[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Gavin King
gavin.king at jboss.com
Mon Feb 12 01:16:08 EST 2007
User: gavin
Date: 07/02/12 01:16:08
Modified: src/main/org/jboss/seam/security
AuthorizationException.java
HibernateSecurityInterceptor.java Identity.java
NotLoggedInException.java SecurityFunctions.java
SimpleGroup.java SimplePrincipal.java
Added: src/main/org/jboss/seam/security
EntityAction.java EntitySecurityListener.java
Removed: src/main/org/jboss/seam/security
EntitySecurity.java JPASecurityListener.java
Log:
move check() method onto Identity
Revision Changes Path
1.3 +6 -11 jboss-seam/src/main/org/jboss/seam/security/AuthorizationException.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: AuthorizationException.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/AuthorizationException.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- AuthorizationException.java 13 Jan 2007 05:36:06 -0000 1.2
+++ AuthorizationException.java 12 Feb 2007 06:16:08 -0000 1.3
@@ -7,14 +7,9 @@
*
* @author Shane Bryzak
*/
- at ApplicationException
+ at ApplicationException(rollback=true)
public class AuthorizationException extends RuntimeException
{
- public AuthorizationException()
- {
- super();
- }
-
public AuthorizationException(String message)
{
super(message);
1.2 +15 -5 jboss-seam/src/main/org/jboss/seam/security/HibernateSecurityInterceptor.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: HibernateSecurityInterceptor.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/HibernateSecurityInterceptor.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- HibernateSecurityInterceptor.java 12 Feb 2007 03:23:41 -0000 1.1
+++ HibernateSecurityInterceptor.java 12 Feb 2007 06:16:08 -0000 1.2
@@ -1,18 +1,28 @@
package org.jboss.seam.security;
+import static org.jboss.seam.security.EntityAction.DELETE;
+import static org.jboss.seam.security.EntityAction.INSERT;
+import static org.jboss.seam.security.EntityAction.READ;
+import static org.jboss.seam.security.EntityAction.UPDATE;
+
import java.io.Serializable;
import org.hibernate.EmptyInterceptor;
import org.hibernate.type.Type;
-import org.jboss.seam.security.EntitySecurity.Action;
+/**
+ * Facilitates security checks for Hibernate entities
+ *
+ * @author Shane Bryzak
+ *
+ */
public class HibernateSecurityInterceptor extends EmptyInterceptor
{
@Override
public boolean onLoad(Object entity, Serializable id, Object[] state,
String[] propertyNames, Type[] types)
{
- EntitySecurity.check(entity, Action.read);
+ Identity.instance().checkEntityPermission(entity, READ);
return true;
}
@@ -20,14 +30,14 @@
public void onDelete(Object entity, Serializable id, Object[] state,
String[] propertyNames, Type[] types)
{
- EntitySecurity.check(entity, Action.delete);
+ Identity.instance().checkEntityPermission(entity, DELETE);
}
@Override
public boolean onFlushDirty(Object entity, Serializable id, Object[] currentState,
Object[] previousState, String[] propertyNames, Type[] types)
{
- EntitySecurity.check(entity, Action.update);
+ Identity.instance().checkEntityPermission(entity, UPDATE);
return true;
}
@@ -35,7 +45,7 @@
public boolean onSave(Object entity, Serializable id, Object[] state,
String[] propertyNames, Type[] types)
{
- EntitySecurity.check(entity, Action.insert);
+ Identity.instance().checkEntityPermission(entity, INSERT);
return true;
}
}
1.58 +9 -0 jboss-seam/src/main/org/jboss/seam/security/Identity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: Identity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -b -r1.57 -r1.58
--- Identity.java 9 Feb 2007 15:36:11 -0000 1.57
+++ Identity.java 12 Feb 2007 06:16:08 -0000 1.58
@@ -35,6 +35,7 @@
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
+import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.core.Events;
import org.jboss.seam.core.FacesMessages;
@@ -631,4 +632,12 @@
{
this.securityRules = securityRules;
}
+
+ public void checkEntityPermission(Object entity, EntityAction action)
+ {
+ if ( entity.getClass().isAnnotationPresent(Restrict.class) )
+ {
+ checkPermission( entity.getClass().getName(), action.toString(), entity );
+ }
+ }
}
1.5 +2 -8 jboss-seam/src/main/org/jboss/seam/security/NotLoggedInException.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: NotLoggedInException.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/NotLoggedInException.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -b -r1.4 -r1.5
--- NotLoggedInException.java 9 Feb 2007 15:36:11 -0000 1.4
+++ NotLoggedInException.java 12 Feb 2007 06:16:08 -0000 1.5
@@ -7,11 +7,5 @@
*
* @author Shane Bryzak
*/
- at ApplicationException
-public class NotLoggedInException extends RuntimeException
-{
- public NotLoggedInException()
- {
- super();
- }
-}
+ at ApplicationException(rollback=true)
+public class NotLoggedInException extends RuntimeException {}
1.4 +4 -0 jboss-seam/src/main/org/jboss/seam/security/SecurityFunctions.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityFunctions.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SecurityFunctions.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- SecurityFunctions.java 31 Jan 2007 15:27:33 -0000 1.3
+++ SecurityFunctions.java 12 Feb 2007 06:16:08 -0000 1.4
@@ -15,8 +15,12 @@
public static boolean hasPermission(String name, String action, Object arg)
{
if (arg != null)
+ {
return Identity.instance().hasPermission(name, action, arg);
+ }
else
+ {
return Identity.instance().hasPermission(name, action);
}
+ }
}
1.3 +13 -6 jboss-seam/src/main/org/jboss/seam/security/SimpleGroup.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SimpleGroup.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SimpleGroup.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- SimpleGroup.java 9 Jan 2007 08:07:02 -0000 1.2
+++ SimpleGroup.java 12 Feb 2007 06:16:08 -0000 1.3
@@ -39,16 +39,20 @@
public boolean isMember(Principal member)
{
- if (members.contains(member))
+ if ( members.contains(member) )
+ {
return true;
+ }
else
{
for (Principal m : members)
{
if (m instanceof Group && ((Group) m).isMember(member))
+ {
return true;
}
}
+ }
return false;
}
@@ -70,13 +74,16 @@
@Override
public boolean equals(Object obj)
{
- if (!(obj instanceof SimpleGroup))
- return false;
-
+ if (obj instanceof SimpleGroup)
+ {
SimpleGroup other = (SimpleGroup) obj;
-
return other.name.equals(name);
}
+ else
+ {
+ return false;
+ }
+ }
@Override
public int hashCode()
1.5 +11 -9 jboss-seam/src/main/org/jboss/seam/security/SimplePrincipal.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SimplePrincipal.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SimplePrincipal.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -b -r1.4 -r1.5
--- SimplePrincipal.java 18 Jan 2007 18:54:00 -0000 1.4
+++ SimplePrincipal.java 12 Feb 2007 06:16:08 -0000 1.5
@@ -27,21 +27,23 @@
@Override
public boolean equals(Object obj)
{
- if (!(obj instanceof Principal))
- return false;
-
+ if (obj instanceof Principal)
+ {
Principal other = (Principal) obj;
-
- if (name == null)
- return other.getName() == null;
+ return name == null ?
+ other.getName() == null :
+ name.equals( other.getName() );
+ }
else
- return name.equals(other.getName());
+ {
+ return false;
+ }
}
@Override
public int hashCode()
{
- return name == null ? 0 : name.hashCode();
+ return name==null ? 0 : name.hashCode();
}
@Override
1.1 date: 2007/02/12 06:16:08; author: gavin; state: Exp;jboss-seam/src/main/org/jboss/seam/security/EntityAction.java
Index: EntityAction.java
===================================================================
package org.jboss.seam.security;
/**
* Actions that may be performed upon entities
* in JPA or Hibernate.
*
* @author Shane Bryzak
*
*/
public enum EntityAction {
READ,
INSERT,
UPDATE,
DELETE;
@Override
public String toString()
{
return super.name().toLowerCase();
}
}
1.1 date: 2007/02/12 06:16:08; author: gavin; state: Exp;jboss-seam/src/main/org/jboss/seam/security/EntitySecurityListener.java
Index: EntitySecurityListener.java
===================================================================
package org.jboss.seam.security;
import static org.jboss.seam.security.EntityAction.DELETE;
import static org.jboss.seam.security.EntityAction.INSERT;
import static org.jboss.seam.security.EntityAction.READ;
import static org.jboss.seam.security.EntityAction.UPDATE;
import javax.persistence.PostLoad;
import javax.persistence.PrePersist;
import javax.persistence.PreRemove;
import javax.persistence.PreUpdate;
/**
* Facilitates security checks for entity beans.
*
* @author Shane Bryzak
*/
public class EntitySecurityListener
{
@PostLoad
public void postLoad(Object entity)
{
Identity.instance().checkEntityPermission(entity, READ);
}
@PrePersist
public void prePersist(Object entity)
{
Identity.instance().checkEntityPermission(entity, INSERT);
}
@PreUpdate
public void preUpdate(Object entity)
{
Identity.instance().checkEntityPermission(entity, UPDATE);
}
@PreRemove
public void preRemove(Object entity)
{
Identity.instance().checkEntityPermission(entity, DELETE);
}
}
More information about the jboss-cvs-commits
mailing list