[seam-commits] Seam SVN: r7646 - in trunk/src/main/org/jboss/seam: security/management and 1 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Wed Mar 19 19:42:45 EDT 2008
Author: shane.bryzak at jboss.com
Date: 2008-03-19 19:42:45 -0400 (Wed, 19 Mar 2008)
New Revision: 7646
Added:
trunk/src/main/org/jboss/seam/security/permission/package-info.java
Modified:
trunk/src/main/org/jboss/seam/security-2.1.xsd
trunk/src/main/org/jboss/seam/security/management/package-info.java
trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java
trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java
Log:
jpa permission store, consolidated identity-management namespace with security namespace
Modified: trunk/src/main/org/jboss/seam/security/management/package-info.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/package-info.java 2008-03-19 16:27:23 UTC (rev 7645)
+++ trunk/src/main/org/jboss/seam/security/management/package-info.java 2008-03-19 23:42:45 UTC (rev 7646)
@@ -3,7 +3,7 @@
*
* @see org.jboss.seam.security.management.IdentityManager
*/
- at Namespace(value="http://jboss.com/products/seam/security/management", prefix="org.jboss.seam.security.management")
+ at Namespace(value="http://jboss.com/products/seam/security", prefix="org.jboss.seam.security")
@AutoCreate
package org.jboss.seam.security.management;
Modified: trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java 2008-03-19 16:27:23 UTC (rev 7645)
+++ trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java 2008-03-19 23:42:45 UTC (rev 7646)
@@ -6,18 +6,22 @@
import java.io.Serializable;
import java.util.List;
+import org.jboss.seam.Component;
import org.jboss.seam.Seam;
+import org.jboss.seam.annotations.Create;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.log.LogProvider;
+import org.jboss.seam.log.Logging;
import org.jboss.seam.security.Identity;
import org.jboss.seam.security.permission.AccountPermission.AccountType;
/**
- * Resolves permissions dynamically assigned in a persistent store, such as a
- * database, for example.
+ * Resolves dynamically-assigned permissions kept in a persistent store, such as a
+ * database.
*
* @author Shane Bryzak
*/
@@ -28,8 +32,32 @@
@Startup
public class DynamicPermissionResolver implements PermissionResolver, Serializable
{
+ private static final String DEFAULT_PERMISSION_STORE_NAME = "permissionStore";
+
private PermissionStore permissionStore;
+ private static final LogProvider log = Logging.getLogProvider(DynamicPermissionResolver.class);
+
+ @Create
+ public void create()
+ {
+ initPermissionStore();
+ }
+
+ protected void initPermissionStore()
+ {
+ if (permissionStore == null)
+ {
+ permissionStore = (PermissionStore) Component.getInstance(DEFAULT_PERMISSION_STORE_NAME, true);
+ }
+
+ if (permissionStore == null)
+ {
+ log.warn("no permission store available - please install a PermissionStore with the name '" +
+ DEFAULT_PERMISSION_STORE_NAME + "' if dynamic permissions are required.");
+ }
+ }
+
public PermissionStore getPermissionStore()
{
return permissionStore;
Modified: trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java 2008-03-19 16:27:23 UTC (rev 7645)
+++ trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java 2008-03-19 23:42:45 UTC (rev 7646)
@@ -4,6 +4,9 @@
import java.util.List;
+import javax.persistence.EntityManager;
+
+import org.jboss.seam.Component;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.security.permission.AccountPermission.AccountType;
@@ -17,26 +20,82 @@
@BypassInterceptors
public class JPAPermissionStore implements PermissionStore
{
+ private String entityManagerName = "entityManager";
+
+ private Class<? extends AccountPermission> permissionClass;
+
public boolean grantPermission(String target, String action, String account,
AccountType accountType)
{
+ try
+ {
+ if (permissionClass == null)
+ {
+ throw new RuntimeException("Could not grant permission, permissionClass not set");
+ }
+
+ AccountPermission permission = permissionClass.newInstance();
+ permission.setTarget(target);
+ permission.setAction(action);
+ permission.setAccount(account);
+ permission.setAccountType(accountType);
+
+ getEntityManager().persist(permission);
+
+ return true;
+ }
+ catch (Exception ex)
+ {
+ throw new RuntimeException("Could not grant permission", ex);
+ }
+ }
+
+ public boolean revokePermission(String target, String action,
+ String account, AccountType accountType)
+ {
return false;
- }
+ }
public List<AccountPermission> listPermissions(String target, String action)
{
- return null;
+ return getEntityManager().createQuery(
+ "from " + permissionClass.getName() +
+ " where target = :target and action = :action")
+ .setParameter("target", target)
+ .setParameter("action", action)
+ .getResultList();
}
public List<AccountPermission> listPermissions(String target)
{
- return null;
+ return getEntityManager().createQuery(
+ "from " + permissionClass.getName() + " where target = :target")
+ .setParameter("target", target)
+ .getResultList();
}
- public boolean revokePermission(String target, String action,
- String account, AccountType accountType)
+ private EntityManager getEntityManager()
{
- return false;
+ return (EntityManager) Component.getInstance(entityManagerName);
}
-
+
+ public String getEntityManagerName()
+ {
+ return entityManagerName;
+ }
+
+ public void setEntityManagerName(String name)
+ {
+ this.entityManagerName = name;
+ }
+
+ public Class getPermissionClass()
+ {
+ return permissionClass;
+ }
+
+ public void setPermissionClass(Class permissionClass)
+ {
+ this.permissionClass = permissionClass;
+ }
}
Added: trunk/src/main/org/jboss/seam/security/permission/package-info.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/package-info.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/package-info.java 2008-03-19 23:42:45 UTC (rev 7646)
@@ -0,0 +1,11 @@
+/**
+ * Seam Security Permissions
+ *
+ * @see org.jboss.seam.security.permission.PermissionManager
+ */
+ at Namespace(value="http://jboss.com/products/seam/security", prefix="org.jboss.seam.security")
+ at AutoCreate
+package org.jboss.seam.security.permission;
+
+import org.jboss.seam.annotations.AutoCreate;
+import org.jboss.seam.annotations.Namespace;
Modified: trunk/src/main/org/jboss/seam/security-2.1.xsd
===================================================================
--- trunk/src/main/org/jboss/seam/security-2.1.xsd 2008-03-19 16:27:23 UTC (rev 7645)
+++ trunk/src/main/org/jboss/seam/security-2.1.xsd 2008-03-19 23:42:45 UTC (rev 7646)
@@ -28,6 +28,17 @@
<xs:attributeGroup name="attlist.faces-security-events">
<xs:attribute name="cookie-max-age"/>
- </xs:attributeGroup>
+ </xs:attributeGroup>
+ <xs:element name="jpa-identity-store">
+ <xs:complexType mixed="true">
+ <xs:attributeGroup ref="components:attlist.component"/>
+ <xs:attributeGroup ref="security:attlist.jpa-identity-store"/>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:attributeGroup name="attlist.jpa-identity-store">
+ <xs:attribute name="account-class" />
+ </xs:attributeGroup>
+
</xs:schema>
More information about the seam-commits
mailing list