Author: shane.bryzak(a)jboss.com
Date: 2008-02-14 22:25:39 -0500 (Thu, 14 Feb 2008)
New Revision: 7426
Added:
trunk/src/main/org/jboss/seam/security/PermissionResolver.java
Modified:
trunk/src/main/org/jboss/seam/Component.java
trunk/src/main/org/jboss/seam/core/Init.java
trunk/src/main/org/jboss/seam/init/ComponentDescriptor.java
trunk/src/main/org/jboss/seam/init/Initialization.java
Log:
scan for permission resolvers
Modified: trunk/src/main/org/jboss/seam/Component.java
===================================================================
--- trunk/src/main/org/jboss/seam/Component.java 2008-02-15 02:30:12 UTC (rev 7425)
+++ trunk/src/main/org/jboss/seam/Component.java 2008-02-15 03:25:39 UTC (rev 7426)
@@ -82,6 +82,7 @@
import org.jboss.seam.annotations.faces.Validator;
import org.jboss.seam.annotations.intercept.InterceptorType;
import org.jboss.seam.annotations.intercept.Interceptors;
+import org.jboss.seam.annotations.security.PermissionAction;
import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.annotations.web.RequestParameter;
import org.jboss.seam.async.AsynchronousInterceptor;
@@ -151,6 +152,7 @@
private String[] dependencies;
private boolean synchronize;
private long timeout;
+ private boolean secure;
private Set<Class> businessInterfaces;
@@ -235,6 +237,7 @@
initImports(applicationContext);
initSynchronize();
initStartup();
+ initSecurity();
checkScopeForComponentType();
checkSynchronizedForComponentType();
@@ -1051,7 +1054,8 @@
{
addInterceptor( new Interceptor( new ManagedEntityIdentityInterceptor(), this )
);
}
- if ( beanClassHasAnnotation(Restrict.class) )
+
+ if (secure)
{
if (beanClassHasAnnotation("javax.jws.WebService"))
{
@@ -1060,8 +1064,31 @@
else
{
addInterceptor( new Interceptor( new SecurityInterceptor(), this ) );
+ }
+ }
+ }
+
+ private void initSecurity()
+ {
+ if ( beanClassHasAnnotation(Restrict.class) )
+ {
+ secure = true;
+ }
+
+ if (!secure)
+ {
+ for (Method method : getBeanClass().getMethods())
+ {
+ for (Annotation annotation : method.getAnnotations())
+ {
+ if
(annotation.annotationType().isAnnotationPresent(PermissionAction.class))
+ {
+ secure = true;
+ break;
+ }
+ }
}
- }
+ }
}
private static boolean hasAnnotation(Class clazz, Class annotationType)
Modified: trunk/src/main/org/jboss/seam/core/Init.java
===================================================================
--- trunk/src/main/org/jboss/seam/core/Init.java 2008-02-15 02:30:12 UTC (rev 7425)
+++ trunk/src/main/org/jboss/seam/core/Init.java 2008-02-15 03:25:39 UTC (rev 7426)
@@ -59,6 +59,7 @@
private Set<String> autocreateVariables = new HashSet<String>();
private Set<String> installedFilters = new HashSet<String>();
private Set<String> resourceProviders = new HashSet<String>();
+ private Set<String> permissionResolvers = new HashSet<String>();
private Set<String> hotDeployableComponents = new HashSet<String>();
@@ -456,6 +457,16 @@
{
return resourceProviders;
}
+
+ public void addPermissionResolver(String name)
+ {
+ permissionResolvers.add(name);
+ }
+
+ public Set<String> getPermissionResolvers()
+ {
+ return permissionResolvers;
+ }
public Set<String> getHotDeployableComponents()
{
Modified: trunk/src/main/org/jboss/seam/init/ComponentDescriptor.java
===================================================================
--- trunk/src/main/org/jboss/seam/init/ComponentDescriptor.java 2008-02-15 02:30:12 UTC
(rev 7425)
+++ trunk/src/main/org/jboss/seam/init/ComponentDescriptor.java 2008-02-15 03:25:39 UTC
(rev 7426)
@@ -8,6 +8,7 @@
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.core.Init;
+import org.jboss.seam.security.PermissionResolver;
import org.jboss.seam.web.AbstractResource;
/**
@@ -193,8 +194,13 @@
public boolean isResourceProvider()
{
return AbstractResource.class.isAssignableFrom(componentClass);
- }
+ }
+ public boolean isPermissionResolver()
+ {
+ return PermissionResolver.class.isAssignableFrom(componentClass);
+ }
+
@Override
public String toString()
{
Modified: trunk/src/main/org/jboss/seam/init/Initialization.java
===================================================================
--- trunk/src/main/org/jboss/seam/init/Initialization.java 2008-02-15 02:30:12 UTC (rev
7425)
+++ trunk/src/main/org/jboss/seam/init/Initialization.java 2008-02-15 03:25:39 UTC (rev
7426)
@@ -925,6 +925,11 @@
init.addResourceProvider( componentDescriptor.getName() );
}
+
+ if ( componentDescriptor.isPermissionResolver() )
+ {
+ init.addPermissionResolver( componentDescriptor.getName() );
+ }
}
}
Added: trunk/src/main/org/jboss/seam/security/PermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/PermissionResolver.java
(rev 0)
+++ trunk/src/main/org/jboss/seam/security/PermissionResolver.java 2008-02-15 03:25:39 UTC
(rev 7426)
@@ -0,0 +1,6 @@
+package org.jboss.seam.security;
+
+public interface PermissionResolver
+{
+ boolean hasPermission(Object target, String action);
+}
Show replies by date