X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;fp=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;h=13f4a105a085e9435f51f2688967c5daa2a1ab1e;hb=5bbd2c6e9dcf47e312122a3205c78b676a724e07;hp=6bb5db27308af2e655ba06ed272fd40a4d0de1d7;hpb=1d8237e4961e8653727f1210061b832ac82dda88;p=utils diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java index 6bb5db27..13f4a105 100644 --- a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java +++ b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java @@ -15,14 +15,55 @@ */ package org.wamblee.security.authorization; -import org.wamblee.persistence.Persistent; +import javax.persistence.DiscriminatorColumn; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Inheritance; +import javax.persistence.InheritanceType; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; +import javax.persistence.Table; +import javax.persistence.Version; + +import org.wamblee.usermgt.UserAccessor; /** * Service to determine if access to a certain resource is allowed. * * @author Erik Brakkee */ -public interface AuthorizationService extends Persistent { +@Entity +@Table(name = "SEC_AUTH_SVC") +@Inheritance(strategy = InheritanceType.SINGLE_TABLE) +@DiscriminatorColumn(name = "TYPE") +@NamedQueries( + @NamedQuery(name = AuthorizationService.QUERY_FIND_BY_NAME, + query = "select s from AuthorizationService s where s.name = :" + + AuthorizationService.NAME_PARAM) + ) +public abstract class AuthorizationService { + + public static final String QUERY_FIND_BY_NAME = "AuthorizationService.findByName"; + public static final String NAME_PARAM = "name"; + + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long primaryKey; + + @Version + private int version; + + public AuthorizationService() { + // Empty. + } + + public AuthorizationService(AuthorizationService aSvc) { + primaryKey = aSvc.primaryKey; + version = aSvc.version; + } + /** * Checks whether an operation is allowed on a resource. * @@ -33,16 +74,16 @@ public interface AuthorizationService extends Persistent { * * @return Checks whether the operation is allowed on a resource. */ - boolean isAllowed(Object aResource, Operation aOperation); + public abstract boolean isAllowed(Object aResource, Operation aOperation); - T check(T aResource, Operation aOperation); + public abstract T check(T aResource, Operation aOperation); /** * Gets the authorization rules. * * @return Rules. */ - AuthorizationRule[] getRules(); + public abstract AuthorizationRule[] getRules(); /** * Appends a new authorization rule to the end. @@ -50,7 +91,7 @@ public interface AuthorizationService extends Persistent { * @param aRule * Rule to append. */ - void appendRule(AuthorizationRule aRule); + public abstract void appendRule(AuthorizationRule aRule); /** * Removes a rule. @@ -58,7 +99,7 @@ public interface AuthorizationService extends Persistent { * @param aIndex * Index of the rule to remove. */ - void removeRule(int aIndex); + public abstract void removeRule(int aIndex); /** * Inserts a rule. @@ -68,5 +109,12 @@ public interface AuthorizationService extends Persistent { * @param aRule * Rule to insert. */ - void insertRuleAfter(int aIndex, AuthorizationRule aRule); + public abstract void insertRuleAfter(int aIndex, AuthorizationRule aRule); + + /** + * Sets the user accessor so that the authorization service can get access to the logged in + * user. + * @param aUserAccessor User accessor. + */ + public abstract void setUserAccessor(UserAccessor aUserAccessor); }