[seam-commits] Seam SVN: r9299 - trunk/src/main/org/jboss/seam/security.

Tue Oct 14 08:40:56 EDT 2008

Author: shane.bryzak at jboss.com
Date: 2008-10-14 08:40:56 -0400 (Tue, 14 Oct 2008)
New Revision: 9299

Modified:
   trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java
Log:
avoid EL if possible

Modified: trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java
===================================================================

--- trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java	2008-10-14 12:36:51 UTC (rev 9298)
+++ trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java	2008-10-14 12:40:56 UTC (rev 9299)
@@ -36,6 +36,9 @@
    {
       private String expression;
       
+      private String permissionTarget;
+      private String permissionAction;
+      
       private Map<String, Object> methodRestrictions;
       private Map<Integer,Set<String>> paramRestrictions;
       private Set<String> roleRestrictions;
@@ -45,6 +48,16 @@
          this.expression = expression;
       }
       
+      public void setPermissionTarget(String target)
+      {
+         this.permissionTarget = target;
+      }
+      
+      public void setPermissionAction(String action)
+      {
+         this.permissionAction = action;
+      }
+      
       public void addMethodRestriction(Object target, String action)
       {
          if (methodRestrictions == null)
@@ -123,6 +136,11 @@
                   Identity.instance().checkRole(role);
                }
             }
+            
+            if (permissionTarget != null && permissionAction != null)
+            {
+               Identity.instance().checkPermission(permissionTarget, permissionAction);
+            }
          }
       }
    }
@@ -169,8 +187,16 @@
                if (restrict != null)
                {
                   if (restriction == null) restriction = new Restriction();
-                  restriction.setExpression(!Strings.isEmpty( restrict.value() ) ? 
-                        restrict.value() : createDefaultExpr(method));
+                  
+                  if ( Strings.isEmpty(restrict.value()) )
+                  {
+                     restriction.setPermissionTarget(getComponent().getName());
+                     restriction.setPermissionAction(method.getName());
+                  }
+                  else
+                  {
+                     restriction.setExpression(restrict.value());
+                  }
                }
                
                for (Annotation annotation : method.getDeclaringClass().getAnnotations())
@@ -251,19 +277,6 @@
       }
    }
    
-   /**
-    * Creates a default security expression for a specified method.  The method must
-    * be a method of a Seam component.
-    * 
-    * @param method The method for which to create a default permission expression 
-    * @return The generated security expression.
-    */
-   private String createDefaultExpr(Method method)
-   {
-      return String.format( "#{s:hasPermission('%s','%s')}", 
-            getComponent().getName(), method.getName() );
-   }
-   
    public boolean isInterceptorEnabled()
    {
       return getComponent().isSecure() && !getComponent().beanClassHasAnnotation("javax.jws.WebService");


