[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...

Tue Dec 19 22:35:21 EST 2006

  User: sbryzak2
  Date: 06/12/19 22:35:21

  Modified:    src/main/org/jboss/seam/security  SeamSecurityManager.java
  Log:
  added hasRole and hasPermission EL functions
  
  Revision  Changes    Path
  1.28      +162 -145  jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamSecurityManager.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
  retrieving revision 1.27
  retrieving revision 1.28
  diff -u -b -r1.27 -r1.28
  --- SeamSecurityManager.java	16 Dec 2006 02:58:12 -0000	1.27
  +++ SeamSecurityManager.java	20 Dec 2006 03:35:21 -0000	1.28
  @@ -1,5 +1,8 @@
   package org.jboss.seam.security;
   
  +import static org.jboss.seam.ScopeType.APPLICATION;
  +import static org.jboss.seam.annotations.Install.BUILT_IN;
  +
   import java.io.InputStream;
   import java.io.InputStreamReader;
   import java.security.acl.Permission;
  @@ -9,19 +12,16 @@
   import java.util.Map;
   import java.util.Set;
   
  -import org.jboss.seam.log.LogProvider;
  -import org.jboss.seam.log.Logging;
   import org.drools.FactHandle;
   import org.drools.RuleBase;
   import org.drools.RuleBaseFactory;
   import org.drools.WorkingMemory;
   import org.drools.compiler.PackageBuilder;
   import org.drools.compiler.PackageBuilderConfiguration;
  -import static org.jboss.seam.ScopeType.APPLICATION;
   import org.jboss.seam.Component;
   import org.jboss.seam.InterceptionType;
   import org.jboss.seam.ScopeType;
  -import static org.jboss.seam.annotations.Install.BUILT_IN;
  +import org.jboss.seam.Seam;
   import org.jboss.seam.annotations.Create;
   import org.jboss.seam.annotations.Install;
   import org.jboss.seam.annotations.Intercept;
  @@ -31,6 +31,8 @@
   import org.jboss.seam.contexts.Context;
   import org.jboss.seam.contexts.Contexts;
   import org.jboss.seam.core.Expressions;
  +import org.jboss.seam.log.LogProvider;
  +import org.jboss.seam.log.Logging;
   import org.jboss.seam.security.rules.PermissionCheck;
   import org.jboss.seam.util.Resources;
   
  @@ -39,10 +41,10 @@
    *
    * @author Shane Bryzak
    */
  - at Startup(depends="org.jboss.seam.security.securityConfiguration")
  + at Startup(depends = "org.jboss.seam.security.securityConfiguration")
   @Scope(APPLICATION)
   @Name("org.jboss.seam.securityManager")
  - at Install(value = false, precedence=BUILT_IN)
  + at Install(value = false, precedence = BUILT_IN)
   @Intercept(InterceptionType.NEVER)
   public class SeamSecurityManager
   {
  @@ -50,14 +52,15 @@
   
     private static final String SECURITY_CONTEXT_NAME = "org.jboss.seam.security.securityContext";
   
  -  private static final LogProvider log = Logging.getLogProvider(SeamSecurityManager.class);
  +   private static final LogProvider log = Logging
  +         .getLogProvider(SeamSecurityManager.class);
   
     private RuleBase securityRules;
   
     /**
      * Map roles to permissions
      */
  -  private Map<String,Set<Permission>> rolePermissions = new HashMap<String,Set<Permission>>();
  +   private Map<String, Set<Permission>> rolePermissions = new HashMap<String, Set<Permission>>();
   
     /**
      * Initialise the security manager
  @@ -65,8 +68,7 @@
      * @throws Exception
      */
     @Create
  -  public void initSecurityManager()
  -      throws Exception
  +   public void initSecurityManager() throws Exception
     {
       // Create the security rule base
       PackageBuilderConfiguration conf = new PackageBuilderConfiguration();
  @@ -81,7 +83,8 @@
         securityRules.addPackage(builder.getPackage());
       }
       else
  -      log.warn(String.format("Security rules file %s not found", SECURITY_RULES_FILENAME));
  +         log.warn(String.format("Security rules file %s not found",
  +               SECURITY_RULES_FILENAME));
     }
   
     /**
  @@ -94,10 +97,10 @@
       if (!Contexts.isApplicationContextActive())
          throw new IllegalStateException("No active application context");
   
  -    SeamSecurityManager instance = (SeamSecurityManager) Component.getInstance(
  -        SeamSecurityManager.class, ScopeType.APPLICATION);
  +      SeamSecurityManager instance = (SeamSecurityManager) Component
  +            .getInstance(SeamSecurityManager.class, ScopeType.APPLICATION);
   
  -    if (instance==null)
  +      if (instance == null)
       {
         throw new IllegalStateException(
             "No SeamSecurityManager could be created, make sure the Component exists in application scope");
  @@ -107,14 +110,16 @@
     }
   
     /**
  -   * Evaluates the specified security expression, which must return a boolean value.
  +    * Evaluates the specified security expression, which must return a boolean
  +    * value.
      *
      * @param expr String
      * @return boolean
      */
     public boolean evaluateExpression(String expr)
     {
  -    return ((Boolean) Expressions.instance().createValueBinding(expr).getValue());
  +      return ((Boolean) Expressions.instance().createValueBinding(expr)
  +            .getValue());
     }
   
     /**
  @@ -125,7 +130,17 @@
      */
     public static boolean hasRole(String name)
     {
  -    return Identity.instance().isUserInRole(name);
  +      if (!Contexts.isSessionContextActive() || !Contexts.getSessionContext().isSet(
  +            Seam.getComponentName(Identity.class)))
  +      {
  +         return false;
  +      }
  +
  +      Identity ident = Identity.instance();
  +      if (!ident.isValid())
  +         return false;
  +      
  +      return ident.isUserInRole(name);
     }
   
     /**
  @@ -136,7 +151,8 @@
      * @param args Object[]
      * @return boolean
      */
  -  public static boolean hasPermission(String name, String action, Object ... args)
  +   public static boolean hasPermission(String name, String action,
  +         Object... args)
     {
       SeamSecurityManager mgr = instance();
   
  @@ -173,7 +189,8 @@
       if (!session.isSet(SECURITY_CONTEXT_NAME))
       {
         if (!Identity.instance().isValid())
  -        throw new IllegalStateException("Authenticated Identity is not valid");
  +            throw new IllegalStateException(
  +                  "Authenticated Identity is not valid");
   
         WorkingMemory wm = securityRules.newWorkingMemory();
         wm.assertObject(Identity.instance());