X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FDefaultAuthorizationService.java;h=7686c334d7826c1907a1930a3dc39b5495658a4e;hb=1b9acefff0078d6d2a3f061948b36f6721743306;hp=048d66cc924ed2b27a0606ad5ba290f7e5c07339;hpb=a11c373e6ef35e7fe540c95a94903ed848800612;p=utils diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java b/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java index 048d66cc..7686c334 100644 --- a/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java +++ b/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java @@ -12,17 +12,24 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - */ + */ package org.wamblee.security.authorization; - -import org.wamblee.security.AbstractPersistent; -import org.wamblee.usermgt.User; -import org.wamblee.usermgt.UserAccessor; - import java.util.ArrayList; import java.util.List; +import javax.persistence.CascadeType; +import javax.persistence.DiscriminatorValue; +import javax.persistence.Entity; +import javax.persistence.ManyToMany; +import javax.persistence.OneToMany; +import javax.persistence.OrderColumn; +import javax.persistence.Transient; + +import org.wamblee.security.authentication.User; +import org.wamblee.security.authentication.UserAccessor; +import org.wamblee.security.authentication.UserAdministration; + /** * Default implementation of an authorization service. To determine whether * access to a resource is allowed, the service consults a number of @@ -33,35 +40,42 @@ import java.util.List; * * @author Erik Brakkee */ -public class DefaultAuthorizationService extends AbstractPersistent implements - AuthorizationService { +@Entity +@DiscriminatorValue("DEFAULT") +public class DefaultAuthorizationService extends AbstractAuthorizationService { + /** * List of ordered authorization rules. */ + @OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, targetEntity = AbstractAuthorizationRule.class) + @OrderColumn(name = "RULE_INDEX") private List rules; /** * User accessor used to obtain the current user. */ + @Transient private UserAccessor userAccessor; - /** - * Name for this instance of the authorization service. - */ - private String name; + @Transient + private UserAdministration userAdmin; /** * Constructs the service. * * @param aAccessor * User accessor. + * @param aUserAdmin + * User administration. * @param aName * Name of this instance of the service. */ - public DefaultAuthorizationService(UserAccessor aAccessor, String aName) { + public DefaultAuthorizationService(UserAccessor aAccessor, + UserAdministration aUserAdmin, String aName) { + super(aName); rules = new ArrayList(); userAccessor = aAccessor; - name = aName; + userAdmin = aUserAdmin; } /** @@ -70,18 +84,24 @@ public class DefaultAuthorizationService extends AbstractPersistent implements public DefaultAuthorizationService() { rules = new ArrayList(); userAccessor = null; - name = null; + userAdmin = null; } - /** - * Sets the user accessor. - * - * @param aUserAccessor - * User accessor. - */ + + @Override public void setUserAccessor(UserAccessor aUserAccessor) { userAccessor = aUserAccessor; } + + @Override + public void setUserAdministration(UserAdministration aUserAdmin) { + userAdmin = aUserAdmin; + System.out.println("Setting userAdmin"); + for (AuthorizationRule rule: rules) { + System.out.println("Setting useradmin on " + rule); + rule.setUserAdministration(userAdmin); + } + } /* * (non-Javadoc) @@ -91,7 +111,7 @@ public class DefaultAuthorizationService extends AbstractPersistent implements * .lang.Object, org.wamblee.security.authorization.Operation) */ public boolean isAllowed(Object aResource, Operation aOperation) { - User user = userAccessor.getCurrentUser(); + String user = userAccessor.getCurrentUser(); for (AuthorizationRule rule : rules) { switch (rule.isAllowed(aResource, aOperation, user)) { @@ -120,21 +140,13 @@ public class DefaultAuthorizationService extends AbstractPersistent implements return aResource; } - protected String getName() { - return name; - } - - public void setName(String aName) { - name = aName; - } - /* * (non-Javadoc) * * @see org.wamblee.security.authorization.AuthorizationService#getRules() */ public AuthorizationRule[] getRules() { - return rules.toArray(new AuthorizationRule[0]); + return rules.toArray(new AbstractAuthorizationRule[0]); } /* @@ -145,6 +157,7 @@ public class DefaultAuthorizationService extends AbstractPersistent implements * .wamblee.security.authorization.AuthorizationRule) */ public void appendRule(AuthorizationRule aRule) { + aRule.setUserAdministration(userAdmin); rules.add(aRule); } @@ -156,6 +169,7 @@ public class DefaultAuthorizationService extends AbstractPersistent implements * (int, org.wamblee.security.authorization.AuthorizationRule) */ public void insertRuleAfter(int aIndex, AuthorizationRule aRule) { + aRule.setUserAdministration(userAdmin); rules.add(aIndex, aRule); } @@ -186,5 +200,8 @@ public class DefaultAuthorizationService extends AbstractPersistent implements */ protected void setMappedRules(List aRules) { rules = aRules; + for (AuthorizationRule rule: rules) { + rule.setUserAdministration(userAdmin); + } } }