X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FUrlAuthorizationRule.java;h=17bdc348ae8263b97c7ca000d6da2b0414ebe476;hb=34484a56d1c00208678a2824c2c9869dbabc444b;hp=adeb93c157f0ebaa9522e20ef1fd01cabbcaf9e9;hpb=5ea8f0e2af53562c1507e8fb5a3ede2af5c5de6c;p=utils
diff --git a/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java b/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java
index adeb93c1..17bdc348 100644
--- a/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java
+++ b/security/impl/src/main/java/org/wamblee/security/authorization/UrlAuthorizationRule.java
@@ -15,14 +15,20 @@
*/
package org.wamblee.security.authorization;
-import org.apache.log4j.Logger;
-
-import org.wamblee.persistence.AbstractPersistent;
-import static org.wamblee.security.authorization.AuthorizationResult.DENIED;
-import static org.wamblee.security.authorization.AuthorizationResult.GRANTED;
-import static org.wamblee.security.authorization.AuthorizationResult.UNDECIDED;
-import static org.wamblee.security.authorization.AuthorizationResult.UNSUPPORTED_RESOURCE;
+import static org.wamblee.security.authorization.AuthorizationResult.*;
+
+import javax.enterprise.inject.Typed;
+import javax.persistence.Access;
+import javax.persistence.AccessType;
+import javax.persistence.CascadeType;
+import javax.persistence.Column;
+import javax.persistence.DiscriminatorValue;
+import javax.persistence.Entity;
+import javax.persistence.JoinColumn;
+import javax.persistence.ManyToOne;
+import javax.persistence.Transient;
+import org.apache.log4j.Logger;
import org.wamblee.usermgt.User;
/**
@@ -31,12 +37,12 @@ import org.wamblee.usermgt.User;
*
The path of the resource. To obtain the path of a resource, subclasses
* must implement {@link #getResourcePath(Object)}. Whether a path is
* appropriate is determined by a
- * {@link org.wamblee.security.authorization.PathCondition}.
+ * {@link org.wamblee.security.authorization.AbstractPathCondition}.
* The user identity with which the resource is accessed. Whether a user is
* appropriate is determined by a
- * {@link org.wamblee.security.authorization.UserCondition}.
+ * {@link org.wamblee.security.authorization.AbstractUserCondition}.
* The operation that is requested. Whether the operation is appropriate is
- * determined by a {@link org.wamblee.security.authorization.OperationCondition}
+ * determined by a {@link org.wamblee.security.authorization.AbstractOperationCondition}
* .
*
* In case all three conditions match, the condition returns the configured
@@ -44,8 +50,9 @@ import org.wamblee.usermgt.User;
* the specified type, the result is UNSUPPORTED_RESOURCE, otherwise, the result
* is UNDECIDED.
*/
-public abstract class UrlAuthorizationRule extends AbstractPersistent implements
- AuthorizationRule {
+@Entity
+@Access(AccessType.PROPERTY)
+public abstract class UrlAuthorizationRule extends AbstractAuthorizationRule {
private static final Logger LOGGER = Logger
.getLogger(UrlAuthorizationRule.class);
@@ -72,6 +79,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
/**
* Operation that this rule is for.
*/
+
private OperationCondition operationCondition;
/**
@@ -134,6 +142,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
* @see
* org.wamblee.security.authorization.AuthorizationRule#getSupportedTypes()
*/
+ @Transient
public Class[] getSupportedTypes() {
return new Class[] { resourceClass };
}
@@ -213,6 +222,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
*
* @return Result.
*/
+ @Column(name = "AUTH_RESULT", nullable = false)
protected String getAuthorizationResultString() {
if (result == null) {
return null;
@@ -231,6 +241,7 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
result = AuthorizationResult.valueOf(aResult);
}
+ @Column(name = "RES_CLASSNAME", nullable = false)
protected String getResourceClassName() {
if (resourceClass == null) {
return "";
@@ -253,6 +264,8 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
*
* @return Returns the operationCondition.
*/
+ @ManyToOne(cascade = CascadeType.ALL, targetEntity = AbstractOperationCondition.class)
+ @JoinColumn(name = "OPER_COND_PK")
public OperationCondition getOperationCondition() {
return operationCondition;
}
@@ -270,6 +283,8 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
*
* @return Returns the pathCondition.
*/
+ @ManyToOne(cascade = CascadeType.ALL, targetEntity = AbstractPathCondition.class)
+ @JoinColumn(name = "PATH_COND_PK")
public PathCondition getPathCondition() {
return pathCondition;
}
@@ -287,6 +302,8 @@ public abstract class UrlAuthorizationRule extends AbstractPersistent implements
*
* @return Returns the userCondition.
*/
+ @ManyToOne(cascade = CascadeType.ALL, targetEntity = AbstractUserCondition.class)
+ @JoinColumn(name = "USER_COND_PK")
public UserCondition getUserCondition() {
return userCondition;
}