athenz.shade.zts.org.glassfish.jersey.message.filtering.SecurityEntityFilteringFeature Maven / Gradle / Ivy
/*
* Copyright (c) 2013, 2018 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
* http://www.eclipse.org/legal/epl-2.0.
*
* This Source Code may also be made available under the following Secondary
* Licenses when the conditions for such availability set forth in the
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
* version 2 with the GNU Classpath Exception, which is available at
* https://www.gnu.org/software/classpath/license.html.
*
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
*/
package athenz.shade.zts.athenz.shade.zts.org.glassfish.jersey.message.filtering;
import athenz.shade.zts.athenz.shade.zts.javax.ws.rs.RuntimeType;
import athenz.shade.zts.athenz.shade.zts.javax.ws.rs.core.Configuration;
import athenz.shade.zts.athenz.shade.zts.javax.ws.rs.core.Feature;
import athenz.shade.zts.athenz.shade.zts.javax.ws.rs.core.FeatureContext;
import athenz.shade.zts.athenz.shade.zts.org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature;
/**
* {@link Feature} used to add support for Java Security annotations (athenz.shade.zts.athenz.shade.zts.javax.annotation.security
) for Entity Data
* Filtering feature.
*
* Supported annotations are:
*
* - {@link athenz.shade.zts.athenz.shade.zts.javax.annotation.security.PermitAll}
* - {@link athenz.shade.zts.athenz.shade.zts.javax.annotation.security.RolesAllowed}
* - {@link athenz.shade.zts.athenz.shade.zts.javax.annotation.security.DenyAll}
*
*
*
* It is sufficient to annotate only property accessors of an entity without annotating resource method / resource class although
* it is not recommended.
*
* Note: This feature also registers the {@link EntityFilteringFeature}.
*
* @author Michal Gajdos
* @see athenz.shade.zts.athenz.shade.zts.org.glassfish.jersey.message.filtering.EntityFilteringFeature
*/
public final class SecurityEntityFilteringFeature implements Feature {
@Override
public boolean configure(final FeatureContext context) {
final Configuration config = context.getConfiguration();
if (!config.isRegistered(SecurityEntityProcessor.class)) {
// RolesAllowed feature.
if (!config.isRegistered(RolesAllowedDynamicFeature.class)) {
context.register(RolesAllowedDynamicFeature.class);
}
// Binder (FilteringObjectProvider/FilteringGraphTransformer).
if (!config.isRegistered(EntityFilteringBinder.class)) {
context.register(new EntityFilteringBinder());
}
// Entity Processors.
context.register(SecurityEntityProcessor.class);
if (!config.isRegistered(DefaultEntityProcessor.class)) {
context.register(DefaultEntityProcessor.class);
}
// Scope Providers.
context.register(SecurityScopeResolver.class);
if (RuntimeType.SERVER.equals(config.getRuntimeType())) {
context.register(SecurityServerScopeResolver.class);
}
// Scope Resolver.
if (RuntimeType.SERVER == config.getRuntimeType()) {
context.register(SecurityServerScopeProvider.class);
} else {
context.register(CommonScopeProvider.class);
}
return true;
}
return false;
}
}