Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 14:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-482: Load AclService implementations from parent app contexts.

Browse Source
This commit is contained in:
Luke Taylor 2008-02-10 12:42:06 +00:00
parent e2bf583fe9
commit ae28169383
1 changed files with 46 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
core/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java
View File

@ -40,6 +40,7 @@ import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import java.util.HashMap;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.servlet.jsp.JspException; import javax.servlet.jsp.JspException;
@ -49,15 +50,17 @@ import javax.servlet.jsp.tagext.TagSupport;
/** /**
* An implementation of {@link javax.servlet.jsp.tagext.Tag} that allows its body through if some authorizations * An implementation of {@link Tag} that allows its body through if some authorizations are granted to the request's
* are granted to the request's principal.<p>One or more comma separate numeric are specified via the * principal.
* <code>hasPermission</code> attribute. Those permissions are then converted into {@link Permission} instances. These * <p>
* instances are then presented as an array to the {@link Acl#isGranted(Permission[], * One or more comma separate numeric are specified via the <tt>hasPermission</tt> attribute.
* org.springframework.security.acls.sid.Sid[], boolean)} method. The {@link Sid} presented is determined by the {@link * These permissions are then converted into {@link Permission} instances. These instances are then presented as an
* SidRetrievalStrategy}.</p> * array to the {@link Acl#isGranted(Permission[], org.springframework.security.acls.sid.Sid[], boolean)} method.
* <p>For this class to operate it must be able to access the application context via the * The {@link Sid} presented is determined by the {@link SidRetrievalStrategy}.
* <p>
* For this class to operate it must be able to access the application context via the
* <code>WebApplicationContextUtils</code> and locate an {@link AclService} and {@link SidRetrievalStrategy}. * <code>WebApplicationContextUtils</code> and locate an {@link AclService} and {@link SidRetrievalStrategy}.
* Application contexts must provide one and only one of these Java types.</p> * Application contexts must provide one and only one of these Java types.
* *
* @author Ben Alex * @author Ben Alex
* @version $Id$ * @version $Id$
@ -163,39 +166,47 @@ public class AccessControlListTag extends TagSupport {
} }
private void initializeIfRequired() throws JspException { private void initializeIfRequired() throws JspException {
if (applicationContext == null) { if (applicationContext != null) {
this.applicationContext = getContext(pageContext); return;
}
Map map = applicationContext.getBeansOfType(AclService.class); this.applicationContext = getContext(pageContext);
if (map.size() != 1) { Map map = new HashMap();
throw new JspException( ApplicationContext context = applicationContext;
"Found incorrect number of AclService instances in application context - you must have only have one!");
}
aclService = (AclService) map.values().iterator().next(); while (context != null) {
map.putAll(context.getBeansOfType(AclService.class));
context = context.getParent();
}
map = applicationContext.getBeansOfType(SidRetrievalStrategy.class); if (map.size() != 1) {
throw new JspException(
"Found incorrect number of AclService instances in application context - you must have only have one!");
}
if (map.size() == 0) { aclService = (AclService) map.values().iterator().next();
sidRetrievalStrategy = new SidRetrievalStrategyImpl();
} else if (map.size() == 1) {
sidRetrievalStrategy = (SidRetrievalStrategy) map.values().iterator().next();
} else {
throw new JspException("Found incorrect number of SidRetrievalStrategy instances in application "
+ "context - you must have only have one!");
}
map = applicationContext.getBeansOfType(ObjectIdentityRetrievalStrategy.class); map = applicationContext.getBeansOfType(SidRetrievalStrategy.class);
if (map.size() == 0) { if (map.size() == 0) {
objectIdentityRetrievalStrategy = new ObjectIdentityRetrievalStrategyImpl(); sidRetrievalStrategy = new SidRetrievalStrategyImpl();
} else if (map.size() == 1) { } else if (map.size() == 1) {
objectIdentityRetrievalStrategy = (ObjectIdentityRetrievalStrategy) map.values().iterator().next(); sidRetrievalStrategy = (SidRetrievalStrategy) map.values().iterator().next();
} else { } else {
throw new JspException("Found incorrect number of ObjectIdentityRetrievalStrategy instances in " throw new JspException("Found incorrect number of SidRetrievalStrategy instances in application "
+ "application context - you must have only have one!"); + "context - you must have only have one!");
} }
map = applicationContext.getBeansOfType(ObjectIdentityRetrievalStrategy.class);
if (map.size() == 0) {
objectIdentityRetrievalStrategy = new ObjectIdentityRetrievalStrategyImpl();
} else if (map.size() == 1) {
objectIdentityRetrievalStrategy = (ObjectIdentityRetrievalStrategy) map.values().iterator().next();
} else {
throw new JspException("Found incorrect number of ObjectIdentityRetrievalStrategy instances in "
+ "application context - you must have only have one!");
} }
} }
@ -210,7 +221,7 @@ public class AccessControlListTag extends TagSupport {
permissions.add(BasePermission.buildFromMask(new Integer(integer).intValue())); permissions.add(BasePermission.buildFromMask(new Integer(integer).intValue()));
} }
return (Permission[]) permissions.toArray(new Permission[] {}); return (Permission[]) permissions.toArray(new Permission[permissions.size()]);
} }
public void setDomainObject(Object domainObject) { public void setDomainObject(Object domainObject) {