X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;fp=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationService.java;h=7a0816a9713d2cbb97637bc5a3aef99a1bb79726;hb=a0ce32a7a71799300bbf300cf71e76e1782392d3;hp=13f4a105a085e9435f51f2688967c5daa2a1ab1e;hpb=c478cc74b468910f649f044b916359a8187af9e8;p=utils diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java index 13f4a105..7a0816a9 100644 --- a/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java +++ b/security/impl/src/main/java/org/wamblee/security/authorization/AuthorizationService.java @@ -15,18 +15,6 @@ */ package org.wamblee.security.authorization; -import javax.persistence.DiscriminatorColumn; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Inheritance; -import javax.persistence.InheritanceType; -import javax.persistence.NamedQueries; -import javax.persistence.NamedQuery; -import javax.persistence.Table; -import javax.persistence.Version; - import org.wamblee.usermgt.UserAccessor; /** @@ -34,36 +22,8 @@ import org.wamblee.usermgt.UserAccessor; * * @author Erik Brakkee */ -@Entity -@Table(name = "SEC_AUTH_SVC") -@Inheritance(strategy = InheritanceType.SINGLE_TABLE) -@DiscriminatorColumn(name = "TYPE") -@NamedQueries( - @NamedQuery(name = AuthorizationService.QUERY_FIND_BY_NAME, - query = "select s from AuthorizationService s where s.name = :" + - AuthorizationService.NAME_PARAM) - ) -public abstract class AuthorizationService { - - public static final String QUERY_FIND_BY_NAME = "AuthorizationService.findByName"; - public static final String NAME_PARAM = "name"; - - @Id - @GeneratedValue(strategy = GenerationType.AUTO) - private Long primaryKey; +public interface AuthorizationService { - @Version - private int version; - - public AuthorizationService() { - // Empty. - } - - public AuthorizationService(AuthorizationService aSvc) { - primaryKey = aSvc.primaryKey; - version = aSvc.version; - } - /** * Checks whether an operation is allowed on a resource. * @@ -74,16 +34,24 @@ public abstract class AuthorizationService { * * @return Checks whether the operation is allowed on a resource. */ - public abstract boolean isAllowed(Object aResource, Operation aOperation); + boolean isAllowed(Object aResource, Operation aOperation); - public abstract T check(T aResource, Operation aOperation); + /** + * Checks if the given operation is allowed on the resource. + * @param Type of resource + * @param aResource Resource. + * @param aOperation Operation. + * @return Resource passed in in case access is allowed + * @throws AuthorizationException In case access is denied. + */ + T check(T aResource, Operation aOperation); /** * Gets the authorization rules. * * @return Rules. */ - public abstract AuthorizationRule[] getRules(); + AuthorizationRule[] getRules(); /** * Appends a new authorization rule to the end. @@ -91,7 +59,7 @@ public abstract class AuthorizationService { * @param aRule * Rule to append. */ - public abstract void appendRule(AuthorizationRule aRule); + void appendRule(AuthorizationRule aRule); /** * Removes a rule. @@ -99,7 +67,7 @@ public abstract class AuthorizationService { * @param aIndex * Index of the rule to remove. */ - public abstract void removeRule(int aIndex); + void removeRule(int aIndex); /** * Inserts a rule. @@ -109,12 +77,15 @@ public abstract class AuthorizationService { * @param aRule * Rule to insert. */ - public abstract void insertRuleAfter(int aIndex, AuthorizationRule aRule); + void insertRuleAfter(int aIndex, AuthorizationRule aRule); /** - * Sets the user accessor so that the authorization service can get access to the logged in - * user. - * @param aUserAccessor User accessor. + * Sets the user accessor so that the authorization service can get access + * to the logged in user. + * + * @param aUserAccessor + * User accessor. */ - public abstract void setUserAccessor(UserAccessor aUserAccessor); -} + void setUserAccessor(UserAccessor aUserAccessor); + +} \ No newline at end of file