Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-990: Clarify the semantics of the ConsensusBased ADM. Added the suggested patch to the Javadoc for this class.

This commit is contained in:
Luke Taylor 2008-12-04 13:32:35 +00:00
parent ffc8637def
commit 7dfbcf2ddf
1 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
core/src/main/java/org/springframework/security/vote/ConsensusBased.java
View File

@ -15,17 +15,18 @@
package org.springframework.security.vote;
import java.util.List;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.Authentication;
import org.springframework.security.ConfigAttribute;
import java.util.Iterator;
import java.util.List;
/**
* Simple concrete implementation of {@link org.springframework.security.AccessDecisionManager} that uses a consensus-based
* approach.
* Simple concrete implementation of {@link org.springframework.security.AccessDecisionManager} that uses a
* consensus-based approach.
* <p>
* "Consensus" here means majority-rule (ignoring abstains) rather than unanimous agreement (ignoring abstains).
* If you require unanimity, please see {@link UnanimousBased}.
*/
public class ConsensusBased extends AbstractAccessDecisionManager {
//~ Instance fields ================================================================================================
@ -36,11 +37,13 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
/**
* This concrete implementation simply polls all configured {@link AccessDecisionVoter}s and upon
* completion determines the consensus of granted vs denied responses.<p>If there were an equal number of
* grant and deny votes, the decision will be based on the {@link #isAllowIfEqualGrantedDeniedDecisions()}
* property (defaults to true).</p>
* <p>If every <code>AccessDecisionVoter</code> abstained from voting, the decision will be based on the
* {@link #isAllowIfAllAbstainDecisions()} property (defaults to false).</p>
* completion determines the consensus of granted against denied responses.
* <p>
* If there were an equal number of grant and deny votes, the decision will be based on the
* {@link #isAllowIfEqualGrantedDeniedDecisions()} property (defaults to true).
* <p>
* If every <code>AccessDecisionVoter</code> abstained from voting, the decision will be based on the
* {@link #isAllowIfAllAbstainDecisions()} property (defaults to false).
*
* @param authentication the caller invoking the method
* @param object the secured object
@ -49,14 +52,12 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
* @throws AccessDeniedException if access is denied
*/
public void decide(Authentication authentication, Object object, List<ConfigAttribute> configAttributes)
throws AccessDeniedException {
Iterator iter = this.getDecisionVoters().iterator();
throws AccessDeniedException {
int grant = 0;
int deny = 0;
int abstain = 0;
while (iter.hasNext()) {
AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
for (AccessDecisionVoter voter : getDecisionVoters()) {
int result = voter.vote(authentication, object, configAttributes);
switch (result) {