[seam-commits] Seam SVN: r7574 - trunk/src/main/org/jboss/seam/security/permission.

[seam-commits at lists.jboss.org]

Author: shane.bryzak at jboss.com
Date: 2008-03-13 19:45:07 -0400 (Thu, 13 Mar 2008)
New Revision: 7574

Modified:
   trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java
Log:
implementation

Modified: trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java	2008-03-13 19:17:15 UTC (rev 7573)
+++ trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java	2008-03-13 23:45:07 UTC (rev 7574)
@@ -4,12 +4,16 @@
 import static org.jboss.seam.annotations.Install.FRAMEWORK;
 
 import java.io.Serializable;
+import java.util.List;
 
+import org.jboss.seam.Seam;
 import org.jboss.seam.annotations.Install;
 import org.jboss.seam.annotations.Name;
 import org.jboss.seam.annotations.Scope;
 import org.jboss.seam.annotations.Startup;
 import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.security.Identity;
+import org.jboss.seam.security.permission.AccountPermission.AccountType;
 
 /**
  * Resolves permissions dynamically assigned in a persistent store, such as a 
@@ -24,8 +28,49 @@
 @Startup
 public class DynamicPermissionResolver implements PermissionResolver, Serializable
 {   
-   public boolean hasPermission(Object target, String action)
+   private PermissionStore permissionStore;
+   
+   public PermissionStore getPermissionStore()
    {
-      return false;  
+      return permissionStore;
    }
+   
+   public void setPermissionStore(PermissionStore permissionStore)
+   {
+      this.permissionStore = permissionStore;
+   }
+   
+   public boolean hasPermission(Object target, String action)
+   {      
+      if (permissionStore == null) return false;
+      
+      Identity identity = Identity.instance();
+      
+      if (!identity.isLoggedIn()) return false;
+      
+      String targetName = Seam.getComponentName(target.getClass());
+      if (targetName == null)
+      {
+         targetName = target.getClass().getName();
+      }
+      
+      List<AccountPermission> permissions = permissionStore.listPermissions(targetName, action);
+      
+      String username = identity.getPrincipal().getName();
+      
+      for (AccountPermission permission : permissions)
+      {
+         if (username.equals(permission.getAccount()) && permission.getAccountType().equals(AccountType.user))
+         {
+            return true;
+         }
+         
+         if (permission.getAccountType().equals(AccountType.role) && identity.hasRole(permission.getAccount()))
+         {
+            return true;
+         }
+      }      
+      
+      return false;
+   }
 }