[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...

[Shane Bryzak]

  User: sbryzak2
  Date: 07/02/14 02:17:27

  Modified:    src/main/org/jboss/seam/security  Identity.java
  Log:
  fine grained entity security
  
  Revision  Changes    Path
  1.63      +47 -3     jboss-seam/src/main/org/jboss/seam/security/Identity.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: Identity.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
  retrieving revision 1.62
  retrieving revision 1.63
  diff -u -b -r1.62 -r1.63
  --- Identity.java	13 Feb 2007 23:26:40 -0000	1.62
  +++ Identity.java	14 Feb 2007 07:17:27 -0000	1.63
  @@ -5,6 +5,7 @@
   import static org.jboss.seam.annotations.Install.BUILT_IN;
   
   import java.io.IOException;
  +import java.lang.reflect.Method;
   import java.security.Principal;
   import java.security.acl.Group;
   import java.util.ArrayList;
  @@ -28,6 +29,8 @@
   import org.drools.RuleBaseFactory;
   import org.drools.WorkingMemory;
   import org.jboss.seam.Component;
  +import org.jboss.seam.Entity;
  +import org.jboss.seam.Model;
   import org.jboss.seam.ScopeType;
   import org.jboss.seam.Seam;
   import org.jboss.seam.annotations.Create;
  @@ -44,6 +47,7 @@
   import org.jboss.seam.core.Expressions.MethodBinding;
   import org.jboss.seam.log.LogProvider;
   import org.jboss.seam.log.Logging;
  +import org.jboss.seam.util.Strings;
   import org.jboss.seam.util.UnifiedELValueBinding;
   
   @Name("org.jboss.seam.security.identity")
  @@ -666,11 +670,51 @@
   
      public void checkEntityPermission(Object entity, EntityAction action)
      {      
  -      if ( entity.getClass().isAnnotationPresent(Restrict.class) )
  +      Entity e = (Entity) Model.forClass(entity.getClass());
  +      
  +      if (e != null)
         {
            String name = Seam.getComponentName(entity.getClass());
            if (name == null) name = entity.getClass().getName();         
  -         checkPermission( name, action.toString(), entity );
  +         
  +         Method m = null;
  +         switch (action)
  +         {
  +            case READ:
  +               m = e.getPostLoadMethod();
  +               break;
  +            case INSERT:
  +               m = e.getPrePersistMethod();
  +               break;
  +            case UPDATE:
  +               m = e.getPreUpdateMethod();
  +               break;
  +            case DELETE:
  +               m = e.getPreRemoveMethod();
  +         }
  +         
  +         Restrict restrict = null;
  +         
  +         if (m != null && m.isAnnotationPresent(Restrict.class))
  +         {
  +            restrict = m.getAnnotation(Restrict.class);
  +         }
  +         else if (entity.getClass().isAnnotationPresent(Restrict.class))
  +         {
  +            restrict = entity.getClass().getAnnotation(Restrict.class);
  +         }
  +
  +         if (restrict != null)
  +         {
  +            if (Strings.isEmpty(restrict.value()))
  +            {
  +               checkPermission(name, action.toString(), entity);
  +            }
  +            else
  +            {
  +               checkRestriction(restrict.value());
  +            }
  +         }
         }
      }   
   }