SEC-191: Look in parent bean factories for AclManager.
This commit is contained in:
Ben Alex
parent
f6b7429947
commit
97ac9f7e98
|
|
@ -1,4 +1,4 @@
|
||||||
/* Copyright 2004, 2005 Acegi Technology Pty Limited
|
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
|
@ -16,21 +16,24 @@
|
||||||
package org.acegisecurity.taglibs.authz;
|
package org.acegisecurity.taglibs.authz;
|
||||||
|
|
||||||
import org.acegisecurity.Authentication;
|
import org.acegisecurity.Authentication;
|
||||||
|
|
||||||
import org.acegisecurity.acl.AclEntry;
|
import org.acegisecurity.acl.AclEntry;
|
||||||
import org.acegisecurity.acl.AclManager;
|
import org.acegisecurity.acl.AclManager;
|
||||||
import org.acegisecurity.acl.basic.BasicAclEntry;
|
import org.acegisecurity.acl.basic.BasicAclEntry;
|
||||||
|
|
||||||
import org.acegisecurity.context.SecurityContextHolder;
|
import org.acegisecurity.context.SecurityContextHolder;
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
|
||||||
|
import org.springframework.beans.factory.BeanFactoryUtils;
|
||||||
|
|
||||||
import org.springframework.context.ApplicationContext;
|
import org.springframework.context.ApplicationContext;
|
||||||
|
|
||||||
import org.springframework.web.context.support.WebApplicationContextUtils;
|
import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||||
import org.springframework.web.util.ExpressionEvaluationUtils;
|
import org.springframework.web.util.ExpressionEvaluationUtils;
|
||||||
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Map;
|
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.StringTokenizer;
|
import java.util.StringTokenizer;
|
||||||
|
|
||||||
|
|
@ -54,7 +57,8 @@ import javax.servlet.jsp.tagext.TagSupport;
|
||||||
* One or more comma separate integer permissions are specified via the
|
* One or more comma separate integer permissions are specified via the
|
||||||
* <code>hasPermission</code> attribute. The tag will include its body if
|
* <code>hasPermission</code> attribute. The tag will include its body if
|
||||||
* <b>any</b> of the integer permissions have been granted to the current
|
* <b>any</b> of the integer permissions have been granted to the current
|
||||||
* <code>Authentication</code> (obtained from the <code>SecurityContextHolder</code>).
|
* <code>Authentication</code> (obtained from the
|
||||||
|
* <code>SecurityContextHolder</code>).
|
||||||
* </p>
|
* </p>
|
||||||
*
|
*
|
||||||
* <p>
|
* <p>
|
||||||
|
|
@ -82,22 +86,6 @@ public class AclTag extends TagSupport {
|
||||||
|
|
||||||
//~ Methods ================================================================
|
//~ Methods ================================================================
|
||||||
|
|
||||||
public void setDomainObject(Object domainObject) {
|
|
||||||
this.domainObject = domainObject;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Object getDomainObject() {
|
|
||||||
return domainObject;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setHasPermission(String hasPermission) {
|
|
||||||
this.hasPermission = hasPermission;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getHasPermission() {
|
|
||||||
return hasPermission;
|
|
||||||
}
|
|
||||||
|
|
||||||
public int doStartTag() throws JspException {
|
public int doStartTag() throws JspException {
|
||||||
if ((null == hasPermission) || "".equals(hasPermission)) {
|
if ((null == hasPermission) || "".equals(hasPermission)) {
|
||||||
return Tag.SKIP_BODY;
|
return Tag.SKIP_BODY;
|
||||||
|
|
@ -146,16 +134,16 @@ public class AclTag extends TagSupport {
|
||||||
.getAuthentication();
|
.getAuthentication();
|
||||||
|
|
||||||
ApplicationContext context = getContext(pageContext);
|
ApplicationContext context = getContext(pageContext);
|
||||||
Map beans = context.getBeansOfType(AclManager.class, false, false);
|
String[] beans = BeanFactoryUtils.beanNamesForTypeIncludingAncestors(context,
|
||||||
|
AclManager.class, false, false);
|
||||||
|
|
||||||
if (beans.size() == 0) {
|
if (beans.length == 0) {
|
||||||
throw new JspException(
|
throw new JspException(
|
||||||
"No AclManager would found the application context: "
|
"No AclManager would found the application context: "
|
||||||
+ context.toString());
|
+ context.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
String beanName = (String) beans.keySet().iterator().next();
|
AclManager aclManager = (AclManager) context.getBean(beans[0]);
|
||||||
AclManager aclManager = (AclManager) context.getBean(beanName);
|
|
||||||
|
|
||||||
// Obtain aclEntrys applying to the current Authentication object
|
// Obtain aclEntrys applying to the current Authentication object
|
||||||
AclEntry[] acls = aclManager.getAcls(resolvedDomainObject, auth);
|
AclEntry[] acls = aclManager.getAcls(resolvedDomainObject, auth);
|
||||||
|
|
@ -174,7 +162,7 @@ public class AclTag extends TagSupport {
|
||||||
for (int i = 0; i < acls.length; i++) {
|
for (int i = 0; i < acls.length; i++) {
|
||||||
// Locate processable AclEntrys
|
// Locate processable AclEntrys
|
||||||
if (acls[i] instanceof BasicAclEntry) {
|
if (acls[i] instanceof BasicAclEntry) {
|
||||||
BasicAclEntry processableAcl = (BasicAclEntry) acls[i];
|
BasicAclEntry processableAcl = (BasicAclEntry) acls[i];
|
||||||
|
|
||||||
// See if principal has any of the required permissions
|
// See if principal has any of the required permissions
|
||||||
for (int y = 0; y < requiredIntegers.length; y++) {
|
for (int y = 0; y < requiredIntegers.length; y++) {
|
||||||
|
|
@ -214,6 +202,14 @@ public class AclTag extends TagSupport {
|
||||||
return WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
|
return WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Object getDomainObject() {
|
||||||
|
return domainObject;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getHasPermission() {
|
||||||
|
return hasPermission;
|
||||||
|
}
|
||||||
|
|
||||||
private Integer[] parseIntegersString(String integersString)
|
private Integer[] parseIntegersString(String integersString)
|
||||||
throws NumberFormatException {
|
throws NumberFormatException {
|
||||||
final Set integers = new HashSet();
|
final Set integers = new HashSet();
|
||||||
|
|
@ -227,4 +223,12 @@ public class AclTag extends TagSupport {
|
||||||
|
|
||||||
return (Integer[]) integers.toArray(new Integer[] {});
|
return (Integer[]) integers.toArray(new Integer[] {});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void setDomainObject(Object domainObject) {
|
||||||
|
this.domainObject = domainObject;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setHasPermission(String hasPermission) {
|
||||||
|
this.hasPermission = hasPermission;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue