}
@@ -55,10 +134,10 @@
{
try
{
- EntityManager em = getEntityManager();
+ EntityManager em = lookupEntityManager();
Object instance = em.createQuery(
- "from " + permissionClass.getName() +
+ "from " + userPermissionClass.getName() +
" where target = :target and action = :action and account = :account " +
" and accountType = :accountType")
.setParameter("target", permission.getTarget())
@@ -77,8 +156,8 @@
public List<Permission> listPermissions(Object target, String action)
{
- return getEntityManager().createQuery(
- "from " + permissionClass.getName() +
+ return lookupEntityManager().createQuery(
+ "from " + userPermissionClass.getName() +
" where target = :target and action = :action")
.setParameter("target", target)
.setParameter("action", action)
@@ -87,34 +166,44 @@
public List<Permission> listPermissions(Object target)
{
- return getEntityManager().createQuery(
- "from " + permissionClass.getName() + " where target = :target")
+ return lookupEntityManager().createQuery(
+ "from " + userPermissionClass.getName() + " where target = :target")
.setParameter("target", target)
.getResultList();
}
- private EntityManager getEntityManager()
+ private EntityManager lookupEntityManager()
{
- return (EntityManager) Component.getInstance(entityManagerName);
+ return entityManager.getValue();
}
- public String getEntityManagerName()
+ public ValueExpression getEntityManager()
{
- return entityManagerName;
+ return entityManager;
}
- public void setEntityManagerName(String name)
+ public void setEntityManager(ValueExpression expression)
{
- this.entityManagerName = name;
- }
+ this.entityManager = expression;
+ }
- public Class getPermissionClass()
+ public Class getUserPermissionClass()
{
- return permissionClass;
+ return userPermissionClass;
}
- public void setPermissionClass(Class permissionClass)
+ public void setUserPermissionClass(Class userPermissionClass)
{
- this.permissionClass = permissionClass;
+ this.userPermissionClass = userPermissionClass;
}
+
+ public Class getRolePermissionClass()
+ {
+ return rolePermissionClass;
+ }
+
+ public void setRolePermissionClass(Class rolePermissionClass)
+ {
+ this.rolePermissionClass = rolePermissionClass;
+ }
}
More information about the seam-commits
mailing list