org.wamblee.security.authorization
Class UrlAuthorizationRule

java.lang.Object
  extended by org.wamblee.security.authorization.AbstractAuthorizationRule
      extended by org.wamblee.security.authorization.UrlAuthorizationRule
All Implemented Interfaces:
AuthorizationRule

@Entity
public abstract class UrlAuthorizationRule
extends AbstractAuthorizationRule

Utility base class for implementation of authentication rules based on the

In case all three conditions match, the condition returns the configured result passed at construction (GRANTED or DENIED). If the resource is not of the specified type, the result is UNSUPPORTED_RESOURCE, otherwise, the result is UNDECIDED.


Constructor Summary
protected UrlAuthorizationRule()
          For OR mapping.
protected UrlAuthorizationRule(AuthorizationResult aResult, UserCondition aUserCondition, PathCondition aPathCondition, java.lang.Class aResourceClass, OperationCondition aOperationCondition)
          Constructs an authorization rule.
protected UrlAuthorizationRule(java.lang.Class aResourceClass)
          For OR mapping.
 
Method Summary
protected  java.lang.String getAuthorizationResultString()
          Gets the authorization result for OR mapping.
 OperationCondition getOperationCondition()
           
 PathCondition getPathCondition()
           
protected  java.lang.String getResourceClassName()
           
protected abstract  java.lang.String getResourcePath(java.lang.Object aResource)
          Gets the path of the resource.
 java.lang.Class[] getSupportedTypes()
          Returns the supported object types for which this authorization rule applies.
 UserCondition getUserCondition()
           
 AuthorizationResult isAllowed(java.lang.Object aResource, Operation aOperation, java.lang.String aUser)
          Determines whether an operation is allowed on a certain resource.
protected  AuthorizationResult isAllowedWithPath(java.lang.String aPath, Operation aOperation, java.lang.String aUser)
          Determines if the operation is allowed on the resource.
protected  void setAuthorizationResultString(java.lang.String aResult)
          Sets the authorization result, for OR mapping.
protected  void setOperationCondition(OperationCondition aOperationCondition)
           
protected  void setPathCondition(PathCondition aPathCondition)
           
protected  void setResourceClassName(java.lang.String aResourceClass)
           
 void setUserAdministration(UserAdministration aAdmin)
          Sets the user admnistration to use.
protected  void setUserCondition(UserCondition aUserCondition)
           
 java.lang.String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

UrlAuthorizationRule

protected UrlAuthorizationRule(AuthorizationResult aResult,
                               UserCondition aUserCondition,
                               PathCondition aPathCondition,
                               java.lang.Class aResourceClass,
                               OperationCondition aOperationCondition)
Constructs an authorization rule. IF the group and path match, then the provided result will be returned.

Parameters:
aResult - Result of the authorization when the path and group match.
aUserCondition - Condition to match users.
aPathCondition - Condition to match paths with.
aResourceClass - Supported resource class this is for.
aOperationCondition - Condition to match the operation with.

UrlAuthorizationRule

protected UrlAuthorizationRule(java.lang.Class aResourceClass)
For OR mapping.


UrlAuthorizationRule

protected UrlAuthorizationRule()
For OR mapping.

Method Detail

getSupportedTypes

public java.lang.Class[] getSupportedTypes()
Description copied from interface: AuthorizationRule
Returns the supported object types for which this authorization rule applies. This can be used by the authorization service for optimization.

Returns:
Array of supported types.

isAllowed

public AuthorizationResult isAllowed(java.lang.Object aResource,
                                     Operation aOperation,
                                     java.lang.String aUser)
Description copied from interface: AuthorizationRule
Determines whether an operation is allowed on a certain resource. The rule implementation must be prepared to deal with resources for which it does not apply. In those cases it should return AuthorizationResult.UNSUPPORTED_RESOURCE.

Parameters:
aResource - Resource.
aOperation - Operation.
aUser - Current user.
Returns:
Authorization result.

isAllowedWithPath

protected AuthorizationResult isAllowedWithPath(java.lang.String aPath,
                                                Operation aOperation,
                                                java.lang.String aUser)
Determines if the operation is allowed on the resource.

Parameters:
aPath - Path of the resource.
aOperation - Operation to be done.
aUser - Currently logged in user or null if no user is logged in.
Returns:
Authorization result,

getResourcePath

protected abstract java.lang.String getResourcePath(java.lang.Object aResource)
Gets the path of the resource.

Parameters:
aResource - Resource, guaranteed to be an instance of resourceClass.
Returns:
Path of the resource.

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object

getAuthorizationResultString

protected java.lang.String getAuthorizationResultString()
Gets the authorization result for OR mapping.

Returns:
Result.

setAuthorizationResultString

protected void setAuthorizationResultString(java.lang.String aResult)
Sets the authorization result, for OR mapping.

Parameters:
aResult - Result.

getResourceClassName

protected java.lang.String getResourceClassName()

setResourceClassName

protected void setResourceClassName(java.lang.String aResourceClass)

getOperationCondition

public OperationCondition getOperationCondition()
Returns:
Returns the operationCondition.

setOperationCondition

protected void setOperationCondition(OperationCondition aOperationCondition)
Parameters:
aOperationCondition - The operationCondition to set.

getPathCondition

public PathCondition getPathCondition()
Returns:
Returns the pathCondition.

setPathCondition

protected void setPathCondition(PathCondition aPathCondition)
Parameters:
aPathCondition - The pathCondition to set.

getUserCondition

public UserCondition getUserCondition()
Returns:
Returns the userCondition.

setUserCondition

protected void setUserCondition(UserCondition aUserCondition)
Parameters:
aUserCondition - The userCondition to set.

setUserAdministration

public void setUserAdministration(UserAdministration aAdmin)
Description copied from interface: AuthorizationRule
Sets the user admnistration to use.

Parameters:
aAdmin - User administration.


Copyright © 2022. All Rights Reserved.