[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
Shane_Bryzak at symantec.com
Thu Oct 19 21:00:31 EDT 2006
User: sbryzak2
Date: 06/10/19 21:00:31
Modified: src/main/org/jboss/seam/security SeamSecurityManager.java
Log:
modified permission check logic
Revision Changes Path
1.9 +25 -12 jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SeamSecurityManager.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -b -r1.8 -r1.9
--- SeamSecurityManager.java 19 Oct 2006 05:30:28 -0000 1.8
+++ SeamSecurityManager.java 20 Oct 2006 01:00:31 -0000 1.9
@@ -133,24 +133,37 @@
checkPermission(meta.getName(), action, obj, (AclProvider) provider);
}
+ /**
+ * Checks the permission specified by name and action for an object. If an
+ * AclProvider is specified, then only an ACL check will be carried out using
+ * the provider. Otherwise, the permissions implied by the roles held by the
+ * currently authenticated user will be checked.
+ *
+ * A SecurityException is thrown if the currently authenticated user does not
+ * have the necessary permission for the specified object.
+ *
+ * @param name String The name of the permission
+ * @param action String The action
+ * @param obj Object The object to be checked
+ * @param aclProvider AclProvider ACL Provider for the specified object, or null if no provider
+ */
private void checkPermission(String name, String action, Object obj, AclProvider aclProvider)
{
Permission required = new SeamPermission(name, action);
- for (String role : Authentication.instance().getRoles())
- {
- Set<Permission> permissions = rolePermissions.get(role);
- if (permissions != null)
+ if (aclProvider != null)
{
- if (permissions.contains(required))
- {
- if (aclProvider == null)
- return;
-
Acl acl = aclProvider.getAcls(obj, Authentication.instance());
- if (acl.checkPermission(Authentication.instance(), new SeamPermission(name, action)))
+ if (acl != null && acl.checkPermission(Authentication.instance(), required))
return;
}
+ else
+ {
+ for (String role : Authentication.instance().getRoles())
+ {
+ Set<Permission> permissions = rolePermissions.get(role);
+ if (permissions != null && permissions.contains(required))
+ return;
}
}
More information about the jboss-cvs-commits
mailing list