KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > easybeans > deployment > annotations > helper > bean > SecurityResolver


1 /**
2  * EasyBeans
3  * Copyright (C) 2006 Bull S.A.S.
4  * Contact: easybeans@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: SecurityResolver.java 1121 2006-09-27 08:51:06Z benoitf $
23  * --------------------------------------------------------------------------
24  */

25
26 package org.objectweb.easybeans.deployment.annotations.helper.bean;
27
28 import java.util.ArrayList JavaDoc;
29 import java.util.List JavaDoc;
30
31 import org.objectweb.asm.Type;
32 import org.objectweb.easybeans.deployment.annotations.JClassInterceptor;
33 import org.objectweb.easybeans.deployment.annotations.JMethod;
34 import org.objectweb.easybeans.deployment.annotations.metadata.ClassAnnotationMetadata;
35 import org.objectweb.easybeans.deployment.annotations.metadata.MethodAnnotationMetadata;
36 import org.objectweb.easybeans.security.interceptors.AccessInterceptor;
37 import org.objectweb.easybeans.security.interceptors.DenyAllInterceptor;
38 import org.objectweb.easybeans.security.interceptors.RunAsAccessInterceptor;
39
40 /**
41  * This class adds the interceptor for the security (if required) on a given method.
42  * @author Florent Benoit
43  */

44 public final class SecurityResolver {
45
46     /**
47      * Signature of EasyBeans interceptors.
48      */

49     private static final JMethod EASYBEANS_INTERCEPTOR = new JMethod(0, "intercept",
50             "(Lorg/objectweb/easybeans/api/EasyBeansInvocationContext;)Ljava/lang/Object;", null,
51             new String JavaDoc[] {"java/lang/Exception"});
52
53     /**
54      * DenyAll interceptor.
55      */

56     private static final String JavaDoc DENYALL_INTERCEPTOR = Type
57             .getInternalName(DenyAllInterceptor.class);
58
59
60     /**
61      * RunAs interceptor.
62      */

63     private static final String JavaDoc RUNAS_INTERCEPTOR = Type
64             .getInternalName(RunAsAccessInterceptor.class);
65
66
67     /**
68      * Role based interceptor.
69      */

70     private static final String JavaDoc ROLEBASED_INTERCEPTOR = Type
71             .getInternalName(AccessInterceptor.class);
72
73
74     /**
75      * Helper class, no public constructor.
76      */

77     private SecurityResolver() {
78     }
79
80     /**
81      * Adds the right transaction interceptor depending of the transactional
82      * attribute set by the user.
83      * @param bean the given bean on which set the transactional interceptor.
84      */

85     public static void resolve(final ClassAnnotationMetadata bean) {
86
87         // Class values
88
boolean beanPermitAll = bean.hasPermitAll();
89         List JavaDoc<String JavaDoc> beanRolesAllowed = bean.getRolesAllowed();
90
91         String JavaDoc runAs = bean.getRunAs();
92         String JavaDoc superClassName = bean.getSuperName();
93         // Search in super class
94
while (runAs == null && !superClassName.equals(Type.getInternalName(Object JavaDoc.class))) {
95             ClassAnnotationMetadata superMetadata = bean.getEjbJarAnnotationMetadata().getClassAnnotationMetadata(superClassName);
96             if (superMetadata != null) {
97                 runAs = superMetadata.getRunAs();
98                 superClassName = superMetadata.getSuperName();
99                 // Set with the super class value
100
if (runAs != null) {
101                     bean.setRunAs(runAs);
102                 }
103             }
104         }
105
106
107
108
109         // Inheritance for DeclaredRoles
110
List JavaDoc<String JavaDoc> declaredRoles = bean.getDeclareRoles();
111         superClassName = bean.getSuperName();
112         // if null, search on super classes.
113
while (declaredRoles == null && !superClassName.equals(Type.getInternalName(Object JavaDoc.class))) {
114             ClassAnnotationMetadata superMetadata = bean.getEjbJarAnnotationMetadata().getClassAnnotationMetadata(superClassName);
115             if (superMetadata != null) {
116                 declaredRoles = superMetadata.getDeclareRoles();
117                 superClassName = superMetadata.getSuperName();
118                 // Set with the super class value
119
if (declaredRoles != null) {
120                     bean.setDeclareRoles(declaredRoles);
121                 }
122             }
123         }
124
125
126         for (MethodAnnotationMetadata method : bean.getMethodAnnotationMetadataCollection()) {
127             List JavaDoc<JClassInterceptor> interceptors = method.getInterceptors();
128             if (interceptors == null) {
129                 interceptors = new ArrayList JavaDoc<JClassInterceptor>();
130             }
131
132             // DenyAll ?
133
boolean denyAll = method.hasDenyAll();
134
135             // PermitAll ?
136
boolean permitAll = method.hasPermitAll();
137             // not defined on the method, check inheritance or bean's value
138
if (!permitAll) {
139                 if (method.isInherited()) {
140                     permitAll = method.getOriginalClassAnnotationMetadata().hasPermitAll();
141                     method.setPermitAll(permitAll);
142                 } else {
143                     permitAll = beanPermitAll;
144                 }
145             }
146
147             // roles allowed.
148
List JavaDoc<String JavaDoc> rolesAllowed = method.getRolesAllowed();
149             if (rolesAllowed == null) {
150                 if (method.isInherited()) {
151                     rolesAllowed = method.getOriginalClassAnnotationMetadata().getRolesAllowed();
152                     method.setRolesAllowed(rolesAllowed);
153                 } else {
154                     rolesAllowed = beanRolesAllowed;
155                 }
156             }
157
158             // runAs ?
159
if (runAs != null) {
160                 interceptors.add(new JClassInterceptor(RUNAS_INTERCEPTOR, EASYBEANS_INTERCEPTOR));
161             }
162
163             if (denyAll) {
164                 interceptors.add(new JClassInterceptor(DENYALL_INTERCEPTOR, EASYBEANS_INTERCEPTOR));
165             } else if (!permitAll && rolesAllowed != null) {
166                 // only if permitAll is not set as no interceptor is added in this case
167
interceptors.add(new JClassInterceptor(ROLEBASED_INTERCEPTOR, EASYBEANS_INTERCEPTOR));
168             }
169             method.setInterceptors(interceptors);
170         }
171     }
172 }
173
Popular Tags