[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
Shane_Bryzak at symantec.com
Tue Oct 17 22:03:19 EDT 2006
User: sbryzak2
Date: 06/10/17 22:03:19
Modified: src/main/org/jboss/seam/security SeamPermission.java
SeamSecurityManager.java
Log:
More security stuff
Revision Changes Path
1.2 +16 -0 jboss-seam/src/main/org/jboss/seam/security/SeamPermission.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SeamPermission.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamPermission.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- SeamPermission.java 17 Oct 2006 23:50:47 -0000 1.1
+++ SeamPermission.java 18 Oct 2006 02:03:19 -0000 1.2
@@ -2,6 +2,8 @@
import java.security.Permission;
import java.util.Arrays;
+import java.util.Set;
+import java.util.HashSet;
/**
* Represents permissions for a Seam component.
@@ -12,6 +14,7 @@
{
private String actions;
+ private Set<String> actionSet = new HashSet<String>();
/**
*
* @param name String
@@ -27,6 +30,8 @@
StringBuilder sorted = new StringBuilder();
for (String action : parts)
{
+ actionSet.add(action);
+
if (sorted.length() > 0)
sorted.append(',');
sorted.append(action);
@@ -45,6 +50,17 @@
return actions;
}
+ /**
+ * Returns true if this permission contains the specified action.
+ *
+ * @param action String
+ * @return boolean
+ */
+ public boolean containsAction(String action)
+ {
+ return actionSet.contains(action);
+ }
+
public boolean equals(Object obj)
{
if (!(obj instanceof SeamPermission))
1.4 +92 -2 jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SeamSecurityManager.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- SeamSecurityManager.java 17 Oct 2006 23:50:47 -0000 1.3
+++ SeamSecurityManager.java 18 Oct 2006 02:03:19 -0000 1.4
@@ -8,6 +8,13 @@
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.contexts.Contexts;
+import java.util.Map;
+import java.util.Set;
+import java.util.HashMap;
+import org.jboss.seam.annotations.Intercept;
+import org.jboss.seam.InterceptionType;
+import org.jboss.seam.Seam;
+import org.jboss.seam.annotations.DefinePermissions;
/**
* Holds configuration settings and provides functionality for the security API
@@ -16,18 +23,54 @@
*/
@Scope(APPLICATION)
@Name("org.jboss.seam.securityManager")
+ at Intercept(InterceptionType.NEVER)
public class SeamSecurityManager
{
/**
- * Directs the user to a login page.
+ * An action code that directs the user to a login page.
*/
private String loginAction = "login";
/**
- * Directs the user to a security error page.
+ * An action code that directs the user to a security error page.
*/
private String securityErrorAction = "securityError";
+ /**
+ * Maps roles to permissions
+ */
+ private Map<String,Set<SeamPermission>> rolePermissions = new HashMap<String,Set<SeamPermission>>();
+
+ private class PermissionsMetadata {
+ private String name;
+ private Map<String,String> providers;
+
+ public PermissionsMetadata(String name)
+ {
+ this.name = name;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public String getProviderName(String action)
+ {
+ return providers.get(action);
+ }
+
+ public void addProvider(String action, String providerName)
+ {
+ providers.put(action, providerName);
+ }
+ }
+
+ /**
+ *
+ */
+ private Map<Class,PermissionsMetadata> classPermissions = new HashMap<Class,PermissionsMetadata>();
+
public static SeamSecurityManager instance()
{
if (!Contexts.isApplicationContextActive())
@@ -68,13 +111,60 @@
public void checkPermission(String name, String action)
throws SecurityException
{
+ for (String role : Authentication.instance().getRoles())
+ {
+ Set<SeamPermission> permissions = rolePermissions.get(role);
+ if (permissions != null)
+ {
+ for (SeamPermission p : permissions)
+ {
+ if (p.getName().equals(name) && p.containsAction(action))
+ return;
+ }
+ }
+ }
+ throw new SecurityException(String.format(
+ "Authenticated principal does not contain required permission [name=%s,action=%s]",
+ name, action));
}
public void checkPermission(Object obj, String action)
throws SecurityException
{
+ PermissionsMetadata meta = getClassPermissionMetadata(obj.getClass());
+ }
+
+ private PermissionsMetadata getClassPermissionMetadata(Class cls)
+ {
+ if (!classPermissions.containsKey(cls))
+ {
+ synchronized(classPermissions)
+ {
+ if (!classPermissions.containsKey(cls))
+ {
+ // Determine the permission name. If it is specified in a @DefinePermissions
+ // annotation, use that one, otherwise use the component name. If the object
+ // is not a Seam component, use its fully qualified class name.
+
+ String name = null;
+
+ if (cls.isAnnotationPresent(DefinePermissions.class) &&
+ !"".equals(((DefinePermissions) cls.getAnnotation(DefinePermissions.class)).name()))
+ {
+ name = ((DefinePermissions) cls.getAnnotation(DefinePermissions.class)).name();
+ }
+ else
+ name = Seam.getComponentName(cls);
+
+ if (name == null)
+ name = cls.getName();
+
+ }
+ }
+ }
+ return classPermissions.get(cls);
}
public Permissions getPermissions(Object value)
More information about the jboss-cvs-commits
mailing list