X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FDefaultAuthorizationService.java;h=7686c334d7826c1907a1930a3dc39b5495658a4e;hb=1b9acefff0078d6d2a3f061948b36f6721743306;hp=a086ab477844e3b0cec84900a4138b9446d9f4bf;hpb=5bbd2c6e9dcf47e312122a3205c78b676a724e07;p=utils diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java b/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java index a086ab47..7686c334 100644 --- a/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java +++ b/security/impl/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java @@ -18,11 +18,17 @@ package org.wamblee.security.authorization; import java.util.ArrayList; import java.util.List; +import javax.persistence.CascadeType; import javax.persistence.DiscriminatorValue; import javax.persistence.Entity; +import javax.persistence.ManyToMany; +import javax.persistence.OneToMany; +import javax.persistence.OrderColumn; +import javax.persistence.Transient; -import org.wamblee.usermgt.User; -import org.wamblee.usermgt.UserAccessor; +import org.wamblee.security.authentication.User; +import org.wamblee.security.authentication.UserAccessor; +import org.wamblee.security.authentication.UserAdministration; /** * Default implementation of an authorization service. To determine whether @@ -36,36 +42,40 @@ import org.wamblee.usermgt.UserAccessor; */ @Entity @DiscriminatorValue("DEFAULT") -public class DefaultAuthorizationService extends AuthorizationService { - - +public class DefaultAuthorizationService extends AbstractAuthorizationService { + /** * List of ordered authorization rules. */ + @OneToMany(cascade = CascadeType.ALL, orphanRemoval = true, targetEntity = AbstractAuthorizationRule.class) + @OrderColumn(name = "RULE_INDEX") private List rules; /** * User accessor used to obtain the current user. */ + @Transient private UserAccessor userAccessor; - /** - * Name for this instance of the authorization service. - */ - private String name; + @Transient + private UserAdministration userAdmin; /** * Constructs the service. * * @param aAccessor * User accessor. + * @param aUserAdmin + * User administration. * @param aName * Name of this instance of the service. */ - public DefaultAuthorizationService(UserAccessor aAccessor, String aName) { + public DefaultAuthorizationService(UserAccessor aAccessor, + UserAdministration aUserAdmin, String aName) { + super(aName); rules = new ArrayList(); userAccessor = aAccessor; - name = aName; + userAdmin = aUserAdmin; } /** @@ -74,19 +84,24 @@ public class DefaultAuthorizationService extends AuthorizationService { public DefaultAuthorizationService() { rules = new ArrayList(); userAccessor = null; - name = null; + userAdmin = null; } - /** - * Sets the user accessor. - * - * @param aUserAccessor - * User accessor. - */ + @Override public void setUserAccessor(UserAccessor aUserAccessor) { userAccessor = aUserAccessor; } + + @Override + public void setUserAdministration(UserAdministration aUserAdmin) { + userAdmin = aUserAdmin; + System.out.println("Setting userAdmin"); + for (AuthorizationRule rule: rules) { + System.out.println("Setting useradmin on " + rule); + rule.setUserAdministration(userAdmin); + } + } /* * (non-Javadoc) @@ -96,7 +111,7 @@ public class DefaultAuthorizationService extends AuthorizationService { * .lang.Object, org.wamblee.security.authorization.Operation) */ public boolean isAllowed(Object aResource, Operation aOperation) { - User user = userAccessor.getCurrentUser(); + String user = userAccessor.getCurrentUser(); for (AuthorizationRule rule : rules) { switch (rule.isAllowed(aResource, aOperation, user)) { @@ -125,21 +140,13 @@ public class DefaultAuthorizationService extends AuthorizationService { return aResource; } - protected String getName() { - return name; - } - - public void setName(String aName) { - name = aName; - } - /* * (non-Javadoc) * * @see org.wamblee.security.authorization.AuthorizationService#getRules() */ public AuthorizationRule[] getRules() { - return rules.toArray(new AuthorizationRule[0]); + return rules.toArray(new AbstractAuthorizationRule[0]); } /* @@ -150,6 +157,7 @@ public class DefaultAuthorizationService extends AuthorizationService { * .wamblee.security.authorization.AuthorizationRule) */ public void appendRule(AuthorizationRule aRule) { + aRule.setUserAdministration(userAdmin); rules.add(aRule); } @@ -161,6 +169,7 @@ public class DefaultAuthorizationService extends AuthorizationService { * (int, org.wamblee.security.authorization.AuthorizationRule) */ public void insertRuleAfter(int aIndex, AuthorizationRule aRule) { + aRule.setUserAdministration(userAdmin); rules.add(aIndex, aRule); } @@ -191,5 +200,8 @@ public class DefaultAuthorizationService extends AuthorizationService { */ protected void setMappedRules(List aRules) { rules = aRules; + for (AuthorizationRule rule: rules) { + rule.setUserAdministration(userAdmin); + } } }