Example 36 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project Payara by payara.
the class JwtAuthCdiExtension method findRoles.
/**
* Find all the roles used by the <code>@RolesAllowed</code> annotation, so these can be programmatically
* declared later on.
*/
public <T> void findRoles(@Observes ProcessManagedBean<T> eventIn, BeanManager beanManager) {
// JDK8 u60 workaround
ProcessManagedBean<T> event = eventIn;
if (event instanceof ProcessSessionBean) {
// @RolesAllowed on session beans is already handled
return;
}
List<Annotated> annotatedElements = new ArrayList<>(event.getAnnotatedBeanClass().getMethods());
annotatedElements.add(event.getAnnotatedBeanClass());
for (Annotated annotated : annotatedElements) {
RolesAllowed rolesAllowed = annotated.getAnnotation(RolesAllowed.class);
if (rolesAllowed != null) {
roles.addAll(Arrays.asList(rolesAllowed.value()));
}
}
}
Also used :
Annotated(javax.enterprise.inject.spi.Annotated)
RolesAllowed(javax.annotation.security.RolesAllowed)
ArrayList(java.util.ArrayList)
ProcessSessionBean(javax.enterprise.inject.spi.ProcessSessionBean)
Example 37 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project Payara by payara.
the class AbstractAuthAnnotationHandler method validateAccessControlAnnotations.
/**
* This method checks whether annotations are compatible.
* One cannot have two or more of the @DenyAll, @PermitAll, @RoleAllowed.
*
* @param ainfo
* @return validity
*/
private boolean validateAccessControlAnnotations(AnnotationInfo ainfo) throws AnnotationProcessorException {
boolean validity = true;
AnnotatedElement ae = (AnnotatedElement) ainfo.getAnnotatedElement();
int count = 0;
boolean hasDenyAll = false;
count += (ae.isAnnotationPresent(RolesAllowed.class) ? 1 : 0);
if (ae.isAnnotationPresent(DenyAll.class)) {
count += 1;
hasDenyAll = true;
}
// continue the checking if not already more than one
if (count < 2 && ae.isAnnotationPresent(PermitAll.class)) {
count++;
}
if (count > 1) {
log(Level.SEVERE, ainfo, localStrings.getLocalString("enterprise.deployment.annotation.handlers.morethanoneauthannotation", "One cannot have more than one of @RolesAllowed, @PermitAll, @DenyAll in the same AnnotatedElement."));
validity = false;
}
return validity;
}
Also used :
RolesAllowed(javax.annotation.security.RolesAllowed)
AnnotatedElement(java.lang.reflect.AnnotatedElement)
PermitAll(javax.annotation.security.PermitAll)
Example 38 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project Payara by payara.
the class RolesAllowedHandler method processEjbMethodSecurity.
/**
* Add roles and permissions to given method in EjbDescriptor.
* @param annotation
* @param ejbDesc
* @param md
*/
@Override
protected void processEjbMethodSecurity(Annotation authAnnotation, MethodDescriptor md, EjbDescriptor ejbDesc) {
RolesAllowed rolesAllowedAn = (RolesAllowed) authAnnotation;
for (String roleName : rolesAllowedAn.value()) {
Role role = new Role(roleName);
// add role if not exists
ejbDesc.getEjbBundleDescriptor().addRole(role);
ejbDesc.addPermissionedMethod(new MethodPermission(role), md);
}
}
Also used :
Role(org.glassfish.security.common.Role)
RolesAllowed(javax.annotation.security.RolesAllowed)
MethodPermission(com.sun.enterprise.deployment.MethodPermission)
Example 39 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project irontest by zheng-wang.
the class UserResource method delete.
@DELETE
@Path("{userId}")
@RolesAllowed(IronTestConstants.USER_ROLE_ADMIN)
public void delete(@PathParam("userId") long userId) {
User user = userDAO.findById(userId);
if (user != null && IronTestConstants.SYSADMIN_USER.equals(user.getUsername())) {
throw new RuntimeException("Can not delete " + IronTestConstants.SYSADMIN_USER);
}
userDAO.deleteById(userId);
}
Also used :
User(io.irontest.models.User)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 40 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project jeeshop by remibantos.
the class Catalogs method findPresentationsLocales.
@GET
@Path("/{catalogId}/presentationslocales")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({ ADMIN, STORE_ADMIN, ADMIN_READONLY })
public Set<String> findPresentationsLocales(@Context SecurityContext securityContext, @PathParam("catalogId") @NotNull Long catalogId) {
Catalog catalog = entityManager.find(Catalog.class, catalogId);
checkNotNull(catalog);
if (!isAdminUser(securityContext) && !isOwner(securityContext, catalog.getOwner()))
throw new WebApplicationException(Response.Status.FORBIDDEN);
return catalog.getPresentationByLocale().keySet();
}
Also used :
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
Catalog(org.rembx.jeeshop.catalog.model.Catalog)
RolesAllowed(javax.annotation.security.RolesAllowed)
Aggregations
RolesAllowed (javax.annotation.security.RolesAllowed)191
Path (javax.ws.rs.Path)127
Produces (javax.ws.rs.Produces)110
Consumes (javax.ws.rs.Consumes)55
GET (javax.ws.rs.GET)54
POST (javax.ws.rs.POST)40
PUT (javax.ws.rs.PUT)35
HashMap (java.util.HashMap)34
ArrayList (java.util.ArrayList)32
IOException (java.io.IOException)30
ApiOperation (io.swagger.annotations.ApiOperation)29
ApiResponses (io.swagger.annotations.ApiResponses)29
Response (javax.ws.rs.core.Response)28
Adapter (nl.nn.adapterframework.core.Adapter)21
DELETE (javax.ws.rs.DELETE)19
WebApplicationException (org.rembx.jeeshop.rest.WebApplicationException)19
LinkedHashMap (java.util.LinkedHashMap)16
Locale (java.util.Locale)16
Map (java.util.Map)12
ResponseBuilder (javax.ws.rs.core.Response.ResponseBuilder)12
