import java.util.ArrayList;
import java.util.List;
-
/**
- * Default implementation of an authorization service. To determine
- * whether access to a resource is allowed, the service consults a number of
+ * Default implementation of an authorization service. To determine whether
+ * access to a resource is allowed, the service consults a number of
* authorization rules in a fixed order. The first rule that gives a result
- * GRANTED or DENIED determines the result of the evaluation. Rules that
- * return any other result are ignoed. If none of the rules match, than
- * access is denied.
- *
+ * GRANTED or DENIED determines the result of the evaluation. Rules that return
+ * any other result are ignoed. If none of the rules match, than access is
+ * denied.
+ *
* @author Erik Brakkee
*/
-public class DefaultAuthorizationService extends AbstractPersistent
- implements AuthorizationService {
+public class DefaultAuthorizationService extends AbstractPersistent implements
+ AuthorizationService {
/**
* List of ordered authorization rules.
*/
*/
private String name;
-/**
- * Constructs the service.
- * @param aAccessor User accessor.
- * @param aName Name of this instance of the service.
+ /**
+ * Constructs the service.
+ *
+ * @param aAccessor
+ * User accessor.
+ * @param aName
+ * Name of this instance of the service.
*/
public DefaultAuthorizationService(UserAccessor aAccessor, String aName) {
- rules
= new ArrayList<AuthorizationRule>();
- userAccessor = aAccessor;
- name = aName;
+ rules = new ArrayList<AuthorizationRule>();
+ userAccessor = aAccessor;
+ name = aName;
}
-/**
- * Constructs the authorization service.
+ /**
+ * Constructs the authorization service.
*/
public DefaultAuthorizationService() {
- rules
= new ArrayList<AuthorizationRule>();
- userAccessor = null;
- name = null;
+ rules = new ArrayList<AuthorizationRule>();
+ userAccessor = null;
+ name = null;
}
/**
* Sets the user accessor.
- *
- * @param aUserAccessor User accessor.
+ *
+ * @param aUserAccessor
+ * User accessor.
*/
public void setUserAccessor(UserAccessor aUserAccessor) {
userAccessor = aUserAccessor;
}
- /* (non-Javadoc)
- * @see org.wamblee.security.authorization.AuthorizationService#isAllowed(java.lang.Object, org.wamblee.security.authorization.Operation)
- */
- /**
- * DOCUMENT ME!
- *
- * @param aResource DOCUMENT ME!
- * @param aOperation DOCUMENT ME!
- *
- * @return DOCUMENT ME!
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.wamblee.security.authorization.AuthorizationService#isAllowed(java
+ * .lang.Object, org.wamblee.security.authorization.Operation)
*/
public boolean isAllowed(Object aResource, Operation aOperation) {
User user = userAccessor.getCurrentUser();
for (AuthorizationRule rule : rules) {
switch (rule.isAllowed(aResource, aOperation, user)) {
- case DENIED:
- return false;
+ case DENIED:
+ return false;
- case GRANTED:
- return true;
+ case GRANTED:
+ return true;
}
}
return false;
}
- /* (non-Javadoc)
- * @see org.wamblee.security.authorization.AuthorizationService#check(T, org.wamblee.security.authorization.Operation)
- */
- /**
- * DOCUMENT ME!
- *
- * @param <T> DOCUMENT ME!
- * @param aResource DOCUMENT ME!
- * @param aOperation DOCUMENT ME!
- *
- * @return DOCUMENT ME!
- *
- * @throws AuthorizationException DOCUMENT ME!
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.wamblee.security.authorization.AuthorizationService#check(T,
+ * org.wamblee.security.authorization.Operation)
*/
public <T> T check(T aResource, Operation aOperation) {
if (!isAllowed(aResource, aOperation)) {
return aResource;
}
- /**
- * DOCUMENT ME!
- *
- * @return DOCUMENT ME!
- */
protected String getName() {
return name;
}
- /**
- * DOCUMENT ME!
- *
- * @param aName DOCUMENT ME!
- */
public void setName(String aName) {
name = aName;
}
- /* (non-Javadoc)
+ /*
+ * (non-Javadoc)
+ *
* @see org.wamblee.security.authorization.AuthorizationService#getRules()
*/
- /**
- * DOCUMENT ME!
- *
- * @return DOCUMENT ME!
- */
public AuthorizationRule[] getRules() {
return rules.toArray(new AuthorizationRule[0]);
}
- /* (non-Javadoc)
- * @see org.wamblee.security.authorization.AuthorizationService#appendRule(org.wamblee.security.authorization.AuthorizationRule)
- */
- /**
- * DOCUMENT ME!
- *
- * @param aRule DOCUMENT ME!
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.wamblee.security.authorization.AuthorizationService#appendRule(org
+ * .wamblee.security.authorization.AuthorizationRule)
*/
public void appendRule(AuthorizationRule aRule) {
rules.add(aRule);
}
- /* (non-Javadoc)
- * @see org.wamblee.security.authorization.AuthorizationService#insertRuleAfter(int, org.wamblee.security.authorization.AuthorizationRule)
- */
- /**
- * DOCUMENT ME!
- *
- * @param aIndex DOCUMENT ME!
- * @param aRule DOCUMENT ME!
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.wamblee.security.authorization.AuthorizationService#insertRuleAfter
+ * (int, org.wamblee.security.authorization.AuthorizationRule)
*/
public void insertRuleAfter(int aIndex, AuthorizationRule aRule) {
rules.add(aIndex, aRule);
}
- /* (non-Javadoc)
- * @see org.wamblee.security.authorization.AuthorizationService#removeRule(int)
- */
- /**
- * DOCUMENT ME!
- *
- * @param aIndex DOCUMENT ME!
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.wamblee.security.authorization.AuthorizationService#removeRule(int)
*/
public void removeRule(int aIndex) {
rules.remove(aIndex);
/**
* For OR mapping.
- *
+ *
* @return The rules.
*/
protected List<AuthorizationRule> getMappedRules() {
/**
* For OR mapping.
- *
- * @param aRules The rules.
+ *
+ * @param aRules
+ * The rules.
*/
protected void setMappedRules(List<AuthorizationRule> aRules) {
rules = aRules;
git://wamblee.org / utils / blobdiff