1 25 26 package org.objectweb.easybeans.deployment.annotations.helper.bean; 27 28 import java.util.ArrayList ; 29 import java.util.List ; 30 31 import org.objectweb.asm.Type; 32 import org.objectweb.easybeans.deployment.annotations.JClassInterceptor; 33 import org.objectweb.easybeans.deployment.annotations.JMethod; 34 import org.objectweb.easybeans.deployment.annotations.metadata.ClassAnnotationMetadata; 35 import org.objectweb.easybeans.deployment.annotations.metadata.MethodAnnotationMetadata; 36 import org.objectweb.easybeans.security.interceptors.AccessInterceptor; 37 import org.objectweb.easybeans.security.interceptors.DenyAllInterceptor; 38 import org.objectweb.easybeans.security.interceptors.RunAsAccessInterceptor; 39 40 44 public final class SecurityResolver { 45 46 49 private static final JMethod EASYBEANS_INTERCEPTOR = new JMethod(0, "intercept", 50 "(Lorg/objectweb/easybeans/api/EasyBeansInvocationContext;)Ljava/lang/Object;", null, 51 new String [] {"java/lang/Exception"}); 52 53 56 private static final String DENYALL_INTERCEPTOR = Type 57 .getInternalName(DenyAllInterceptor.class); 58 59 60 63 private static final String RUNAS_INTERCEPTOR = Type 64 .getInternalName(RunAsAccessInterceptor.class); 65 66 67 70 private static final String ROLEBASED_INTERCEPTOR = Type 71 .getInternalName(AccessInterceptor.class); 72 73 74 77 private SecurityResolver() { 78 } 79 80 85 public static void resolve(final ClassAnnotationMetadata bean) { 86 87 boolean beanPermitAll = bean.hasPermitAll(); 89 List <String > beanRolesAllowed = bean.getRolesAllowed(); 90 91 String runAs = bean.getRunAs(); 92 String superClassName = bean.getSuperName(); 93 while (runAs == null && !superClassName.equals(Type.getInternalName(Object .class))) { 95 ClassAnnotationMetadata superMetadata = bean.getEjbJarAnnotationMetadata().getClassAnnotationMetadata(superClassName); 96 if (superMetadata != null) { 97 runAs = superMetadata.getRunAs(); 98 superClassName = superMetadata.getSuperName(); 99 if (runAs != null) { 101 bean.setRunAs(runAs); 102 } 103 } 104 } 105 106 107 108 109 List <String > declaredRoles = bean.getDeclareRoles(); 111 superClassName = bean.getSuperName(); 112 while (declaredRoles == null && !superClassName.equals(Type.getInternalName(Object .class))) { 114 ClassAnnotationMetadata superMetadata = bean.getEjbJarAnnotationMetadata().getClassAnnotationMetadata(superClassName); 115 if (superMetadata != null) { 116 declaredRoles = superMetadata.getDeclareRoles(); 117 superClassName = superMetadata.getSuperName(); 118 if (declaredRoles != null) { 120 bean.setDeclareRoles(declaredRoles); 121 } 122 } 123 } 124 125 126 for (MethodAnnotationMetadata method : bean.getMethodAnnotationMetadataCollection()) { 127 List <JClassInterceptor> interceptors = method.getInterceptors(); 128 if (interceptors == null) { 129 interceptors = new ArrayList <JClassInterceptor>(); 130 } 131 132 boolean denyAll = method.hasDenyAll(); 134 135 boolean permitAll = method.hasPermitAll(); 137 if (!permitAll) { 139 if (method.isInherited()) { 140 permitAll = method.getOriginalClassAnnotationMetadata().hasPermitAll(); 141 method.setPermitAll(permitAll); 142 } else { 143 permitAll = beanPermitAll; 144 } 145 } 146 147 List <String > rolesAllowed = method.getRolesAllowed(); 149 if (rolesAllowed == null) { 150 if (method.isInherited()) { 151 rolesAllowed = method.getOriginalClassAnnotationMetadata().getRolesAllowed(); 152 method.setRolesAllowed(rolesAllowed); 153 } else { 154 rolesAllowed = beanRolesAllowed; 155 } 156 } 157 158 if (runAs != null) { 160 interceptors.add(new JClassInterceptor(RUNAS_INTERCEPTOR, EASYBEANS_INTERCEPTOR)); 161 } 162 163 if (denyAll) { 164 interceptors.add(new JClassInterceptor(DENYALL_INTERCEPTOR, EASYBEANS_INTERCEPTOR)); 165 } else if (!permitAll && rolesAllowed != null) { 166 interceptors.add(new JClassInterceptor(ROLEBASED_INTERCEPTOR, EASYBEANS_INTERCEPTOR)); 168 } 169 method.setInterceptors(interceptors); 170 } 171 } 172 } 173 | Popular Tags |