* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.wamblee.security.authorization;
-import org.wamblee.persistence.AbstractPersistent;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.persistence.CascadeType;
+import javax.persistence.DiscriminatorValue;
+import javax.persistence.Entity;
+import javax.persistence.ManyToMany;
+import javax.persistence.OneToMany;
+import javax.persistence.OrderColumn;
+import javax.persistence.Transient;
import org.wamblee.usermgt.User;
import org.wamblee.usermgt.UserAccessor;
-import java.util.ArrayList;
-import java.util.List;
-
/**
* Default implementation of an authorization service. To determine whether
* access to a resource is allowed, the service consults a number of
*
* @author Erik Brakkee
*/
-public class DefaultAuthorizationService extends AbstractPersistent implements
- AuthorizationService {
+@Entity
+@DiscriminatorValue("DEFAULT")
+public class DefaultAuthorizationService extends AbstractAuthorizationService {
+
+
/**
* List of ordered authorization rules.
*/
+ @OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, targetEntity = AbstractAuthorizationRule.class)
+ @OrderColumn(name = "RULE_INDEX")
private List<AuthorizationRule> rules;
/**
* User accessor used to obtain the current user.
*/
+ @Transient
private UserAccessor userAccessor;
/**
* @param aUserAccessor
* User accessor.
*/
+ @Override
public void setUserAccessor(UserAccessor aUserAccessor) {
userAccessor = aUserAccessor;
}
* @see org.wamblee.security.authorization.AuthorizationService#getRules()
*/
public AuthorizationRule[] getRules() {
- return rules.toArray(new AuthorizationRule[0]);
+ return rules.toArray(new AbstractAuthorizationRule[0]);
}
/*