• Home
• com.flowlogix
• shiro-ee
• 5.5.5
• source code
• AopHelper.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.flowlogix.shiro.ee.cdi.AopHelper Maven / Gradle / Ivy

/*
 * Copyright (C) 2011-2024 Flow Logix, Inc. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.flowlogix.shiro.ee.cdi;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresGuest;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.authz.annotation.RequiresUser;
import org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler;
import org.apache.shiro.authz.aop.AuthorizingAnnotationHandler;
import org.apache.shiro.authz.aop.GuestAnnotationHandler;
import org.apache.shiro.authz.aop.PermissionAnnotationHandler;
import org.apache.shiro.authz.aop.RoleAnnotationHandler;
import org.apache.shiro.authz.aop.UserAnnotationHandler;

/**
 * Security decorator instantiation helper
 */
@SuppressWarnings("HideUtilityClassConstructor")
@NoArgsConstructor(access = AccessLevel.PRIVATE)
class AopHelper {
    /**
     * List annotations classes which can be applied (either method or a class).
     */
    @SuppressWarnings("ConstantName")
    static final Map, Callable> autorizationAnnotationClasses
            = Map.of(
                    RequiresPermissions.class, PermissionAnnotationHandler::new,
                    RequiresRoles.class, RoleAnnotationHandler::new,
                    RequiresUser.class, UserAnnotationHandler::new,
                    RequiresGuest.class, GuestAnnotationHandler::new,
                    RequiresAuthentication.class, AuthenticatedAnnotationHandler::new);
    /**
     * Create list of
     * {@link SecurityInterceptor}
     * instances for method. This method search all method and class annotations
     * and use annotation data for create interceptors.
     * 

     * This method considers only those annotations that have been declared in
     * the set through parameters of the method and class, regardless of the
     * inheritance or interface implementations
     *
     * @param method
     * @param clazz
     * @return
     */
    static List createSecurityInterceptors(Method method, Class clazz) {
        List result = new ArrayList<>();

        if (isInterceptOnClassAnnotation(method.getModifiers())) {
            for (Class ac
                    : getAutorizationAnnotationClasses()) {
                Annotation annotationOnClass = clazz.getAnnotation(ac);
                if (annotationOnClass != null) {
                    result.add(new SecurityInterceptor(annotationOnClass));
                }
            }
        }

        for (Class ac
                : getAutorizationAnnotationClasses()) {
            Annotation annotation = method.getAnnotation(ac);
            if (annotation != null) {
                result.add(new SecurityInterceptor(annotation));
            }
        }

        return result;
    }

    /**
     * Create {@link org.apache.shiro.authz.aop.AuthorizingAnnotationHandler}
     * for annotation.
     *
     * @param annotation
     * @return
     */
    @SneakyThrows
    static AuthorizingAnnotationHandler createHandler(Annotation annotation) {
        return autorizationAnnotationClasses.get(annotation.annotationType()).call();
    }

    /**
     * Rule under which determined the fate of the class contains annotation.
     * 

     * All public and protected methods.
     * @param modifiers
     * @return
     */
    private static boolean isInterceptOnClassAnnotation(int modifiers) {
        return Modifier.isPublic(modifiers)
                || Modifier.isProtected(modifiers);
    }

    private static Collection> getAutorizationAnnotationClasses() {
        return autorizationAnnotationClasses.keySet();
    }

    @RequiredArgsConstructor
    static class SecurityInterceptor {
        private final AuthorizingAnnotationHandler handler;
        private final @Getter Annotation annotation;

        /**
         * Initialize {@link #handler} field use annotation.
         *
         * @param annotation annotation for create handler and use during
         * {@link #intercept()} invocation.
         */
        SecurityInterceptor(Annotation annotation) {
            this.annotation = annotation;
            this.handler = AopHelper.createHandler(annotation);
            if (handler == null) {
                throw new IllegalStateException("No handler for " + annotation + "annotation");
            }
        }

        /* (non-Javadoc)
         * @see org.tynamo.shiro.extension.authz.aop.SecurityInterceptor#intercept()
         */
        void intercept() {
            handler.assertAuthorized(getAnnotation());
        }
    }
}