[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...

Mon Jan 15 05:06:56 EST 2007

  User: sbryzak2
  Date: 07/01/15 05:06:56

  Modified:    src/main/org/jboss/seam/security  SeamSecurityManager.java
  Log:
  fixed NPE, minor changes
  
  Revision  Changes    Path
  1.40      +16 -4     jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamSecurityManager.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/SeamSecurityManager.java,v
  retrieving revision 1.39
  retrieving revision 1.40
  diff -u -b -r1.39 -r1.40
  --- SeamSecurityManager.java	13 Jan 2007 05:36:06 -0000	1.39
  +++ SeamSecurityManager.java	15 Jan 2007 10:06:55 -0000	1.40
  @@ -14,6 +14,8 @@
   import java.util.HashSet;
   import java.util.List;
   import java.util.Set;
  +import java.util.regex.Matcher;
  +import java.util.regex.Pattern;
   
   import javax.faces.context.FacesContext;
   import javax.security.auth.Subject;
  @@ -118,6 +120,8 @@
         return instance;
      }
   
  +   private static Pattern EXPR_PATTERN = Pattern.compile("(hasPermission\\s*\\(\\s*'[^']*'\\s*,\\s*'[^']*')(\\s*\\))");
  +
      /**
       * Evaluates the specified security expression, which must return a boolean
       * value.
  @@ -125,9 +129,14 @@
       * @param expr String The expression to evaluate
       * @return boolean The result of the expression evaluation
       */
  -   public boolean evaluateExpression(String expr) throws AuthorizationException
  +   public boolean evaluateExpression(String expr) 
  +       throws AuthorizationException
      {     
  -      return (Boolean) new UnifiedELValueBinding(expr).getValue(FacesContext.getCurrentInstance());
  +      // TODO Ugly hack!  Fix this once varargs work with EL      
  +      Matcher m = EXPR_PATTERN.matcher(expr);
  +      String replaced = m.replaceAll("$1, null$2");
  +      
  +      return (Boolean) new UnifiedELValueBinding(replaced).getValue(FacesContext.getCurrentInstance());
      }
   
      /**
  @@ -216,6 +225,8 @@
                        Principal role = (Principal) e.nextElement();
                        
                        Role r = config.getSecurityRole(role.getName());
  +                     if (r.getPermissions() != null)
  +                     {
                        for (Permission perm : r.getPermissions())
                        {
                           wm.assertObject(perm);
  @@ -223,6 +234,7 @@
                     }
                  }
               }
  +            }
               
               // Only set the security context if the user is already logged in            
               Contexts.getSessionContext().set(SECURITY_CONTEXT_NAME, wm);