Add logging.

2004-11-20 04:10:05 +00:00 · 2004-11-20 04:10:05 +00:00 · 4ca1e2fd99
parent f251436a99
commit 4ca1e2fd99
2 changed files with 51 additions and 0 deletions
--- a/core/src/main/java/org/acegisecurity/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java
+++ b/core/src/main/java/org/acegisecurity/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java
@ -25,6 +25,9 @@ import net.sf.acegisecurity.acl.AclManager;
 import net.sf.acegisecurity.acl.basic.AbstractBasicAclEntry;
 import net.sf.acegisecurity.acl.basic.SimpleAclEntry;

+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
 import org.springframework.beans.factory.InitializingBean;

 import java.util.Collection;
@ -95,6 +98,10 @@ import java.util.Set;
 */
 public class BasicAclEntryAfterInvocationCollectionFilteringProvider
    implements AfterInvocationProvider, InitializingBean {
+    //~ Static fields/initializers =============================================
+
+    protected static final Log logger = LogFactory.getLog(BasicAclEntryAfterInvocationCollectionFilteringProvider.class);
+
    //~ Instance fields ========================================================

    private AclManager aclManager;
@ -154,6 +161,10 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProvider
            if (this.supports(attr)) {
                // Need to process the Collection for this invocation
                if (returnedObject == null) {
+                    if (logger.isDebugEnabled()) {
+                        logger.debug("Return object is null, skipping");
+                    }
+
                    return null;
                }

@ -202,6 +213,14 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProvider
                                    if (processableAcl.isPermitted(
                                            requirePermission[y])) {
                                        hasPermission = true;
+
+                                        if (logger.isDebugEnabled()) {
+                                            logger.debug(
+                                                "Principal is authorised for element: "
+                                                + domainObject
+                                                + " due to ACL: "
+                                                + processableAcl.toString());
+                                        }
                                    }
                                }
                            }
@ -210,16 +229,30 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProvider

                    if (!hasPermission) {
                        removeList.add(domainObject);
+
+                        if (logger.isDebugEnabled()) {
+                            logger.debug(
+                                "Principal is NOT authorised for element: "
+                                + domainObject);
+                        }
                    }
                }

                // Now the Iterator has ended, remove Objects from Collection
                Iterator removeIter = removeList.iterator();

+                int originalSize = collection.size();
+
                while (removeIter.hasNext()) {
                    collection.remove(removeIter.next());
                }

+                if (logger.isDebugEnabled()) {
+                    logger.debug("Original collection contained "
+                        + originalSize + " elements; now contains "
+                        + collection.size() + " elements");
+                }
+
                return collection;
            }
        }
--- a/core/src/main/java/org/acegisecurity/afterinvocation/BasicAclEntryAfterInvocationProvider.java
+++ b/core/src/main/java/org/acegisecurity/afterinvocation/BasicAclEntryAfterInvocationProvider.java
@ -24,6 +24,9 @@ import net.sf.acegisecurity.acl.AclManager;
 import net.sf.acegisecurity.acl.basic.AbstractBasicAclEntry;
 import net.sf.acegisecurity.acl.basic.SimpleAclEntry;

+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
 import org.springframework.beans.factory.InitializingBean;

 import java.util.Iterator;
@ -89,6 +92,10 @@ import java.util.Iterator;
 */
 public class BasicAclEntryAfterInvocationProvider
    implements AfterInvocationProvider, InitializingBean {
+    //~ Static fields/initializers =============================================
+
+    protected static final Log logger = LogFactory.getLog(BasicAclEntryAfterInvocationProvider.class);
+
    //~ Instance fields ========================================================

    private AclManager aclManager;
@ -150,6 +157,10 @@ public class BasicAclEntryAfterInvocationProvider
                if (returnedObject == null) {
                    // AclManager interface contract prohibits nulls
                    // As they have permission to null/nothing, grant access
+                    if (logger.isDebugEnabled()) {
+                        logger.debug("Return object is null, skipping");
+                    }
+
                    return null;
                }

@ -171,6 +182,13 @@ public class BasicAclEntryAfterInvocationProvider
                        // See if principal has any of the required permissions
                        for (int y = 0; y < requirePermission.length; y++) {
                            if (processableAcl.isPermitted(requirePermission[y])) {
+                                if (logger.isDebugEnabled()) {
+                                    logger.debug(
+                                        "Principal DOES have permission to return object: "
+                                        + returnedObject + " due to ACL: "
+                                        + processableAcl.toString());
+                                }
+
                                return returnedObject;
                            }
                        }