KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > aspects > security > SecurityClassMetaDataLoader


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */

22 package org.jboss.aspects.security;
23
24 import javassist.CtConstructor;
25 import javassist.CtField;
26 import javassist.CtMethod;
27 import javassist.NotFoundException;
28 import org.jboss.aop.Advisor;
29 import org.jboss.aop.metadata.ClassMetaDataBinding;
30 import org.jboss.aop.util.PayloadKey;
31 import org.jboss.aop.util.XmlHelper;
32 import org.jboss.security.AnybodyPrincipal;
33 import org.jboss.security.NobodyPrincipal;
34 import org.jboss.security.SimplePrincipal;
35 import org.w3c.dom.Element JavaDoc;
36
37 import javax.naming.InitialContext JavaDoc;
38
39 import java.lang.reflect.Constructor JavaDoc;
40 import java.lang.reflect.Field JavaDoc;
41 import java.lang.reflect.Method JavaDoc;
42 import java.util.ArrayList JavaDoc;
43 import java.util.HashMap JavaDoc;
44 import java.util.HashSet JavaDoc;
45 import java.util.Iterator JavaDoc;
46 import java.util.Set JavaDoc;
47
48 /**
49  * This interceptor handles authentication creation and the initial
50  * population of class metadata
51  *
52  * @author <a HREF="mailto:bill@jboss.org">Bill Burke</a>
53  * @version $Revision: 37406 $
54  */

55 public class SecurityClassMetaDataLoader implements org.jboss.aop.metadata.ClassMetaDataLoader
56 {
57    public org.jboss.aop.metadata.ClassMetaDataBinding importMetaData(Element JavaDoc element, String JavaDoc name, String JavaDoc group, String JavaDoc classExpr) throws Exception JavaDoc
58    {
59       SecurityClassMetaDataBinding data = new SecurityClassMetaDataBinding(this, name, group, classExpr);
60       ArrayList JavaDoc securityRoles = loadSecurityRoles(element);
61       ArrayList JavaDoc methodPermissions = loadMethodPermissions(element);
62       ArrayList JavaDoc methodExcludeList = loadMethodExcludeList(element);
63       HashMap JavaDoc fieldPermissions = loadFieldPermissions(element);
64       ArrayList JavaDoc fieldExcludeList = loadFieldExcludeList(element);
65       ArrayList JavaDoc constructorPermissions = loadConstructorPermissions(element);
66       ArrayList JavaDoc constructorExcludeList = loadConstructorExcludeList(element);
67       String JavaDoc runAs = loadRunAs(element);
68
69       String JavaDoc securityDomain = XmlHelper.getOptionalChildContent(element, "security-domain");
70       if (securityDomain == null) throw new RuntimeException JavaDoc("you must define a security-domain");
71       data.setSecurityDomain(securityDomain);
72       data.setSecurityRoles(securityRoles);
73       data.setMethodPermissions(methodPermissions);
74       data.setMethodExcludeList(methodExcludeList);
75       data.setFieldPermissions(fieldPermissions);
76       data.setFieldExcludeList(fieldExcludeList);
77       data.setConstructorPermissions(constructorPermissions);
78       data.setConstructorExcludeList(constructorExcludeList);
79       data.setRunAs(runAs);
80       return data;
81    }
82
83    public void bind(Advisor advisor, org.jboss.aop.metadata.ClassMetaDataBinding data, Method[] methods, Field[] fields, Constructor[] constructors) throws Exception JavaDoc
84    {
85       SecurityClassMetaDataBinding meta = (SecurityClassMetaDataBinding) data;
86       try
87       {
88          String JavaDoc securityDomain = "java:/jaas/" + meta.getSecurityDomain();
89          Object JavaDoc domain = new InitialContext JavaDoc().lookup(securityDomain);
90          advisor.getDefaultMetaData().addMetaData("security", "authentication-manager", domain, PayloadKey.TRANSIENT);
91          advisor.getDefaultMetaData().addMetaData("security", "realm-mapping", domain, PayloadKey.TRANSIENT);
92       }
93       catch (Exception JavaDoc ex)
94       {
95          throw new RuntimeException JavaDoc("failed to load security domain: " + meta.getSecurityDomain(), ex);
96       }
97
98       for (int i = 0; i < methods.length; i++)
99       {
100          Set JavaDoc permissions = getMethodPermissions(methods[i], meta);
101          if (permissions != null)
102          {
103             advisor.getMethodMetaData().addMethodMetaData(methods[i], "security", "roles", permissions, PayloadKey.TRANSIENT);
104          }
105       }
106
107       for (int i = 0; i < fields.length; i++)
108       {
109          Set JavaDoc permissions = getFieldPermissions(fields[i], meta);
110          if (permissions != null)
111          {
112             advisor.getFieldMetaData().addFieldMetaData(fields[i], "security", "roles", permissions, PayloadKey.TRANSIENT);
113          }
114       }
115
116       for (int i = 0; i < constructors.length; i++)
117       {
118          Set JavaDoc permissions = getConstructorPermissions(constructors[i], meta);
119          if (permissions != null)
120          {
121             advisor.getConstructorMetaData().addConstructorMetaData(constructors[i], "security", "roles", permissions, PayloadKey.TRANSIENT);
122          }
123       }
124
125       if (meta.getRunAs() != null)
126       {
127          advisor.getDefaultMetaData().addMetaData("security", "run-as", new SimplePrincipal(meta.getRunAs()), PayloadKey.TRANSIENT);
128       }
129    }
130
131    public Set JavaDoc getMethodPermissions(Method method, SecurityClassMetaDataBinding meta)
132    {
133       Set JavaDoc result = new HashSet JavaDoc();
134       // First check the excluded method list as this takes priority
135
// over all other assignments
136
Iterator JavaDoc iterator = meta.getMethodExcludeList().iterator();
137       while (iterator.hasNext())
138       {
139          SecurityMethodConfig m = (SecurityMethodConfig) iterator.next();
140          if (m.patternMatches(method))
141          {
142             /* No one is allowed to execute this method so add a role that
143                fails to equate to any Principal or Principal name and return.
144                We don't return null to differentiate between an explicit
145                assignment of no access and no assignment information.
146             */

147             result.add(NobodyPrincipal.NOBODY_PRINCIPAL);
148             return result;
149          }
150       }
151
152       // Check the permissioned methods list
153
iterator = meta.getMethodPermissions().iterator();
154       while (iterator.hasNext())
155       {
156          SecurityMethodConfig m = (SecurityMethodConfig) iterator.next();
157          if (m.patternMatches(method))
158          {
159             // If this is an unchecked method anyone can access it so
160
// set the result set to a role that equates to any Principal
161
// or Principal name and return.
162
if (m.isUnchecked())
163             {
164                result.clear();
165                result.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
166                break;
167             }
168             // Else, add all roles
169
else
170             {
171                Iterator JavaDoc rolesIterator = m.getRoles().iterator();
172                while (rolesIterator.hasNext())
173                {
174                   String JavaDoc roleName = (String JavaDoc) rolesIterator.next();
175                   result.add(new SimplePrincipal(roleName));
176                }
177             }
178          }
179       }
180
181       // If no permissions were assigned to the method return null to
182
// indicate no access
183
if (result.isEmpty())
184       {
185          result = null;
186       }
187
188       return result;
189    }
190
191
192    public Set JavaDoc getFieldPermissions(Field field, SecurityClassMetaDataBinding meta)
193    {
194       String JavaDoc fieldName = field.getName();
195       Set JavaDoc result = new HashSet JavaDoc();
196       // First check the excluded method list as this takes priority
197
// over all other assignments
198
Iterator JavaDoc iterator = meta.getFieldExcludeList().iterator();
199       while (iterator.hasNext())
200       {
201          String JavaDoc expr = (String JavaDoc) iterator.next();
202          if (expr.equals("*") || expr.equals(fieldName))
203          {
204             /* No one is allowed to execute this method so add a role that
205                fails to equate to any Principal or Principal name and return.
206                We don't return null to differentiate between an explicit
207                assignment of no access and no assignment information.
208             */

209             result.add(NobodyPrincipal.NOBODY_PRINCIPAL);
210             return result;
211          }
212       }
213
214       // Check the permissioned methods list
215
iterator = meta.getFieldPermissions().keySet().iterator();
216       while (iterator.hasNext())
217       {
218          String JavaDoc expr = (String JavaDoc) iterator.next();
219
220          if (expr.equals("*") || expr.equals(fieldName))
221          {
222             Object JavaDoc permission = meta.getFieldPermissions().get(expr);
223             // If this is an unchecked method anyone can access it so
224
// set the result set to a role that equates to any Principal
225
// or Principal name and return.
226
if (permission instanceof Boolean JavaDoc)
227             {
228                result.clear();
229                result.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
230                break;
231             }
232             // Else, add all roles
233
else
234             {
235                Set JavaDoc roles = (Set JavaDoc) permission;
236                Iterator JavaDoc rolesIterator = roles.iterator();
237                while (rolesIterator.hasNext())
238                {
239                   String JavaDoc roleName = (String JavaDoc) rolesIterator.next();
240                   result.add(new SimplePrincipal(roleName));
241                }
242             }
243          }
244       }
245
246       // If no permissions were assigned to the method return null to
247
// indicate no access
248
if (result.isEmpty())
249       {
250          result = null;
251       }
252
253       return result;
254    }
255
256
257    protected String JavaDoc loadRunAs(Element JavaDoc element)
258    throws Exception JavaDoc
259    {
260       Element JavaDoc securityIdentityElement = XmlHelper.getOptionalChild(element,
261       "security-identity");
262       if (securityIdentityElement == null) return null;
263       Element JavaDoc callerIdent = XmlHelper.getOptionalChild(securityIdentityElement, "use-caller-identity");
264       Element JavaDoc runAs = XmlHelper.getOptionalChild(securityIdentityElement, "run-as");
265       if (callerIdent == null && runAs == null)
266          throw new RuntimeException JavaDoc("security-identity: either use-caller-identity or run-as must be specified");
267       if (callerIdent != null && runAs != null)
268          throw new RuntimeException JavaDoc("security-identity: only one of use-caller-identity or run-as can be specified");
269
270       String JavaDoc runAsRoleName = null;
271       if (runAs != null)
272       {
273          runAsRoleName = XmlHelper.getElementContent(XmlHelper.getUniqueChild(runAs, "role-name"));
274       }
275       return runAsRoleName;
276    }
277
278
279    protected ArrayList JavaDoc loadSecurityRoles(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
280    {
281       ArrayList JavaDoc securityRoles = new ArrayList JavaDoc();
282       // set the security roles (optional)
283
Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(assemblyDescriptor, "security-role");
284       while (iterator.hasNext())
285       {
286          Element JavaDoc securityRole = (Element JavaDoc) iterator.next();
287          try
288          {
289             String JavaDoc role = XmlHelper.getUniqueChildContent(securityRole, "role-name");
290             securityRoles.add(role);
291          }
292          catch (Exception JavaDoc e)
293          {
294             throw new RuntimeException JavaDoc("Error in metadata " +
295             "for security-role: ", e);
296          }
297       }
298       return securityRoles;
299    }
300
301    protected ArrayList JavaDoc loadMethodPermissions(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
302    {
303       ArrayList JavaDoc permissionMethods = new ArrayList JavaDoc();
304       // set the method permissions (optional)
305
Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(assemblyDescriptor,
306       "method-permission");
307       while (iterator.hasNext())
308       {
309          Element JavaDoc methodPermission = (Element JavaDoc) iterator.next();
310          // Look for the unchecked element
311
Element JavaDoc unchecked = XmlHelper.getOptionalChild(methodPermission,
312          "unchecked");
313
314          boolean isUnchecked = false;
315          Set JavaDoc roles = null;
316          if (unchecked != null)
317          {
318             isUnchecked = true;
319          }
320          else
321          {
322             // Get the role-name elements
323
roles = new HashSet JavaDoc();
324             Iterator JavaDoc rolesIterator = XmlHelper.getChildrenByTagName(methodPermission, "role-name");
325             while (rolesIterator.hasNext())
326             {
327                roles.add(XmlHelper.getElementContent((Element JavaDoc) rolesIterator.next()));
328             }
329             if (roles.size() == 0)
330                throw new RuntimeException JavaDoc("An unchecked " +
331                "element in security metadata or one or more role-name elements " +
332                "must be specified in method-permission");
333          }
334          
335          // find the methods
336
Iterator JavaDoc methods = XmlHelper.getChildrenByTagName(methodPermission,
337          "method");
338          while (methods.hasNext())
339          {
340             // load the method
341
SecurityMethodConfig method = new SecurityMethodConfig();
342             method.importXml((Element JavaDoc) methods.next());
343             if (isUnchecked)
344             {
345                method.setUnchecked();
346                permissionMethods.add(0, method);
347             }
348             else
349             {
350                method.setRoles(roles);
351                permissionMethods.add(method);
352             }
353          }
354       }
355       return permissionMethods;
356    }
357
358    protected ArrayList JavaDoc loadMethodExcludeList(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
359    {
360       ArrayList JavaDoc excluded = new ArrayList JavaDoc();
361       // Get the exclude-list methods
362
Element JavaDoc excludeList = XmlHelper.getOptionalChild(assemblyDescriptor,
363       "exclude-list");
364       if (excludeList != null)
365       {
366          Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(excludeList, "method");
367          while (iterator.hasNext())
368          {
369             Element JavaDoc methodInf = (Element JavaDoc) iterator.next();
370             // load the method
371
SecurityMethodConfig method = new SecurityMethodConfig();
372             method.importXml(methodInf);
373             method.setExcluded();
374             excluded.add(method);
375          }
376       }
377       return excluded;
378    }
379
380    protected HashMap JavaDoc loadFieldPermissions(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
381    {
382       HashMap JavaDoc permissionFields = new HashMap JavaDoc();
383       // set the field permissions (optional)
384
Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(assemblyDescriptor,
385       "field-permission");
386       while (iterator.hasNext())
387       {
388          Element JavaDoc fieldPermission = (Element JavaDoc) iterator.next();
389          // Look for the unchecked element
390
Element JavaDoc unchecked = XmlHelper.getOptionalChild(fieldPermission,
391          "unchecked");
392
393          boolean isUnchecked = false;
394          Set JavaDoc roles = null;
395          if (unchecked != null)
396          {
397             isUnchecked = true;
398          }
399          else
400          {
401             // Get the role-name elements
402
roles = new HashSet JavaDoc();
403             Iterator JavaDoc rolesIterator = XmlHelper.getChildrenByTagName(fieldPermission, "role-name");
404             while (rolesIterator.hasNext())
405             {
406                roles.add(XmlHelper.getElementContent((Element JavaDoc) rolesIterator.next()));
407             }
408             if (roles.size() == 0)
409                throw new RuntimeException JavaDoc("An unchecked " +
410                "element in security metadata or one or more role-name elements " +
411                "must be specified in field-permission");
412          }
413          
414          // find the fields
415
Iterator JavaDoc fields = XmlHelper.getChildrenByTagName(fieldPermission,
416          "field");
417          while (fields.hasNext())
418          {
419             // load the field
420
Element JavaDoc field = (Element JavaDoc) fields.next();
421             String JavaDoc fieldName = XmlHelper.getElementContent(XmlHelper.getUniqueChild(field, "field-name"));
422
423             if (isUnchecked)
424             {
425                permissionFields.put(fieldName, Boolean.TRUE); // mark as unchecked
426
}
427             else
428             {
429
430                Object JavaDoc permission = permissionFields.get(fieldName);
431                if (permission != null && permission instanceof Boolean JavaDoc) //unchecked
432
{
433                   continue;
434                }
435                if (permission != null)
436                {
437                   Set JavaDoc curr = (Set JavaDoc) permission;
438                   curr.addAll(roles);
439                }
440                else
441                {
442                   permissionFields.put(fieldName, new HashSet JavaDoc(roles));
443                }
444             }
445          }
446       }
447       return permissionFields;
448    }
449
450    protected ArrayList JavaDoc loadFieldExcludeList(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
451    {
452       ArrayList JavaDoc excluded = new ArrayList JavaDoc();
453       // Get the exclude-list fields
454
Element JavaDoc excludeList = XmlHelper.getOptionalChild(assemblyDescriptor,
455       "exclude-list");
456       if (excludeList != null)
457       {
458          Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(excludeList, "field");
459          while (iterator.hasNext())
460          {
461             Element JavaDoc fieldInf = (Element JavaDoc) iterator.next();
462             String JavaDoc fieldName = XmlHelper.getElementContent(XmlHelper.getUniqueChild(fieldInf, "field-name"));
463             excluded.add(fieldName);
464          }
465       }
466       return excluded;
467    }
468
469    protected ArrayList JavaDoc loadConstructorPermissions(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
470    {
471       ArrayList JavaDoc permissionConstructors = new ArrayList JavaDoc();
472       // set the constructor permissions (optional)
473
Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(assemblyDescriptor,
474       "constructor-permission");
475       while (iterator.hasNext())
476       {
477          Element JavaDoc constructorPermission = (Element JavaDoc) iterator.next();
478          // Look for the unchecked element
479
Element JavaDoc unchecked = XmlHelper.getOptionalChild(constructorPermission,
480          "unchecked");
481
482          boolean isUnchecked = false;
483          Set JavaDoc roles = null;
484          if (unchecked != null)
485          {
486             isUnchecked = true;
487          }
488          else
489          {
490             // Get the role-name elements
491
roles = new HashSet JavaDoc();
492             Iterator JavaDoc rolesIterator = XmlHelper.getChildrenByTagName(constructorPermission, "role-name");
493             while (rolesIterator.hasNext())
494             {
495                roles.add(XmlHelper.getElementContent((Element JavaDoc) rolesIterator.next()));
496             }
497             if (roles.size() == 0)
498                throw new RuntimeException JavaDoc("An unchecked " +
499                "element in security metadata or one or more role-name elements " +
500                "must be specified in constructor-permission");
501          }
502          
503          // find the constructors
504
Iterator JavaDoc constructors = XmlHelper.getChildrenByTagName(constructorPermission,
505          "constructor");
506          while (constructors.hasNext())
507          {
508             // load the constructor
509
SecurityConstructorConfig constructor = new SecurityConstructorConfig();
510             constructor.importXml((Element JavaDoc) constructors.next());
511             if (isUnchecked)
512             {
513                constructor.setUnchecked();
514                permissionConstructors.add(0, constructor);
515             }
516             else
517             {
518                constructor.setRoles(roles);
519                permissionConstructors.add(constructor);
520             }
521          }
522       }
523       return permissionConstructors;
524    }
525
526    protected ArrayList JavaDoc loadConstructorExcludeList(Element JavaDoc assemblyDescriptor) throws Exception JavaDoc
527    {
528       ArrayList JavaDoc excluded = new ArrayList JavaDoc();
529       // Get the exclude-list constructors
530
Element JavaDoc excludeList = XmlHelper.getOptionalChild(assemblyDescriptor,
531       "exclude-list");
532       if (excludeList != null)
533       {
534          Iterator JavaDoc iterator = XmlHelper.getChildrenByTagName(excludeList, "constructor");
535          while (iterator.hasNext())
536          {
537             Element JavaDoc constructorInf = (Element JavaDoc) iterator.next();
538             // load the constructor
539
SecurityConstructorConfig constructor = new SecurityConstructorConfig();
540             constructor.importXml(constructorInf);
541             constructor.setExcluded();
542             excluded.add(constructor);
543          }
544       }
545       return excluded;
546    }
547
548    public Set JavaDoc getConstructorPermissions(Constructor constructor, SecurityClassMetaDataBinding meta)
549    {
550       Set JavaDoc result = new HashSet JavaDoc();
551       // First check the excluded constructor list as this takes priority
552
// over all other assignments
553
Iterator JavaDoc iterator = meta.getConstructorExcludeList().iterator();
554       while (iterator.hasNext())
555       {
556          SecurityConstructorConfig m = (SecurityConstructorConfig) iterator.next();
557          if (m.patternMatches(constructor))
558          {
559             /* No one is allowed to execute this constructor so add a role that
560                fails to equate to any Principal or Principal name and return.
561                We don't return null to differentiate between an explicit
562                assignment of no access and no assignment information.
563             */

564             result.add(NobodyPrincipal.NOBODY_PRINCIPAL);
565             return result;
566          }
567       }
568
569       // Check the permissioned constructors list
570
iterator = meta.getConstructorPermissions().iterator();
571       while (iterator.hasNext())
572       {
573          SecurityConstructorConfig m = (SecurityConstructorConfig) iterator.next();
574          if (m.patternMatches(constructor))
575          {
576             // If this is an unchecked constructor anyone can access it so
577
// set the result set to a role that equates to any Principal
578
// or Principal name and return.
579
if (m.isUnchecked())
580             {
581                result.clear();
582                result.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
583                break;
584             }
585             // Else, add all roles
586
else
587             {
588                Iterator JavaDoc rolesIterator = m.getRoles().iterator();
589                while (rolesIterator.hasNext())
590                {
591                   String JavaDoc roleName = (String JavaDoc) rolesIterator.next();
592                   result.add(new SimplePrincipal(roleName));
593                }
594             }
595          }
596       }
597
598       // If no permissions were assigned to the constructor return null to
599
// indicate no access
600
if (result.isEmpty())
601       {
602          result = null;
603       }
604
605       return result;
606    }
607
608
609    /**
610     * This is minimal stuff as Instrumentor requires that ClassMetadata be bound at least at the group
611     * level for every class, method, field, and constructor so that annotated joinpoints can be done
612     *
613     * @param advisor
614     * @param data
615     * @param methods
616     * @param fields
617     * @param constructors
618     * @throws Exception
619     */

620    public void bind(Advisor advisor, ClassMetaDataBinding data, CtMethod[] methods, CtField[] fields, CtConstructor[] constructors) throws Exception JavaDoc
621    {
622       SecurityClassMetaDataBinding meta = (SecurityClassMetaDataBinding) data;
623       for (int i = 0; i < methods.length; i++)
624       {
625          boolean permissions = getMethodPermissions(methods[i], meta);
626          if (permissions)
627          {
628             advisor.getMethodMetaData().addMethodMetaData(methods[i], "security", "roles", Boolean.TRUE, PayloadKey.TRANSIENT);
629          }
630       }
631
632       for (int i = 0; i < fields.length; i++)
633       {
634          boolean permissions = getFieldPermissions(fields[i], meta);
635          if (permissions)
636          {
637             advisor.getFieldMetaData().addFieldMetaData(fields[i].getName(), "security", "roles", Boolean.TRUE, PayloadKey.TRANSIENT);
638          }
639       }
640
641       for (int i = 0; i < constructors.length; i++)
642       {
643          boolean permissions = getConstructorPermissions(constructors[i], meta);
644          if (permissions)
645          {
646             //Use getMethodInfo2() to avoid frozen check
647
advisor.getConstructorMetaData().addConstructorMetaData(constructors[i].getMethodInfo2().getDescriptor(), "security", "roles", Boolean.TRUE, PayloadKey.TRANSIENT);
648          }
649       }
650    }
651
652    /**
653     * Remember we only need to map in the "security" group tag for annotated joinpoint resolution
654     *
655     * @param method
656     * @param meta
657     * @return
658     * @throws Exception
659     */

660    public boolean getMethodPermissions(CtMethod method, SecurityClassMetaDataBinding meta) throws Exception JavaDoc
661    {
662       // First check the excluded method list as this takes priority
663
// over all other assignments
664
Iterator JavaDoc iterator = meta.getMethodExcludeList().iterator();
665       while (iterator.hasNext())
666       {
667          SecurityMethodConfig m = (SecurityMethodConfig) iterator.next();
668          if (m.patternMatches(method))
669          {
670             return true;
671          }
672       }
673
674       // Check the permissioned methods list
675
iterator = meta.getMethodPermissions().iterator();
676       while (iterator.hasNext())
677       {
678          SecurityMethodConfig m = (SecurityMethodConfig) iterator.next();
679          if (m.patternMatches(method))
680          {
681             return true;
682          }
683       }
684
685       return false;
686    }
687
688
689    public boolean getFieldPermissions(CtField field, SecurityClassMetaDataBinding meta)
690    {
691       String JavaDoc fieldName = field.getName();
692       // First check the excluded method list as this takes priority
693
// over all other assignments
694
Iterator JavaDoc iterator = meta.getFieldExcludeList().iterator();
695       while (iterator.hasNext())
696       {
697          String JavaDoc expr = (String JavaDoc) iterator.next();
698          if (expr.equals("*") || expr.equals(fieldName))
699          {
700             return true;
701          }
702       }
703
704       // Check the permissioned methods list
705
iterator = meta.getFieldPermissions().keySet().iterator();
706       while (iterator.hasNext())
707       {
708          String JavaDoc expr = (String JavaDoc) iterator.next();
709
710          if (expr.equals("*") || expr.equals(fieldName))
711          {
712             return true;
713          }
714       }
715
716       return false;
717    }
718
719
720    public boolean getConstructorPermissions(CtConstructor constructor, SecurityClassMetaDataBinding meta) throws NotFoundException
721    {
722       // First check the excluded constructor list as this takes priority
723
// over all other assignments
724
Iterator JavaDoc iterator = meta.getConstructorExcludeList().iterator();
725       while (iterator.hasNext())
726       {
727          SecurityConstructorConfig m = (SecurityConstructorConfig) iterator.next();
728          if (m.patternMatches(constructor))
729          {
730             return true;
731          }
732       }
733
734       // Check the permissioned constructors list
735
iterator = meta.getConstructorPermissions().iterator();
736       while (iterator.hasNext())
737       {
738          SecurityConstructorConfig m = (SecurityConstructorConfig) iterator.next();
739          if (m.patternMatches(constructor))
740          {
741             return true;
742          }
743       }
744
745       return false;
746    }
747
748
749 }
750
Popular Tags