[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
Shane_Bryzak at symantec.com
Sun Feb 11 22:23:41 EST 2007
User: sbryzak2
Date: 07/02/11 22:23:41
Added: src/main/org/jboss/seam/security EntitySecurity.java
HibernateSecurityInterceptor.java
JPASecurityListener.java
Removed: src/main/org/jboss/seam/security
SecurityEntityListener.java
Log:
entity security
Revision Changes Path
1.1 date: 2007/02/12 03:23:41; author: sbryzak2; state: Exp;jboss-seam/src/main/org/jboss/seam/security/EntitySecurity.java
Index: EntitySecurity.java
===================================================================
package org.jboss.seam.security;
import org.jboss.seam.Seam;
import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.contexts.Contexts;
public class EntitySecurity
{
public enum Action { read, insert, update, delete }
public static void check(Object entity, Action action)
{
if (!entity.getClass().isAnnotationPresent(Restrict.class))
return;
String name = Seam.getComponentName(entity.getClass());
if (name == null) name = entity.getClass().getName();
Contexts.getMethodContext().set("entity", entity);
String expr = String.format("#{s:hasPermission('%s', '%s', entity)}",
name, action);
Identity.instance().checkRestriction(expr);
}
}
1.1 date: 2007/02/12 03:23:41; author: sbryzak2; state: Exp;jboss-seam/src/main/org/jboss/seam/security/HibernateSecurityInterceptor.java
Index: HibernateSecurityInterceptor.java
===================================================================
package org.jboss.seam.security;
import java.io.Serializable;
import org.hibernate.EmptyInterceptor;
import org.hibernate.type.Type;
import org.jboss.seam.security.EntitySecurity.Action;
public class HibernateSecurityInterceptor extends EmptyInterceptor
{
@Override
public boolean onLoad(Object entity, Serializable id, Object[] state,
String[] propertyNames, Type[] types)
{
EntitySecurity.check(entity, Action.read);
return true;
}
@Override
public void onDelete(Object entity, Serializable id, Object[] state,
String[] propertyNames, Type[] types)
{
EntitySecurity.check(entity, Action.delete);
}
@Override
public boolean onFlushDirty(Object entity, Serializable id, Object[] currentState,
Object[] previousState, String[] propertyNames, Type[] types)
{
EntitySecurity.check(entity, Action.update);
return true;
}
@Override
public boolean onSave(Object entity, Serializable id, Object[] state,
String[] propertyNames, Type[] types)
{
EntitySecurity.check(entity, Action.insert);
return true;
}
}
1.1 date: 2007/02/12 03:23:41; author: sbryzak2; state: Exp;jboss-seam/src/main/org/jboss/seam/security/JPASecurityListener.java
Index: JPASecurityListener.java
===================================================================
package org.jboss.seam.security;
import javax.persistence.PostLoad;
import javax.persistence.PrePersist;
import javax.persistence.PreRemove;
import javax.persistence.PreUpdate;
import org.jboss.seam.security.EntitySecurity.Action;
/**
* Facilitates security checks for entity beans.
*
* @author Shane Bryzak
*/
public class JPASecurityListener
{
@PostLoad
public void postLoad(Object entity)
{
EntitySecurity.check(entity, Action.read);
}
@PrePersist
public void prePersist(Object entity)
{
EntitySecurity.check(entity, Action.insert);
}
@PreUpdate
public void preUpdate(Object entity)
{
EntitySecurity.check(entity, Action.update);
}
@PreRemove
public void preRemove(Object entity)
{
EntitySecurity.check(entity, Action.delete);
}
}
More information about the jboss-cvs-commits
mailing list