KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > enterprise > deployment > annotation > handlers > RolesAllowedHandler


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */
23 package com.sun.enterprise.deployment.annotation.handlers;
24
25 import java.lang.annotation.Annotation JavaDoc;
26 import java.lang.annotation.ElementType JavaDoc;
27 import java.lang.reflect.AnnotatedElement JavaDoc;
28 import java.lang.reflect.Method JavaDoc;
29 import java.util.logging.Level JavaDoc;
30
31 import javax.annotation.security.DenyAll;
32 import javax.annotation.security.PermitAll;
33 import javax.annotation.security.RolesAllowed;
34
35 import com.sun.enterprise.deployment.EjbDescriptor;
36 import com.sun.enterprise.deployment.MethodDescriptor;
37 import com.sun.enterprise.deployment.MethodPermission;
38 import com.sun.enterprise.deployment.Role;
39 import com.sun.enterprise.deployment.annotation.AnnotatedElementHandler;
40 import com.sun.enterprise.deployment.annotation.AnnotationInfo;
41 import com.sun.enterprise.deployment.annotation.AnnotationProcessorException;
42 import com.sun.enterprise.deployment.annotation.HandlerProcessingResult;
43 import com.sun.enterprise.deployment.annotation.context.EjbContext;
44 import com.sun.enterprise.util.TypeUtil;
45
46 /**
47  * This handler is responsible for handling the
48  * javax.annotation.security.RolesAllowed.
49  *
50  * @author Shing Wai Chan
51  */
52 public class RolesAllowedHandler extends AbstractAttributeHandler implements PostProcessor {
53     
54     public RolesAllowedHandler() {
55     }
56     
57     /**
58      * @return the annoation type this annotation handler is handling
59      */
60     public Class JavaDoc<? extends Annotation JavaDoc> getAnnotationType() {
61         return RolesAllowed.class;
62     }
63         
64     protected HandlerProcessingResult processAnnotation(AnnotationInfo ainfo,
65             EjbContext[] ejbContexts) throws AnnotationProcessorException {
66
67         AnnotatedElement JavaDoc ae = (AnnotatedElement JavaDoc)ainfo.getAnnotatedElement();
68
69         if (ae.isAnnotationPresent(DenyAll.class) ||
70                 ae.isAnnotationPresent(PermitAll.class)) {
71             log(Level.SEVERE, ainfo,
72                 localStrings.getLocalString(
73                 "enterprise.deployment.annotation.handlers.inconsistentsecannotation",
74                 "This annotation is not consistent with other annotations. One cannot have more than one of @RolesAllowed, @PermitAll, @DenyAll in the same AnnotatedElement."));
75             return getDefaultFailedResult();
76         }
77         
78         RolesAllowed rolesAllowedAn = (RolesAllowed)ainfo.getAnnotation();
79
80         for (EjbContext ejbContext : ejbContexts) {
81             EjbDescriptor ejbDesc = ejbContext.getDescriptor();
82             if (ElementType.TYPE.equals(ainfo.getElementType())) {
83                 // postpone the processing at the end
84 ejbContext.addPostProcessInfo(ainfo, this);
85             } else {
86                 Method JavaDoc annMethod = (Method JavaDoc) ainfo.getAnnotatedElement();
87                 
88                 for (Object JavaDoc next : ejbDesc.getSecurityBusinessMethodDescriptors()) {
89                     MethodDescriptor md = (MethodDescriptor)next;
90                     Method JavaDoc m = md.getMethod(ejbDesc);
91                     if (TypeUtil.sameMethodSignature(m, annMethod)) {
92                         // override by xml
93 if (!hasMethodPermissionsFromDD(md, ejbDesc)) {
94                             addMethodPermissions(rolesAllowedAn, ejbDesc, md);
95                         }
96                     }
97                 }
98             }
99         }
100
101         return getDefaultProcessedResult();
102     }
103
104     /**
105      * @return an array of annotation types this annotation handler would
106      * require to be processed (if present) before it processes it's own
107      * annotation type.
108      */
109     public Class JavaDoc<? extends Annotation JavaDoc>[] getTypeDependencies() {
110         return getEjbAnnotationTypes();
111     }
112
113     protected boolean supportTypeInheritance() {
114         return true;
115     }
116
117     public void postProcessAnnotation(AnnotationInfo ainfo,
118             AnnotatedElementHandler aeHandler)
119             throws AnnotationProcessorException {
120         EjbContext ejbContext = (EjbContext)aeHandler;
121         EjbDescriptor ejbDesc = ejbContext.getDescriptor();
122         RolesAllowed rolesAllowedAn = (RolesAllowed)ainfo.getAnnotation();
123         if (!ejbContext.isInherited() &&
124                 (ejbDesc.getMethodPermissionsFromDD() == null ||
125                 ejbDesc.getMethodPermissionsFromDD().size() == 0)) {
126             for (MethodDescriptor md : getMethodAllDescriptors(ejbDesc)) {
127                 addMethodPermissions(rolesAllowedAn, ejbDesc, md);
128             }
129         } else {
130             Class JavaDoc classAn = (Class JavaDoc)ainfo.getAnnotatedElement();
131             for (Object JavaDoc next : ejbDesc.getSecurityBusinessMethodDescriptors()) {
132                 MethodDescriptor md = (MethodDescriptor)next;
133                 Method JavaDoc m = md.getMethod(ejbDesc);
134                 // override by existing info
135 if (classAn.equals(ejbContext.getDeclaringClass(md)) &&
136                         !hasMethodPermissionsFromDD(md, ejbDesc)) {
137                     addMethodPermissions(rolesAllowedAn, ejbDesc, md);
138                 }
139             }
140         }
141     }
142
143     /**
144      * Add roles and permissions to given method in EjbDescriptor.
145      * @param rolesAllowedAn
146      * @param ejbDesc
147      * @param md
148      */
149     private void addMethodPermissions(RolesAllowed rolesAllowedAn,
150             EjbDescriptor ejbDesc, MethodDescriptor md) {
151         for (String JavaDoc roleName : rolesAllowedAn.value()) {
152             Role role = new Role(roleName);
153             // add role if not exists
154 ejbDesc.getEjbBundleDescriptor().addRole(role);
155             ejbDesc.addPermissionedMethod(new MethodPermission(role), md);
156         }
157     }
158
159 }
160
Popular Tags