All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.acegisecurity.afterinvocation.AfterInvocationProviderManager Maven / Gradle / Ivy

There is a newer version: 1.0.7
Show newest version
/* Copyright 2004 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.acegisecurity.afterinvocation;

import org.acegisecurity.AccessDeniedException;
import org.acegisecurity.AfterInvocationManager;
import org.acegisecurity.Authentication;
import org.acegisecurity.ConfigAttribute;
import org.acegisecurity.ConfigAttributeDefinition;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import org.springframework.beans.factory.InitializingBean;

import java.util.Iterator;
import java.util.List;


/**
 * Provider-based implementation of {@link AfterInvocationManager}.
 * 
 * 

* Handles configuration of a bean context defined list of {@link * AfterInvocationProvider}s. *

* *

* Every AfterInvocationProvider will be polled when the {@link * #decide(Authentication, Object, ConfigAttributeDefinition, Object)} method * is called. The Object returned from each provider will be * presented to the successive provider for processing. This means each * provider must ensure they return the Object, even if * they are not interested in the "after invocation" decision (perhaps as the * secure object invocation did not include a configuration attribute a given * provider is configured to respond to). *

* * @author Ben Alex * @version $Id: AfterInvocationProviderManager.java,v 1.3 2005/11/17 00:55:56 benalex Exp $ */ public class AfterInvocationProviderManager implements AfterInvocationManager, InitializingBean { //~ Static fields/initializers ============================================= protected static final Log logger = LogFactory.getLog(AfterInvocationProviderManager.class); //~ Instance fields ======================================================== private List providers; //~ Methods ================================================================ public void setProviders(List newList) { checkIfValidList(newList); Iterator iter = newList.iterator(); while (iter.hasNext()) { Object currentObject = null; try { currentObject = iter.next(); AfterInvocationProvider attemptToCast = (AfterInvocationProvider) currentObject; } catch (ClassCastException cce) { throw new IllegalArgumentException("AfterInvocationProvider " + currentObject.getClass().getName() + " must implement AfterInvocationProvider"); } } this.providers = newList; } public List getProviders() { return this.providers; } public void afterPropertiesSet() throws Exception { checkIfValidList(this.providers); } public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { Iterator iter = this.providers.iterator(); Object result = returnedObject; while (iter.hasNext()) { AfterInvocationProvider provider = (AfterInvocationProvider) iter .next(); result = provider.decide(authentication, object, config, result); } return result; } public boolean supports(ConfigAttribute attribute) { Iterator iter = this.providers.iterator(); while (iter.hasNext()) { AfterInvocationProvider provider = (AfterInvocationProvider) iter .next(); if (logger.isDebugEnabled()) { logger.debug("Evaluating " + attribute + " against " + provider); } if (provider.supports(attribute)) { return true; } } return false; } /** * Iterates through all AfterInvocationProviders and ensures * each can support the presented class. * *

* If one or more providers cannot support the presented class, * false is returned. *

* * @param clazz the secure object class being queries * * @return if the AfterInvocationProviderManager can support * the secure object class, which requires every one of its * AfterInvocationProviders to support the secure * object class */ public boolean supports(Class clazz) { Iterator iter = this.providers.iterator(); while (iter.hasNext()) { AfterInvocationProvider provider = (AfterInvocationProvider) iter .next(); if (!provider.supports(clazz)) { return false; } } return true; } private void checkIfValidList(List listToCheck) { if ((listToCheck == null) || (listToCheck.size() == 0)) { throw new IllegalArgumentException( "A list of AfterInvocationProviders is required"); } } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy