[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
Shane_Bryzak at symantec.com
Wed Feb 14 02:17:27 EST 2007
User: sbryzak2
Date: 07/02/14 02:17:27
Modified: src/main/org/jboss/seam/security Identity.java
Log:
fine grained entity security
Revision Changes Path
1.63 +47 -3 jboss-seam/src/main/org/jboss/seam/security/Identity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: Identity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -b -r1.62 -r1.63
--- Identity.java 13 Feb 2007 23:26:40 -0000 1.62
+++ Identity.java 14 Feb 2007 07:17:27 -0000 1.63
@@ -5,6 +5,7 @@
import static org.jboss.seam.annotations.Install.BUILT_IN;
import java.io.IOException;
+import java.lang.reflect.Method;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
@@ -28,6 +29,8 @@
import org.drools.RuleBaseFactory;
import org.drools.WorkingMemory;
import org.jboss.seam.Component;
+import org.jboss.seam.Entity;
+import org.jboss.seam.Model;
import org.jboss.seam.ScopeType;
import org.jboss.seam.Seam;
import org.jboss.seam.annotations.Create;
@@ -44,6 +47,7 @@
import org.jboss.seam.core.Expressions.MethodBinding;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
+import org.jboss.seam.util.Strings;
import org.jboss.seam.util.UnifiedELValueBinding;
@Name("org.jboss.seam.security.identity")
@@ -666,11 +670,51 @@
public void checkEntityPermission(Object entity, EntityAction action)
{
- if ( entity.getClass().isAnnotationPresent(Restrict.class) )
+ Entity e = (Entity) Model.forClass(entity.getClass());
+
+ if (e != null)
{
String name = Seam.getComponentName(entity.getClass());
if (name == null) name = entity.getClass().getName();
- checkPermission( name, action.toString(), entity );
+
+ Method m = null;
+ switch (action)
+ {
+ case READ:
+ m = e.getPostLoadMethod();
+ break;
+ case INSERT:
+ m = e.getPrePersistMethod();
+ break;
+ case UPDATE:
+ m = e.getPreUpdateMethod();
+ break;
+ case DELETE:
+ m = e.getPreRemoveMethod();
+ }
+
+ Restrict restrict = null;
+
+ if (m != null && m.isAnnotationPresent(Restrict.class))
+ {
+ restrict = m.getAnnotation(Restrict.class);
+ }
+ else if (entity.getClass().isAnnotationPresent(Restrict.class))
+ {
+ restrict = entity.getClass().getAnnotation(Restrict.class);
+ }
+
+ if (restrict != null)
+ {
+ if (Strings.isEmpty(restrict.value()))
+ {
+ checkPermission(name, action.toString(), entity);
+ }
+ else
+ {
+ checkRestriction(restrict.value());
+ }
+ }
}
}
}
More information about the jboss-cvs-commits
mailing list