X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;ds=sidebyside;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FDefaultAuthorizationService.java;h=a142712e395b999198fcd89d08ec065b2c64c221;hb=a0e5219a62cafc60127bcbb9ea2b7c3f8c403ccb;hp=1e5abb99c0e28cf9cc95b67e7187f0215c98efd6;hpb=74a6cd5b71b4f668ddac54c3237511ee11e8d84e;p=utils

diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java b/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java
index 1e5abb99..a142712e 100644
--- a/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java
+++ b/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java
@@ -21,13 +21,14 @@ import java.util.List;
 import javax.persistence.CascadeType;
 import javax.persistence.DiscriminatorValue;
 import javax.persistence.Entity;
-import javax.persistence.ManyToMany;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinTable;
 import javax.persistence.OneToMany;
 import javax.persistence.OrderColumn;
 import javax.persistence.Transient;
 
-import org.wamblee.usermgt.User;
-import org.wamblee.usermgt.UserAccessor;
+import org.wamblee.security.authentication.UserAccessor;
+import org.wamblee.security.authentication.UserAdministration;
 
 /**
  * Default implementation of an authorization service. To determine whether
@@ -42,12 +43,12 @@ import org.wamblee.usermgt.UserAccessor;
 @Entity
 @DiscriminatorValue("DEFAULT")
 public class DefaultAuthorizationService extends AbstractAuthorizationService {
-    
-    
+
     /**
      * List of ordered authorization rules.
      */
     @OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, targetEntity = AbstractAuthorizationRule.class)
+    @JoinTable(name = "SEC_AUTH_SVC_RULE", joinColumns = { @JoinColumn(name = "SVC_ID") }, inverseJoinColumns = { @JoinColumn(name = "RULE_ID") })
     @OrderColumn(name = "RULE_INDEX")
     private List<AuthorizationRule> rules;
 
@@ -57,18 +58,25 @@ public class DefaultAuthorizationService extends AbstractAuthorizationService {
     @Transient
     private UserAccessor userAccessor;
 
+    @Transient
+    private UserAdministration userAdmin;
+
     /**
      * Constructs the service.
      * 
      * @param aAccessor
      *            User accessor.
+     * @param aUserAdmin
+     *            User administration.
      * @param aName
      *            Name of this instance of the service.
      */
-    public DefaultAuthorizationService(UserAccessor aAccessor, String aName) {
+    public DefaultAuthorizationService(UserAccessor aAccessor,
+        UserAdministration aUserAdmin, String aName) {
         super(aName);
         rules = new ArrayList<AuthorizationRule>();
         userAccessor = aAccessor;
+        userAdmin = aUserAdmin;
     }
 
     /**
@@ -77,19 +85,22 @@ public class DefaultAuthorizationService extends AbstractAuthorizationService {
     public DefaultAuthorizationService() {
         rules = new ArrayList<AuthorizationRule>();
         userAccessor = null;
+        userAdmin = null;
     }
 
-    /**
-     * Sets the user accessor.
-     * 
-     * @param aUserAccessor
-     *            User accessor.
-     */
     @Override
     public void setUserAccessor(UserAccessor aUserAccessor) {
         userAccessor = aUserAccessor;
     }
 
+    @Override
+    public void setUserAdministration(UserAdministration aUserAdmin) {
+        userAdmin = aUserAdmin;
+        for (AuthorizationRule rule : rules) {
+            rule.setUserAdministration(userAdmin);
+        }
+    }
+
     /*
      * (non-Javadoc)
      * 
@@ -98,7 +109,7 @@ public class DefaultAuthorizationService extends AbstractAuthorizationService {
      * .lang.Object, org.wamblee.security.authorization.Operation)
      */
     public boolean isAllowed(Object aResource, Operation aOperation) {
-        User user = userAccessor.getCurrentUser();
+        String user = userAccessor.getCurrentUser();
 
         for (AuthorizationRule rule : rules) {
             switch (rule.isAllowed(aResource, aOperation, user)) {
@@ -144,6 +155,7 @@ public class DefaultAuthorizationService extends AbstractAuthorizationService {
      * .wamblee.security.authorization.AuthorizationRule)
      */
     public void appendRule(AuthorizationRule aRule) {
+        aRule.setUserAdministration(userAdmin);
         rules.add(aRule);
     }
 
@@ -155,6 +167,7 @@ public class DefaultAuthorizationService extends AbstractAuthorizationService {
      * (int, org.wamblee.security.authorization.AuthorizationRule)
      */
     public void insertRuleAfter(int aIndex, AuthorizationRule aRule) {
+        aRule.setUserAdministration(userAdmin);
         rules.add(aIndex, aRule);
     }
 
@@ -185,5 +198,8 @@ public class DefaultAuthorizationService extends AbstractAuthorizationService {
      */
     protected void setMappedRules(List<AuthorizationRule> aRules) {
         rules = aRules;
+        for (AuthorizationRule rule : rules) {
+            rule.setUserAdministration(userAdmin);
+        }
     }
 }