JBoss Portal SVN: r12794 - in modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components: action and 1 other directories.
9:21 p.m.
Author: sohil.shah(a)jboss.com
Date: 2009-02-08 22:21:21 -0500 (Sun, 08 Feb 2009)
New Revision: 12794
Added:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Manage.java
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Read.java
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Write.java
Modified:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
Log:
Introducing Read, Write, and Manage (Action components)
Added:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Manage.java
===================================================================
---
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Manage.java
(rev 0)
+++
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Manage.java 2009-02-09
03:21:21 UTC (rev 12794)
@@ -0,0 +1,93 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.components.action;
+
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.AttributeExpression;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Target;
+
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
+
+/**
+ * Read represents a "Manage" action that can be performed on a Resource
+ *
+ * Management of a Resource involves all kinds of operations including Reading and
Writing
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Manage
+{
+ public Manage()
+ {
+
+ }
+ //-----Services for Policy
Generation------------------------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * A Target used for Matching a "MANAGE" Action within a Policy Definition
+ *
+ * @return target
+ */
+ public Target getTarget()
+ {
+ Target target = new Target();
+
+ AttributeExpression expression = new AttributeExpression();
+ expression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING, "MANAGE");
+ expression.setAttribute(attribute);
+
+ target.addActionMatch(expression);
+
+ return target;
+ }
+ //-----Services for Request
Generation----------------------------------------------------------------------------------------------------------------------
+ /**
+ * Creates a "MANAGE" Action for the RequestContext
+ *
+ * @return action
+ */
+ public Action getAction()
+ {
+ Action action = new Action();
+
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING,
+ "MANAGE"
+ );
+ Attribute impliesRead = new Attribute(XACMLConstants.ATTRIBUTEID_IMPLIED_ACTION,
+ XMLSchemaConstants.DATATYPE_STRING,
+ "READ"
+ );
+ Attribute impliesWrite = new Attribute(XACMLConstants.ATTRIBUTEID_IMPLIED_ACTION,
+ XMLSchemaConstants.DATATYPE_STRING,
+ "WRITE"
+ );
+ action.addAttribute(attribute);
+ action.addAttribute(impliesRead);
+ action.addAttribute(impliesWrite);
+
+ return action;
+ }
+}
Added:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Read.java
===================================================================
---
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Read.java
(rev 0)
+++
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Read.java 2009-02-09
03:21:21 UTC (rev 12794)
@@ -0,0 +1,81 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.components.action;
+
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.AttributeExpression;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Target;
+
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
+
+/**
+ * Read represents a "read" action that can be performed on a Resource
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Read
+{
+ public Read()
+ {
+
+ }
+ //-----Services for Policy
Generation------------------------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * A Target used for Matching a "READ" Action within a Policy Definition
+ *
+ * @return target
+ */
+ public Target getTarget()
+ {
+ Target target = new Target();
+
+ AttributeExpression expression = new AttributeExpression();
+ expression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING, "READ");
+ expression.setAttribute(attribute);
+
+ target.addActionMatch(expression);
+
+ return target;
+ }
+ //-----Services for Request
Generation----------------------------------------------------------------------------------------------------------------------
+ /**
+ * Creates a "READ" Action for the RequestContext
+ *
+ * @return action
+ */
+ public Action getAction()
+ {
+ Action action = new Action();
+
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING,
+ "READ"
+ );
+ action.addAttribute(attribute);
+
+ return action;
+ }
+}
Added:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Write.java
===================================================================
---
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Write.java
(rev 0)
+++
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/action/Write.java 2009-02-09
03:21:21 UTC (rev 12794)
@@ -0,0 +1,88 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.security.authz.components.action;
+
+import org.jboss.security.authz.model.Attribute;
+import org.jboss.security.authz.model.AttributeExpression;
+import org.jboss.security.authz.model.Action;
+import org.jboss.security.authz.model.Target;
+
+import org.jboss.security.xacml.interfaces.XACMLConstants;
+import org.jboss.security.xacml.interfaces.XMLSchemaConstants;
+
+/**
+ * Read represents a "Write" action that can be performed on a Resource
+ *
+ * Write operation also implies that read operations are implied
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class Write
+{
+ public Write()
+ {
+
+ }
+ //-----Services for Policy
Generation------------------------------------------------------------------------------------------------------------------------------------------------
+ /**
+ * A Target used for Matching a "WRITE" Action within a Policy Definition
+ *
+ * @return target
+ */
+ public Target getTarget()
+ {
+ Target target = new Target();
+
+ AttributeExpression expression = new AttributeExpression();
+ expression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL);
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING, "WRITE");
+ expression.setAttribute(attribute);
+
+ target.addActionMatch(expression);
+
+ return target;
+ }
+ //-----Services for Request
Generation----------------------------------------------------------------------------------------------------------------------
+ /**
+ * Creates a "WRITE" Action for the RequestContext
+ *
+ * @return action
+ */
+ public Action getAction()
+ {
+ Action action = new Action();
+
+ Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID,
+ XMLSchemaConstants.DATATYPE_STRING,
+ "WRITE"
+ );
+ Attribute impliesRead = new Attribute(XACMLConstants.ATTRIBUTEID_IMPLIED_ACTION,
+ XMLSchemaConstants.DATATYPE_STRING,
+ "READ"
+ );
+ action.addAttribute(attribute);
+ action.addAttribute(impliesRead);
+
+ return action;
+ }
+}
Modified:
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java
===================================================================
---
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-02-08
15:01:03 UTC (rev 12793)
+++
modules/authorization/trunk/core-components/src/main/java/org/jboss/security/authz/components/http/HttpResource.java 2009-02-09
03:21:21 UTC (rev 12794)
@@ -151,6 +151,36 @@
}
//-------Services for Policy
Creation---------------------------------------------------------------------------------------------------------------------------------------------------------------------
/**
+ * Produces PolicyMeta used to generate a Policy object to be registered with the
Policy Server
+ *
+ * @return the policy meta data
+ */
+ public PolicyMetaData getPolicyMetaData(boolean matchAllParameters)
+ {
+ PolicyMetaData metadata = new PolicyMetaData();
+
+ Target target = this.getURLTarget(matchAllParameters);
+
+ Set<Rule> rules = new HashSet<Rule>();
+
+ //Permitted Roles
+ if(this.allowedRoles != null)
+ {
+ rules.add(this.allowIfUserHasRole());
+ }
+
+ //Denied Roles
+ if(this.deniedRoles != null)
+ {
+ rules.add(this.denyIfUserHasRole());
+ }
+
+ metadata.setTarget(target);
+ metadata.setRules(rules);
+
+ return metadata;
+ }
+ /**
* Creates a Policy Target suggesting that the Policy should apply to this
HttpResource
*
* @param matchAllParameters 'true' = include matching of all the parameters,
'false' = only url matching, parameters are excluded
@@ -203,33 +233,7 @@
private Rule denyIfUserHasRole()
{
return this.getDeniedRoles().denyIfUserHasRole();
- }
-
- public PolicyMetaData getPolicyMetaData(boolean matchAllParameters)
- {
- PolicyMetaData metadata = new PolicyMetaData();
-
- Target target = this.getURLTarget(matchAllParameters);
-
- Set<Rule> rules = new HashSet<Rule>();
-
- //Permitted Roles
- if(this.allowedRoles != null)
- {
- rules.add(this.allowIfUserHasRole());
- }
-
- //Denied Roles
- if(this.deniedRoles != null)
- {
- rules.add(this.denyIfUserHasRole());
- }
-
- metadata.setTarget(target);
- metadata.setRules(rules);
-
- return metadata;
- }
+ }
//---------Services for RequestContext
Generation------------------------------------------------------------------------------------------------------------------------------
/**
* Represents the Resource that is currently being accessed
6290
days inactive
6290
days old
portal-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
portal-commits@lists.jboss.org