org.wamblee.security.authorization
Class DefaultAuthorizationService

java.lang.Object
  extended by org.wamblee.security.authorization.AbstractAuthorizationService
      extended by org.wamblee.security.authorization.DefaultAuthorizationService
All Implemented Interfaces:
AuthorizationService

@Entity
public class DefaultAuthorizationService
extends AbstractAuthorizationService

Default implementation of an authorization service. To determine whether access to a resource is allowed, the service consults a number of authorization rules in a fixed order. The first rule that gives a result GRANTED or DENIED determines the result of the evaluation. Rules that return any other result are ignoed. If none of the rules match, than access is denied.

Author:
Erik Brakkee

Field Summary
 
Fields inherited from class org.wamblee.security.authorization.AbstractAuthorizationService
NAME_PARAM, QUERY_FIND_BY_NAME
 
Constructor Summary
DefaultAuthorizationService()
          Constructs the authorization service.
DefaultAuthorizationService(UserAccessor aAccessor, UserAdministration aUserAdmin, java.lang.String aName)
          Constructs the service.
 
Method Summary
 void appendRule(AuthorizationRule aRule)
          Appends a new authorization rule to the end.
<T> T
check(T aResource, Operation aOperation)
          Checks if the given operation is allowed on the resource.
protected  java.util.List<AuthorizationRule> getMappedRules()
          For OR mapping.
 AuthorizationRule[] getRules()
          Gets the authorization rules.
 void insertRuleAfter(int aIndex, AuthorizationRule aRule)
          Inserts a rule.
 boolean isAllowed(java.lang.Object aResource, Operation aOperation)
          Checks whether an operation is allowed on a resource.
 void removeRule(int aIndex)
          Removes a rule.
protected  void setMappedRules(java.util.List<AuthorizationRule> aRules)
          For OR mapping.
 void setUserAccessor(UserAccessor aUserAccessor)
          Sets the user accessor so that the authorization service can get access to the logged in user.
 void setUserAdministration(UserAdministration aUserAdmin)
          Sets the user administration so that the authorization service can check information for the the current user.
 
Methods inherited from class org.wamblee.security.authorization.AbstractAuthorizationService
getName
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultAuthorizationService

public DefaultAuthorizationService(UserAccessor aAccessor,
                                   UserAdministration aUserAdmin,
                                   java.lang.String aName)
Constructs the service.

Parameters:
aAccessor - User accessor.
aUserAdmin - User administration.
aName - Name of this instance of the service.

DefaultAuthorizationService

public DefaultAuthorizationService()
Constructs the authorization service.

Method Detail

setUserAccessor

public void setUserAccessor(UserAccessor aUserAccessor)
Description copied from interface: AuthorizationService
Sets the user accessor so that the authorization service can get access to the logged in user.

Parameters:
aUserAccessor - User accessor.

setUserAdministration

public void setUserAdministration(UserAdministration aUserAdmin)
Description copied from interface: AuthorizationService
Sets the user administration so that the authorization service can check information for the the current user.

Parameters:
aUserAdmin - User administration.

isAllowed

public boolean isAllowed(java.lang.Object aResource,
                         Operation aOperation)
Description copied from interface: AuthorizationService
Checks whether an operation is allowed on a resource.

Parameters:
aResource - Resource.
aOperation - Operation.
Returns:
Checks whether the operation is allowed on a resource.

check

public <T> T check(T aResource,
                   Operation aOperation)
Description copied from interface: AuthorizationService
Checks if the given operation is allowed on the resource.

Type Parameters:
T - Type of resource
Parameters:
aResource - Resource.
aOperation - Operation.
Returns:
Resource passed in in case access is allowed

getRules

public AuthorizationRule[] getRules()
Description copied from interface: AuthorizationService
Gets the authorization rules.

Returns:
Rules.

appendRule

public void appendRule(AuthorizationRule aRule)
Description copied from interface: AuthorizationService
Appends a new authorization rule to the end.

Parameters:
aRule - Rule to append.

insertRuleAfter

public void insertRuleAfter(int aIndex,
                            AuthorizationRule aRule)
Description copied from interface: AuthorizationService
Inserts a rule.

Parameters:
aIndex - Index of the position of the rule after insertion.
aRule - Rule to insert.

removeRule

public void removeRule(int aIndex)
Description copied from interface: AuthorizationService
Removes a rule.

Parameters:
aIndex - Index of the rule to remove.

getMappedRules

protected java.util.List<AuthorizationRule> getMappedRules()
For OR mapping.

Returns:
The rules.

setMappedRules

protected void setMappedRules(java.util.List<AuthorizationRule> aRules)
For OR mapping.

Parameters:
aRules - The rules.


Copyright © 2022. All Rights Reserved.