[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...

Shane Bryzak Shane_Bryzak at symantec.com
Tue Oct 17 22:03:19 EDT 2006


  User: sbryzak2
  Date: 06/10/17 22:03:19

  Modified:    src/main/org/jboss/seam/security   SeamPermission.java
                        SeamSecurityManager.java
  Log:
  More security stuff
  
  Revision  Changes    Path
  1.2       +16 -0     jboss-seam/src/main/org/jboss/seam/security/SeamPermission.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamPermission.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamPermission.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -b -r1.1 -r1.2
  --- SeamPermission.java	17 Oct 2006 23:50:47 -0000	1.1
  +++ SeamPermission.java	18 Oct 2006 02:03:19 -0000	1.2
  @@ -2,6 +2,8 @@
   
   import java.security.Permission;
   import java.util.Arrays;
  +import java.util.Set;
  +import java.util.HashSet;
   
   /**
    * Represents permissions for a Seam component.
  @@ -12,6 +14,7 @@
   {
     private String actions;
   
  +  private Set<String> actionSet = new HashSet<String>();
     /**
      *
      * @param name String
  @@ -27,6 +30,8 @@
       StringBuilder sorted = new StringBuilder();
       for (String action : parts)
       {
  +      actionSet.add(action);
  +
         if (sorted.length() > 0)
           sorted.append(',');
         sorted.append(action);
  @@ -45,6 +50,17 @@
       return actions;
     }
   
  +  /**
  +   * Returns true if this permission contains the specified action.
  +   *
  +   * @param action String
  +   * @return boolean
  +   */
  +  public boolean containsAction(String action)
  +  {
  +    return actionSet.contains(action);
  +  }
  +
     public boolean equals(Object obj)
     {
       if (!(obj instanceof SeamPermission))
  
  
  
  1.4       +92 -2     jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamSecurityManager.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -b -r1.3 -r1.4
  --- SeamSecurityManager.java	17 Oct 2006 23:50:47 -0000	1.3
  +++ SeamSecurityManager.java	18 Oct 2006 02:03:19 -0000	1.4
  @@ -8,6 +8,13 @@
   import org.jboss.seam.annotations.Name;
   import org.jboss.seam.annotations.Scope;
   import org.jboss.seam.contexts.Contexts;
  +import java.util.Map;
  +import java.util.Set;
  +import java.util.HashMap;
  +import org.jboss.seam.annotations.Intercept;
  +import org.jboss.seam.InterceptionType;
  +import org.jboss.seam.Seam;
  +import org.jboss.seam.annotations.DefinePermissions;
   
   /**
    * Holds configuration settings and provides functionality for the security API
  @@ -16,18 +23,54 @@
    */
   @Scope(APPLICATION)
   @Name("org.jboss.seam.securityManager")
  + at Intercept(InterceptionType.NEVER)
   public class SeamSecurityManager
   {
     /**
  -   * Directs the user to a login page.
  +   * An action code that directs the user to a login page.
      */
     private String loginAction = "login";
   
     /**
  -   * Directs the user to a security error page.
  +   * An action code that directs the user to a security error page.
      */
     private String securityErrorAction = "securityError";
   
  +  /**
  +   * Maps roles to permissions
  +   */
  +  private Map<String,Set<SeamPermission>> rolePermissions = new HashMap<String,Set<SeamPermission>>();
  +
  +  private class PermissionsMetadata {
  +    private String name;
  +    private Map<String,String> providers;
  +
  +    public PermissionsMetadata(String name)
  +    {
  +      this.name = name;
  +    }
  +
  +    public String getName()
  +    {
  +      return name;
  +    }
  +
  +    public String getProviderName(String action)
  +    {
  +      return providers.get(action);
  +    }
  +
  +    public void addProvider(String action, String providerName)
  +    {
  +      providers.put(action, providerName);
  +    }
  +  }
  +
  +  /**
  +   *
  +   */
  +  private Map<Class,PermissionsMetadata> classPermissions = new HashMap<Class,PermissionsMetadata>();
  +
     public static SeamSecurityManager instance()
     {
       if (!Contexts.isApplicationContextActive())
  @@ -68,13 +111,60 @@
     public void checkPermission(String name, String action)
         throws SecurityException
     {
  +    for (String role : Authentication.instance().getRoles())
  +    {
  +      Set<SeamPermission> permissions = rolePermissions.get(role);
  +      if (permissions != null)
  +      {
  +        for (SeamPermission p : permissions)
  +        {
  +          if (p.getName().equals(name) && p.containsAction(action))
  +            return;
  +        }
  +      }
  +    }
   
  +    throw new SecurityException(String.format(
  +      "Authenticated principal does not contain required permission [name=%s,action=%s]",
  +      name, action));
     }
   
     public void checkPermission(Object obj, String action)
         throws SecurityException
     {
  +    PermissionsMetadata meta = getClassPermissionMetadata(obj.getClass());
  +  }
  +
  +  private PermissionsMetadata getClassPermissionMetadata(Class cls)
  +  {
  +    if (!classPermissions.containsKey(cls))
  +    {
  +      synchronized(classPermissions)
  +      {
  +        if (!classPermissions.containsKey(cls))
  +        {
  +          // Determine the permission name.  If it is specified in a @DefinePermissions
  +          // annotation, use that one, otherwise use the component name.  If the object
  +          // is not a Seam component, use its fully qualified class name.
  +
  +          String name = null;
  +
  +          if (cls.isAnnotationPresent(DefinePermissions.class) &&
  +              !"".equals(((DefinePermissions) cls.getAnnotation(DefinePermissions.class)).name()))
  +          {
  +            name = ((DefinePermissions) cls.getAnnotation(DefinePermissions.class)).name();
  +          }
  +          else
  +            name = Seam.getComponentName(cls);
  +
  +          if (name == null)
  +            name = cls.getName();
  +
  +        }
  +      }
  +    }
   
  +    return classPermissions.get(cls);
     }
   
     public Permissions getPermissions(Object value)
  
  
  



More information about the jboss-cvs-commits mailing list