[seam-commits] Seam SVN: r7675 - in trunk/src/main/org/jboss/seam: security/permission and 1 other directory.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Fri Mar 21 14:19:53 EDT 2008
Author: shane.bryzak at jboss.com
Date: 2008-03-21 14:19:52 -0400 (Fri, 21 Mar 2008)
New Revision: 7675
Added:
trunk/src/main/org/jboss/seam/annotations/security/AclFlag.java
trunk/src/main/org/jboss/seam/annotations/security/AclFlags.java
trunk/src/main/org/jboss/seam/security/permission/AccountPermissionStore.java
trunk/src/main/org/jboss/seam/security/permission/AccountType.java
trunk/src/main/org/jboss/seam/security/permission/AclPermission.java
trunk/src/main/org/jboss/seam/security/permission/AclPermissionResolver.java
trunk/src/main/org/jboss/seam/security/permission/AclPermissionStore.java
trunk/src/main/org/jboss/seam/security/permission/JpaAccountPermissionStore.java
trunk/src/main/org/jboss/seam/security/permission/JpaAclPermissionStore.java
trunk/src/main/org/jboss/seam/security/permission/PermissionManager.java
Removed:
trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java
trunk/src/main/org/jboss/seam/security/permission/PermissionStore.java
Modified:
trunk/src/main/org/jboss/seam/security/permission/AccountPermission.java
trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java
Log:
user/role permissions, acl permissions
Added: trunk/src/main/org/jboss/seam/annotations/security/AclFlag.java
===================================================================
--- trunk/src/main/org/jboss/seam/annotations/security/AclFlag.java (rev 0)
+++ trunk/src/main/org/jboss/seam/annotations/security/AclFlag.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,24 @@
+package org.jboss.seam.annotations.security;
+
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+/**
+ * Maps a permission for the target class to a bit value
+ *
+ * @author Shane Bryzak
+ */
+ at Target({TYPE})
+ at Documented
+ at Retention(RUNTIME)
+ at Inherited
+public @interface AclFlag
+{
+ long mask();
+ String action();
+}
Added: trunk/src/main/org/jboss/seam/annotations/security/AclFlags.java
===================================================================
--- trunk/src/main/org/jboss/seam/annotations/security/AclFlags.java (rev 0)
+++ trunk/src/main/org/jboss/seam/annotations/security/AclFlags.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,23 @@
+package org.jboss.seam.annotations.security;
+
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+/**
+ * Specifies a list of ACL flags for a class
+ *
+ * @author Shane Bryzak
+ */
+ at Target({TYPE})
+ at Documented
+ at Retention(RUNTIME)
+ at Inherited
+public @interface AclFlags
+{
+ AclFlag[] value() default {};
+}
Modified: trunk/src/main/org/jboss/seam/security/permission/AccountPermission.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/AccountPermission.java 2008-03-21 15:28:38 UTC (rev 7674)
+++ trunk/src/main/org/jboss/seam/security/permission/AccountPermission.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -7,9 +7,7 @@
* @author Shane Bryzak
*/
public abstract class AccountPermission
-{
- public enum AccountType {user, role}
-
+{
public abstract String getTarget();
public abstract void setTarget(String target);
Added: trunk/src/main/org/jboss/seam/security/permission/AccountPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/AccountPermissionStore.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/AccountPermissionStore.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,17 @@
+package org.jboss.seam.security.permission;
+
+import java.util.List;
+
+/**
+ * Persistent store for account-based (user/role) permissions
+ *
+ * @author Shane Bryzak
+ */
+public interface AccountPermissionStore
+{
+ List<AccountPermission> listPermissions(String target, String action);
+ List<AccountPermission> listPermissions(String target);
+
+ boolean grantPermission(String target, String action, String account, AccountType accountType);
+ boolean revokePermission(String target, String action, String account, AccountType accountType);
+}
Added: trunk/src/main/org/jboss/seam/security/permission/AccountType.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/AccountType.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/AccountType.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,7 @@
+package org.jboss.seam.security.permission;
+
+public enum AccountType
+{
+ user,
+ role
+}
Added: trunk/src/main/org/jboss/seam/security/permission/AclPermission.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/AclPermission.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/AclPermission.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,19 @@
+package org.jboss.seam.security.permission;
+
+public abstract class AclPermission
+{
+ public abstract String getObjectId();
+ public abstract void setObjectId(String objectId);
+
+ public abstract String getIdentifier();
+ public abstract void setIdentifier(String identifier);
+
+ public abstract String getAccount();
+ public abstract void setAccount(String account);
+
+ public abstract AccountType getAccountType();
+ public abstract void setAccountType(AccountType accountType);
+
+ public abstract long getPermissions();
+ public abstract void setPermissions(long permissions);
+}
Added: trunk/src/main/org/jboss/seam/security/permission/AclPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/AclPermissionResolver.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/AclPermissionResolver.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,87 @@
+package org.jboss.seam.security.permission;
+
+import static org.jboss.seam.ScopeType.APPLICATION;
+import static org.jboss.seam.annotations.Install.FRAMEWORK;
+
+import java.io.Serializable;
+import java.util.List;
+
+import org.jboss.seam.Component;
+import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Startup;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.log.LogProvider;
+import org.jboss.seam.log.Logging;
+import org.jboss.seam.security.Identity;
+
+ at Name("org.jboss.seam.security.aclPermissionResolver")
+ at Scope(APPLICATION)
+ at BypassInterceptors
+ at Install(precedence=FRAMEWORK)
+ at Startup
+public class AclPermissionResolver implements PermissionResolver, Serializable
+{
+ private static final String DEFAULT_PERMISSION_STORE_NAME = "aclPermissionStore";
+
+ private AclPermissionStore permissionStore;
+
+ private static final LogProvider log = Logging.getLogProvider(AclPermissionResolver.class);
+
+ @Create
+ public void create()
+ {
+ initPermissionStore();
+ }
+
+ protected void initPermissionStore()
+ {
+ if (permissionStore == null)
+ {
+ permissionStore = (AclPermissionStore) Component.getInstance(DEFAULT_PERMISSION_STORE_NAME, true);
+ }
+
+ if (permissionStore == null)
+ {
+ log.warn("no permission store available - please install a PermissionStore with the name '" +
+ DEFAULT_PERMISSION_STORE_NAME + "' if acl-based permissions are required.");
+ }
+ }
+
+ public boolean hasPermission(Object target, String action)
+ {
+ if (permissionStore == null) return false;
+
+ List<AclPermission> permissions = permissionStore.listPermissions(target);
+
+ Identity identity = Identity.instance();
+
+ if (!identity.isLoggedIn()) return false;
+
+ String username = identity.getPrincipal().getName();
+
+ for (AclPermission permission : permissions)
+ {
+ if ((username.equals(permission.getAccount()) && permission.getAccountType().equals(AccountType.user)) ||
+ (permission.getAccountType().equals(AccountType.role) && identity.hasRole(permission.getAccount())))
+ {
+ if (hasPermissionFlag(target, action, permission.getPermissions()))
+ {
+ return true;
+ }
+ }
+ }
+
+ return false;
+ }
+
+ protected boolean hasPermissionFlag(Object target, String action, long permissions)
+ {
+ // TODO
+
+ return false;
+ }
+
+}
Added: trunk/src/main/org/jboss/seam/security/permission/AclPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/AclPermissionStore.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/AclPermissionStore.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,15 @@
+package org.jboss.seam.security.permission;
+
+import java.util.List;
+
+/**
+ * Persistent storage for ACL (instance-based) permissions
+ *
+ * @author Shane Bryzak
+ */
+public interface AclPermissionStore
+{
+ List<AclPermission> listPermissions(Object target);
+ boolean grantPermission(Object target, String action, String account, AccountType accountType);
+ boolean revokePermission(Object target, String action, String account, AccountType accountType);
+}
Modified: trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java 2008-03-21 15:28:38 UTC (rev 7674)
+++ trunk/src/main/org/jboss/seam/security/permission/DynamicPermissionResolver.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -17,7 +17,6 @@
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
import org.jboss.seam.security.Identity;
-import org.jboss.seam.security.permission.AccountPermission.AccountType;
/**
* Resolves dynamically-assigned permissions kept in a persistent store, such as a
@@ -32,9 +31,9 @@
@Startup
public class DynamicPermissionResolver implements PermissionResolver, Serializable
{
- private static final String DEFAULT_PERMISSION_STORE_NAME = "permissionStore";
+ private static final String DEFAULT_PERMISSION_STORE_NAME = "accountPermissionStore";
- private PermissionStore permissionStore;
+ private AccountPermissionStore permissionStore;
private static final LogProvider log = Logging.getLogProvider(DynamicPermissionResolver.class);
@@ -48,7 +47,7 @@
{
if (permissionStore == null)
{
- permissionStore = (PermissionStore) Component.getInstance(DEFAULT_PERMISSION_STORE_NAME, true);
+ permissionStore = (AccountPermissionStore) Component.getInstance(DEFAULT_PERMISSION_STORE_NAME, true);
}
if (permissionStore == null)
@@ -58,12 +57,12 @@
}
}
- public PermissionStore getPermissionStore()
+ public AccountPermissionStore getPermissionStore()
{
return permissionStore;
}
- public void setPermissionStore(PermissionStore permissionStore)
+ public void setPermissionStore(AccountPermissionStore permissionStore)
{
this.permissionStore = permissionStore;
}
Deleted: trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java 2008-03-21 15:28:38 UTC (rev 7674)
+++ trunk/src/main/org/jboss/seam/security/permission/JPAPermissionStore.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -1,122 +0,0 @@
-package org.jboss.seam.security.permission;
-
-import static org.jboss.seam.ScopeType.APPLICATION;
-
-import java.util.List;
-
-import javax.persistence.EntityManager;
-import javax.persistence.NoResultException;
-
-import org.jboss.seam.Component;
-import org.jboss.seam.annotations.Scope;
-import org.jboss.seam.annotations.intercept.BypassInterceptors;
-import org.jboss.seam.security.permission.AccountPermission.AccountType;
-
-/**
- * A permission store implementation that uses JPA as its persistence mechanism.
- *
- * @author Shane Bryzak
- */
- at Scope(APPLICATION)
- at BypassInterceptors
-public class JPAPermissionStore implements PermissionStore
-{
- private String entityManagerName = "entityManager";
-
- private Class<? extends AccountPermission> permissionClass;
-
- public boolean grantPermission(String target, String action, String account,
- AccountType accountType)
- {
- try
- {
- if (permissionClass == null)
- {
- throw new RuntimeException("Could not grant permission, permissionClass not set");
- }
-
- AccountPermission permission = permissionClass.newInstance();
- permission.setTarget(target);
- permission.setAction(action);
- permission.setAccount(account);
- permission.setAccountType(accountType);
-
- getEntityManager().persist(permission);
-
- return true;
- }
- catch (Exception ex)
- {
- throw new RuntimeException("Could not grant permission", ex);
- }
- }
-
- public boolean revokePermission(String target, String action,
- String account, AccountType accountType)
- {
- try
- {
- EntityManager em = getEntityManager();
-
- AccountPermission permission = (AccountPermission) em.createQuery(
- "from " + permissionClass.getName() +
- " where target = :target and action = :action and account = :account " +
- " and accountType = :accountType")
- .setParameter("target", target)
- .setParameter("action", "action")
- .setParameter("account", account)
- .setParameter("accountType", accountType)
- .getSingleResult();
-
- em.remove(permission);
- return true;
- }
- catch (NoResultException ex)
- {
- return false;
- }
- }
-
- public List<AccountPermission> listPermissions(String target, String action)
- {
- return getEntityManager().createQuery(
- "from " + permissionClass.getName() +
- " where target = :target and action = :action")
- .setParameter("target", target)
- .setParameter("action", action)
- .getResultList();
- }
-
- public List<AccountPermission> listPermissions(String target)
- {
- return getEntityManager().createQuery(
- "from " + permissionClass.getName() + " where target = :target")
- .setParameter("target", target)
- .getResultList();
- }
-
- private EntityManager getEntityManager()
- {
- return (EntityManager) Component.getInstance(entityManagerName);
- }
-
- public String getEntityManagerName()
- {
- return entityManagerName;
- }
-
- public void setEntityManagerName(String name)
- {
- this.entityManagerName = name;
- }
-
- public Class getPermissionClass()
- {
- return permissionClass;
- }
-
- public void setPermissionClass(Class permissionClass)
- {
- this.permissionClass = permissionClass;
- }
-}
Added: trunk/src/main/org/jboss/seam/security/permission/JpaAccountPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/JpaAccountPermissionStore.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/JpaAccountPermissionStore.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,121 @@
+package org.jboss.seam.security.permission;
+
+import static org.jboss.seam.ScopeType.APPLICATION;
+
+import java.util.List;
+
+import javax.persistence.EntityManager;
+import javax.persistence.NoResultException;
+
+import org.jboss.seam.Component;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+
+/**
+ * A permission store implementation that uses JPA as its persistence mechanism.
+ *
+ * @author Shane Bryzak
+ */
+ at Scope(APPLICATION)
+ at BypassInterceptors
+public class JpaAccountPermissionStore implements AccountPermissionStore
+{
+ private String entityManagerName = "entityManager";
+
+ private Class<? extends AccountPermission> permissionClass;
+
+ public boolean grantPermission(String target, String action, String account,
+ AccountType accountType)
+ {
+ try
+ {
+ if (permissionClass == null)
+ {
+ throw new RuntimeException("Could not grant permission, permissionClass not set");
+ }
+
+ AccountPermission permission = permissionClass.newInstance();
+ permission.setTarget(target);
+ permission.setAction(action);
+ permission.setAccount(account);
+ permission.setAccountType(accountType);
+
+ getEntityManager().persist(permission);
+
+ return true;
+ }
+ catch (Exception ex)
+ {
+ throw new RuntimeException("Could not grant permission", ex);
+ }
+ }
+
+ public boolean revokePermission(String target, String action,
+ String account, AccountType accountType)
+ {
+ try
+ {
+ EntityManager em = getEntityManager();
+
+ AccountPermission permission = (AccountPermission) em.createQuery(
+ "from " + permissionClass.getName() +
+ " where target = :target and action = :action and account = :account " +
+ " and accountType = :accountType")
+ .setParameter("target", target)
+ .setParameter("action", "action")
+ .setParameter("account", account)
+ .setParameter("accountType", accountType)
+ .getSingleResult();
+
+ em.remove(permission);
+ return true;
+ }
+ catch (NoResultException ex)
+ {
+ return false;
+ }
+ }
+
+ public List<AccountPermission> listPermissions(String target, String action)
+ {
+ return getEntityManager().createQuery(
+ "from " + permissionClass.getName() +
+ " where target = :target and action = :action")
+ .setParameter("target", target)
+ .setParameter("action", action)
+ .getResultList();
+ }
+
+ public List<AccountPermission> listPermissions(String target)
+ {
+ return getEntityManager().createQuery(
+ "from " + permissionClass.getName() + " where target = :target")
+ .setParameter("target", target)
+ .getResultList();
+ }
+
+ private EntityManager getEntityManager()
+ {
+ return (EntityManager) Component.getInstance(entityManagerName);
+ }
+
+ public String getEntityManagerName()
+ {
+ return entityManagerName;
+ }
+
+ public void setEntityManagerName(String name)
+ {
+ this.entityManagerName = name;
+ }
+
+ public Class getPermissionClass()
+ {
+ return permissionClass;
+ }
+
+ public void setPermissionClass(Class permissionClass)
+ {
+ this.permissionClass = permissionClass;
+ }
+}
Added: trunk/src/main/org/jboss/seam/security/permission/JpaAclPermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/JpaAclPermissionStore.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/JpaAclPermissionStore.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,54 @@
+package org.jboss.seam.security.permission;
+
+import java.io.Serializable;
+import java.util.List;
+
+public class JpaAclPermissionStore implements AclPermissionStore, Serializable
+{
+ private String entityManagerName = "entityManager";
+
+ private Class<? extends AclPermission> permissionClass;
+
+ protected String getIdentifier(Object target)
+ {
+ return null;
+ }
+
+ public boolean grantPermission(Object target, String action, String account, AccountType accountType)
+ {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public List<AclPermission> listPermissions(Object target)
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public boolean revokePermission(Object target, String action, String account, AccountType accountType)
+ {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public String getEntityManagerName()
+ {
+ return entityManagerName;
+ }
+
+ public void setEntityManagerName(String entityManagerName)
+ {
+ this.entityManagerName = entityManagerName;
+ }
+
+ public Class getPermissionClass()
+ {
+ return permissionClass;
+ }
+
+ public void setPermissionClass(Class permissionClass)
+ {
+ this.permissionClass = permissionClass;
+ }
+}
Added: trunk/src/main/org/jboss/seam/security/permission/PermissionManager.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/PermissionManager.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/permission/PermissionManager.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -0,0 +1,134 @@
+package org.jboss.seam.security.permission;
+
+import static org.jboss.seam.ScopeType.APPLICATION;
+import static org.jboss.seam.annotations.Install.BUILT_IN;
+
+import java.util.List;
+
+import org.jboss.seam.Component;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.contexts.Contexts;
+import org.jboss.seam.log.LogProvider;
+import org.jboss.seam.log.Logging;
+import org.jboss.seam.security.Identity;
+
+ at Scope(APPLICATION)
+ at Name("org.jboss.seam.security.permissionManager")
+ at Install(precedence = BUILT_IN)
+public class PermissionManager
+{
+ public static final String ACCOUNT_PERMISSION_STORE_COMPONENT_NAME = "accountPermissionStore";
+ public static final String ACL_PERMISSION_STORE_COMPONENT_NAME = "aclPermissionStore";
+
+ public static final String PERMISSION_PERMISSION_NAME = "seam.permission";
+
+ public static final String PERMISSION_READ = "read";
+ public static final String PERMISSION_GRANT = "grant";
+ public static final String PERMISSION_REVOKE = "revoke";
+
+ private static final LogProvider log = Logging.getLogProvider(PermissionManager.class);
+
+ private AccountPermissionStore accountPermissionStore;
+
+ private AclPermissionStore aclPermissionStore;
+
+ @Create
+ public void create()
+ {
+ if (accountPermissionStore == null)
+ {
+ accountPermissionStore = (AccountPermissionStore) Component.getInstance(ACCOUNT_PERMISSION_STORE_COMPONENT_NAME, true);
+ }
+
+ if (accountPermissionStore == null)
+ {
+ log.warn("no account permission store available - please install an AccountPermissionStore with the name '" +
+ ACCOUNT_PERMISSION_STORE_COMPONENT_NAME + "' if account-based permission management is required.");
+ }
+
+ if (aclPermissionStore == null)
+ {
+ aclPermissionStore = (AclPermissionStore) Component.getInstance(ACL_PERMISSION_STORE_COMPONENT_NAME);
+ }
+
+ if (aclPermissionStore == null)
+ {
+ log.warn("no ACL permission store available - please install an AclPermissionStore with the name '" +
+ ACL_PERMISSION_STORE_COMPONENT_NAME + "' if ACL-based permission management is required.");
+ }
+ }
+
+ public static PermissionManager instance()
+ {
+ if ( !Contexts.isApplicationContextActive() )
+ {
+ throw new IllegalStateException("No active application context");
+ }
+
+ PermissionManager instance = (PermissionManager) Component.getInstance(
+ PermissionManager.class, ScopeType.APPLICATION);
+
+ if (instance == null)
+ {
+ throw new IllegalStateException("No PermissionManager could be created");
+ }
+
+ return instance;
+ }
+
+ public AccountPermissionStore getAccountPermissionStore()
+ {
+ return accountPermissionStore;
+ }
+
+ public void setAccountPermissionStore(AccountPermissionStore accountPermissionStore)
+ {
+ this.accountPermissionStore = accountPermissionStore;
+ }
+
+ public List<AccountPermission> listPermissions(String target, String action)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_READ);
+ return accountPermissionStore.listPermissions(target, action);
+ }
+
+ public List<AccountPermission> listPermissions(String target)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_READ);
+ return accountPermissionStore.listPermissions(target);
+ }
+
+ public List<AclPermission> listPermissions(Object target)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_READ);
+ return aclPermissionStore.listPermissions(target);
+ }
+
+ public boolean grantPermission(String target, String action, String account, AccountType accountType)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_GRANT);
+ return accountPermissionStore.grantPermission(target, action, account, accountType);
+ }
+
+ public boolean grantPermission(Object target, String action, String account, AccountType accountType)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_GRANT);
+ return aclPermissionStore.grantPermission(target, action, account, accountType);
+ }
+
+ public boolean revokePermission(String target, String action, String account, AccountType accountType)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_REVOKE);
+ return accountPermissionStore.revokePermission(target, action, account, accountType);
+ }
+
+ public boolean revokePermission(Object target, String action, String account, AccountType accountType)
+ {
+ Identity.instance().checkPermission(PERMISSION_PERMISSION_NAME, PERMISSION_REVOKE);
+ return aclPermissionStore.revokePermission(target, action, account, accountType);
+ }
+}
Deleted: trunk/src/main/org/jboss/seam/security/permission/PermissionStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/PermissionStore.java 2008-03-21 15:28:38 UTC (rev 7674)
+++ trunk/src/main/org/jboss/seam/security/permission/PermissionStore.java 2008-03-21 18:19:52 UTC (rev 7675)
@@ -1,19 +0,0 @@
-package org.jboss.seam.security.permission;
-
-import java.util.List;
-
-import org.jboss.seam.security.permission.AccountPermission.AccountType;
-
-/**
- * Persistent store for user/role permissions
- *
- * @author Shane Bryzak
- */
-public interface PermissionStore
-{
- List<AccountPermission> listPermissions(String target, String action);
- List<AccountPermission> listPermissions(String target);
-
- boolean grantPermission(String target, String action, String account, AccountType accountType);
- boolean revokePermission(String target, String action, String account, AccountType accountType);
-}
More information about the seam-commits
mailing list