import javax.persistence.CascadeType;
import javax.persistence.DiscriminatorValue;
import javax.persistence.Entity;
-import javax.persistence.ManyToMany;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinTable;
import javax.persistence.OneToMany;
import javax.persistence.OrderColumn;
import javax.persistence.Transient;
-import org.wamblee.usermgt.User;
-import org.wamblee.usermgt.UserAccessor;
+import org.wamblee.security.authentication.UserAccessor;
+import org.wamblee.security.authentication.UserAdministration;
/**
* Default implementation of an authorization service. To determine whether
@Entity
@DiscriminatorValue("DEFAULT")
public class DefaultAuthorizationService extends AbstractAuthorizationService {
-
-
+
/**
* List of ordered authorization rules.
*/
@OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, targetEntity = AbstractAuthorizationRule.class)
+ @JoinTable(name = "SEC_AUTH_SVC_RULE", joinColumns = { @JoinColumn(name = "SVC_ID") }, inverseJoinColumns = { @JoinColumn(name = "RULE_ID") })
@OrderColumn(name = "RULE_INDEX")
private List<AuthorizationRule> rules;
@Transient
private UserAccessor userAccessor;
+ @Transient
+ private UserAdministration userAdmin;
+
/**
* Constructs the service.
*
* @param aAccessor
* User accessor.
+ * @param aUserAdmin
+ * User administration.
* @param aName
* Name of this instance of the service.
*/
- public DefaultAuthorizationService(UserAccessor aAccessor, String aName) {
+ public DefaultAuthorizationService(UserAccessor aAccessor,
+ UserAdministration aUserAdmin, String aName) {
super(aName);
rules = new ArrayList<AuthorizationRule>();
userAccessor = aAccessor;
+ userAdmin = aUserAdmin;
}
/**
public DefaultAuthorizationService() {
rules = new ArrayList<AuthorizationRule>();
userAccessor = null;
+ userAdmin = null;
}
- /**
- * Sets the user accessor.
- *
- * @param aUserAccessor
- * User accessor.
- */
@Override
public void setUserAccessor(UserAccessor aUserAccessor) {
userAccessor = aUserAccessor;
}
+ @Override
+ public void setUserAdministration(UserAdministration aUserAdmin) {
+ userAdmin = aUserAdmin;
+ for (AuthorizationRule rule : rules) {
+ rule.setUserAdministration(userAdmin);
+ }
+ }
+
/*
* (non-Javadoc)
*
* .lang.Object, org.wamblee.security.authorization.Operation)
*/
public boolean isAllowed(Object aResource, Operation aOperation) {
- User user = userAccessor.getCurrentUser();
+ String user = userAccessor.getCurrentUser();
for (AuthorizationRule rule : rules) {
switch (rule.isAllowed(aResource, aOperation, user)) {
* .wamblee.security.authorization.AuthorizationRule)
*/
public void appendRule(AuthorizationRule aRule) {
+ aRule.setUserAdministration(userAdmin);
rules.add(aRule);
}
* (int, org.wamblee.security.authorization.AuthorizationRule)
*/
public void insertRuleAfter(int aIndex, AuthorizationRule aRule) {
+ aRule.setUserAdministration(userAdmin);
rules.add(aIndex, aRule);
}
*/
protected void setMappedRules(List<AuthorizationRule> aRules) {
rules = aRules;
+ for (AuthorizationRule rule : rules) {
+ rule.setUserAdministration(userAdmin);
+ }
}
}
git://wamblee.org / utils / blobdiff