X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fsrc%2Fmain%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FDefaultAuthorizationService.java;h=e52ced7ec1f370529eac254daed9768860dbf061;hb=ddd261f331280640c5b53c7128230b629ebcd268;hp=1d6499e0a1b17e68baed778325b92321004738db;hpb=92e23e5ecf9614f2ab770a8cdedc0b21ddf1e127;p=utils diff --git a/security/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java b/security/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java index 1d6499e0..e52ced7e 100644 --- a/security/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java +++ b/security/src/main/java/org/wamblee/security/authorization/DefaultAuthorizationService.java @@ -1,155 +1,216 @@ /* * Copyright 2005 the original author or authors. - * + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - */ - + */ package org.wamblee.security.authorization; -import java.util.ArrayList; -import java.util.List; - import org.wamblee.persistence.AbstractPersistent; + import org.wamblee.usermgt.User; import org.wamblee.usermgt.UserAccessor; +import java.util.ArrayList; +import java.util.List; + + /** - * Default implementation of an authorization service. - * To determine whether access to a resource is allowed, the service consults a number - * of authorization rules in a fixed order. The first rule that gives a result GRANTED or - * DENIED determines the result of the evaluation. Rules that return any other result are - * ignoed. If none of the rules match, than access is denied. + * Default implementation of an authorization service. To determine + * whether access to a resource is allowed, the service consults a number of + * authorization rules in a fixed order. The first rule that gives a result + * GRANTED or DENIED determines the result of the evaluation. Rules that + * return any other result are ignoed. If none of the rules match, than + * access is denied. * * @author Erik Brakkee */ -public class DefaultAuthorizationService extends AbstractPersistent implements AuthorizationService { - +public class DefaultAuthorizationService extends AbstractPersistent + implements AuthorizationService { /** - * List of ordered authorization rules. + * List of ordered authorization rules. */ - private List rules; - + private List rules; + /** - * User accessor used to obtain the current user. + * User accessor used to obtain the current user. */ - private UserAccessor userAccessor; - + private UserAccessor userAccessor; + /** - * Name for this instance of the authorization service. + * Name for this instance of the authorization service. */ private String name; - - /** + +/** * Constructs the service. * @param aAccessor User accessor. * @param aName Name of this instance of the service. */ public DefaultAuthorizationService(UserAccessor aAccessor, String aName) { - rules = new ArrayList(); - userAccessor = aAccessor; - name = aName; + rules = new ArrayList(); + userAccessor = aAccessor; + name = aName; } - - /** + +/** * Constructs the authorization service. */ public DefaultAuthorizationService() { - rules = new ArrayList(); - userAccessor = null; - name = null; + rules = new ArrayList(); + userAccessor = null; + name = null; } - + /** - * Sets the user accessor. - * @param aUserAccessor User accessor. + * Sets the user accessor. + * + * @param aUserAccessor User accessor. */ - public void setUserAccessor(UserAccessor aUserAccessor) { - userAccessor = aUserAccessor; + public void setUserAccessor(UserAccessor aUserAccessor) { + userAccessor = aUserAccessor; } /* (non-Javadoc) * @see org.wamblee.security.authorization.AuthorizationService#isAllowed(java.lang.Object, org.wamblee.security.authorization.Operation) */ + /** + * DOCUMENT ME! + * + * @param aResource DOCUMENT ME! + * @param aOperation DOCUMENT ME! + * + * @return DOCUMENT ME! + */ public boolean isAllowed(Object aResource, Operation aOperation) { - User user = userAccessor.getCurrentUser(); - for (AuthorizationRule rule: rules) { - switch ( rule.isAllowed(aResource, aOperation, user)) { - case DENIED: { return false; } - case GRANTED: { return true; } + User user = userAccessor.getCurrentUser(); + + for (AuthorizationRule rule : rules) { + switch (rule.isAllowed(aResource, aOperation, user)) { + case DENIED: + return false; + + case GRANTED: + return true; } } - return false; + + return false; } - + /* (non-Javadoc) * @see org.wamblee.security.authorization.AuthorizationService#check(T, org.wamblee.security.authorization.Operation) */ + /** + * DOCUMENT ME! + * + * @param DOCUMENT ME! + * @param aResource DOCUMENT ME! + * @param aOperation DOCUMENT ME! + * + * @return DOCUMENT ME! + * + * @throws AuthorizationException DOCUMENT ME! + */ public T check(T aResource, Operation aOperation) { - if ( !isAllowed(aResource, aOperation)) { + if (!isAllowed(aResource, aOperation)) { throw new AuthorizationException(aResource, aOperation); } + return aResource; } - - protected String getName() { - return name; + + /** + * DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected String getName() { + return name; } - - public void setName(String aName) { - name = aName; + + /** + * DOCUMENT ME! + * + * @param aName DOCUMENT ME! + */ + public void setName(String aName) { + name = aName; } - + /* (non-Javadoc) * @see org.wamblee.security.authorization.AuthorizationService#getRules() */ + /** + * DOCUMENT ME! + * + * @return DOCUMENT ME! + */ public AuthorizationRule[] getRules() { - return rules.toArray(new AuthorizationRule[0]); + return rules.toArray(new AuthorizationRule[0]); } - + /* (non-Javadoc) * @see org.wamblee.security.authorization.AuthorizationService#appendRule(org.wamblee.security.authorization.AuthorizationRule) */ + /** + * DOCUMENT ME! + * + * @param aRule DOCUMENT ME! + */ public void appendRule(AuthorizationRule aRule) { - rules.add(aRule); + rules.add(aRule); } /* (non-Javadoc) * @see org.wamblee.security.authorization.AuthorizationService#insertRuleAfter(int, org.wamblee.security.authorization.AuthorizationRule) */ + /** + * DOCUMENT ME! + * + * @param aIndex DOCUMENT ME! + * @param aRule DOCUMENT ME! + */ public void insertRuleAfter(int aIndex, AuthorizationRule aRule) { - rules.add(aIndex, aRule); + rules.add(aIndex, aRule); } - + /* (non-Javadoc) * @see org.wamblee.security.authorization.AuthorizationService#removeRule(int) */ + /** + * DOCUMENT ME! + * + * @param aIndex DOCUMENT ME! + */ public void removeRule(int aIndex) { - rules.remove(aIndex); + rules.remove(aIndex); } - + /** - * For OR mapping. - * @return The rules. + * For OR mapping. + * + * @return The rules. */ protected List getMappedRules() { - return rules; + return rules; } - + /** * For OR mapping. - * @param aRules The rules. + * + * @param aRules The rules. */ - protected void setMappedRules(List aRules) { - rules = aRules; + protected void setMappedRules(List aRules) { + rules = aRules; } }