[seam-commits] Seam SVN: r8661 - trunk/src/wicket/org/jboss/seam/wicket.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Tue Aug 12 00:29:20 EDT 2008
Author: shane.bryzak at jboss.com
Date: 2008-08-12 00:29:20 -0400 (Tue, 12 Aug 2008)
New Revision: 8661
Modified:
trunk/src/wicket/org/jboss/seam/wicket/SeamAuthorizationStrategy.java
trunk/src/wicket/org/jboss/seam/wicket/WicketComponent.java
Log:
JBSEAM-3192
Modified: trunk/src/wicket/org/jboss/seam/wicket/SeamAuthorizationStrategy.java
===================================================================
--- trunk/src/wicket/org/jboss/seam/wicket/SeamAuthorizationStrategy.java 2008-08-12 02:24:23 UTC (rev 8660)
+++ trunk/src/wicket/org/jboss/seam/wicket/SeamAuthorizationStrategy.java 2008-08-12 04:29:20 UTC (rev 8661)
@@ -5,12 +5,9 @@
import org.apache.wicket.RestartResponseAtInterceptPageException;
import org.apache.wicket.authorization.Action;
import org.apache.wicket.authorization.IAuthorizationStrategy;
-import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
-import org.jboss.seam.security.Identity;
import org.jboss.seam.security.NotLoggedInException;
-import org.jboss.seam.util.Strings;
/**
* An authorization strategy for Wicket backed by Seam Security
@@ -47,25 +44,22 @@
*/
public boolean isInstantiationAuthorized(Class componentClass)
{
- Restrict restrict = (Restrict) componentClass.getAnnotation(Restrict.class);
- if ( restrict != null && Identity.isSecurityEnabled() )
+ try
{
- String expr = !Strings.isEmpty( restrict.value() ) ? restrict.value() : "#{identity.loggedIn}";
- try
- {
- Identity.instance().checkRestriction(expr);
- }
- catch (NotLoggedInException e)
- {
- log.error("Unauthorized access to " + componentClass.getName() + ", user not logged in", e);
- return handleException(componentClass);
- }
- catch (org.jboss.seam.security.AuthorizationException e)
- {
- log.error("Unauthorized access to " + componentClass.getName(), e);
- return handleException(componentClass);
- }
+ WicketComponent instance = WicketComponent.getInstance(componentClass);
+ if (instance != null) instance.checkRestrictions();
}
+ catch (NotLoggedInException e)
+ {
+ log.error("Unauthorized access to " + componentClass.getName() + ", user not logged in", e);
+ return handleException(componentClass);
+ }
+ catch (org.jboss.seam.security.AuthorizationException e)
+ {
+ log.error("Unauthorized access to " + componentClass.getName(), e);
+ return handleException(componentClass);
+ }
+
return true;
}
Modified: trunk/src/wicket/org/jboss/seam/wicket/WicketComponent.java
===================================================================
--- trunk/src/wicket/org/jboss/seam/wicket/WicketComponent.java 2008-08-12 02:24:23 UTC (rev 8660)
+++ trunk/src/wicket/org/jboss/seam/wicket/WicketComponent.java 2008-08-12 04:29:20 UTC (rev 8661)
@@ -3,6 +3,7 @@
import static org.jboss.seam.ScopeType.STATELESS;
import static org.jboss.seam.ScopeType.UNSPECIFIED;
+import java.lang.annotation.Annotation;
import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
@@ -13,6 +14,7 @@
import java.util.List;
import java.util.Set;
+import org.apache.wicket.util.string.Strings;
import org.jboss.seam.Component;
import org.jboss.seam.Namespace;
import org.jboss.seam.RequiredException;
@@ -26,12 +28,15 @@
import org.jboss.seam.annotations.bpm.BeginTask;
import org.jboss.seam.annotations.bpm.EndTask;
import org.jboss.seam.annotations.bpm.StartTask;
+import org.jboss.seam.annotations.security.Restrict;
+import org.jboss.seam.annotations.security.RoleCheck;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.core.Expressions;
import org.jboss.seam.core.Init;
import org.jboss.seam.log.Log;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
+import org.jboss.seam.security.Identity;
import org.jboss.seam.wicket.ioc.BijectedAttribute;
import org.jboss.seam.wicket.ioc.BijectedField;
import org.jboss.seam.wicket.ioc.BijectedMethod;
@@ -89,6 +94,8 @@
private List<StatelessInterceptor<T>> interceptors = new ArrayList<StatelessInterceptor<T>>();
+ private Set<String> restrictions;
+
boolean anyMethodHasRaiseEvent = false;
public Class<?> getType()
@@ -163,6 +170,8 @@
scan();
+ scanRestrictions();
+
initInterceptors();
Contexts.getApplicationContext().set(getName(), this);
@@ -184,6 +193,44 @@
add(constructor);
}
}
+
+ private void scanRestrictions()
+ {
+ Class cls = type;
+
+ while (cls != null)
+ {
+ for (Annotation annotation : cls.getAnnotations())
+ {
+ if (annotation instanceof Restrict)
+ {
+ Restrict restrict = (Restrict) annotation;
+ if (restrictions == null) restrictions = new HashSet<String>();
+ restrictions.add(Strings.isEmpty(restrict.value()) ? "#{identity.loggedIn}" : restrict.value());
+ }
+
+ if (annotation.annotationType().isAnnotationPresent(RoleCheck.class))
+ {
+ if (restrictions == null) restrictions = new HashSet<String>();
+ restrictions.add("#{identity.hasRole('" +
+ annotation.annotationType().getSimpleName().toLowerCase() + "')}");
+ }
+ }
+
+ cls = cls.getEnclosingClass();
+ }
+ }
+
+ public void checkRestrictions()
+ {
+ if (Identity.isSecurityEnabled() && restrictions != null)
+ {
+ for (String restriction : restrictions)
+ {
+ Identity.instance().checkRestriction(restriction);
+ }
+ }
+ }
public void outject(T target)
{
More information about the seam-commits
mailing list