[seam-commits] Seam SVN: r8091 - in trunk/src/main/org/jboss/seam/security: permission and 1 other directory.

Thu May 1 00:30:06 EDT 2008

Author: shane.bryzak at jboss.com
Date: 2008-05-01 00:30:06 -0400 (Thu, 01 May 2008)
New Revision: 8091

Modified:
   trunk/src/main/org/jboss/seam/security/Role.java
   trunk/src/main/org/jboss/seam/security/permission/PersistentPermissionResolver.java
Log:
groundwork for dynamic roles

Modified: trunk/src/main/org/jboss/seam/security/Role.java
===================================================================

--- trunk/src/main/org/jboss/seam/security/Role.java	2008-05-01 02:37:36 UTC (rev 8090)
+++ trunk/src/main/org/jboss/seam/security/Role.java	2008-05-01 04:30:06 UTC (rev 8091)
@@ -1,14 +1,28 @@
 package org.jboss.seam.security;
 
 /**
- * Represents a user role
+ * Represents a user role.  A dynamic role is a special type of role that is assigned to a user
+ * based on the contextual state of a permission check.
  *  
  * @author Shane Bryzak
  */
 public class Role extends SimplePrincipal
 {   
+   private boolean dynamic;
+   
    public Role(String name)
    {
       super(name);
    }   
+   
+   public Role(String name, boolean dynamic)
+   {
+      this(name);
+      this.dynamic = true;
+   }
+   
+   public boolean isDynamic()
+   {
+      return dynamic;
+   }
 }

Modified: trunk/src/main/org/jboss/seam/security/permission/PersistentPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/permission/PersistentPermissionResolver.java	2008-05-01 02:37:36 UTC (rev 8090)
+++ trunk/src/main/org/jboss/seam/security/permission/PersistentPermissionResolver.java	2008-05-01 04:30:06 UTC (rev 8091)
@@ -17,6 +17,8 @@
 import org.jboss.seam.log.LogProvider;
 import org.jboss.seam.log.Logging;
 import org.jboss.seam.security.Identity;
+import org.jboss.seam.security.Role;
+import org.jboss.seam.security.SimplePrincipal;
 
 /**
  * Resolves dynamically-assigned permissions, mapped to a user or a role, and kept in persistent 
@@ -85,14 +87,24 @@
       
       for (Permission permission : permissions)
       {
-         if (username.equals(permission.getRecipient().getName()))
+         if (permission.getRecipient() instanceof SimplePrincipal &&
+               username.equals(permission.getRecipient().getName()))
          {
             return true;
          }
          
-         if (identity.hasRole(permission.getRecipient().getName()))
+         if (permission.getRecipient() instanceof Role)
          {
-            return true;
+            Role role = (Role) permission.getRecipient();
+            
+            if (role.isDynamic())
+            {
+               // TODO implement dynamic permissions
+            }
+            else if (identity.hasRole(role.getName()))
+            {
+               return true;
+            }
          }
       }      
       


