Search in sources :

Example 1 with Secured

use of org.apache.deltaspike.security.api.authorization.Secured in project deltaspike by apache.

the class SecurityUtils method invokeVoters.

public static void invokeVoters(EditableAccessDecisionVoterContext accessDecisionVoterContext, ConfigDescriptor<?> viewConfigDescriptor) {
    if (viewConfigDescriptor == null) {
        return;
    }
    List<Secured> securedMetaData = viewConfigDescriptor.getMetaData(Secured.class);
    if (securedMetaData.isEmpty()) {
        return;
    }
    accessDecisionVoterContext.addMetaData(ViewConfig.class.getName(), viewConfigDescriptor.getConfigClass());
    for (Annotation viewMetaData : viewConfigDescriptor.getMetaData()) {
        if (!viewMetaData.annotationType().equals(Secured.class)) {
            accessDecisionVoterContext.addMetaData(viewMetaData.annotationType().getName(), viewMetaData);
        }
    }
    Secured.Descriptor securedDescriptor = viewConfigDescriptor.getExecutableCallbackDescriptor(Secured.class, Secured.Descriptor.class);
    AccessDecisionState voterState = AccessDecisionState.VOTE_IN_PROGRESS;
    try {
        accessDecisionVoterContext.setState(voterState);
        List<Set<SecurityViolation>> violations = securedDescriptor.execute(accessDecisionVoterContext);
        Set<SecurityViolation> allViolations = createViolationResult(violations);
        if (!allViolations.isEmpty()) {
            voterState = AccessDecisionState.VIOLATION_FOUND;
            for (SecurityViolation violation : allViolations) {
                accessDecisionVoterContext.addViolation(violation);
            }
            Class<? extends ViewConfig> errorView = securedMetaData.iterator().next().errorView();
            throw new ErrorViewAwareAccessDeniedException(allViolations, errorView);
        }
    } finally {
        if (AccessDecisionState.VOTE_IN_PROGRESS.equals(voterState)) {
            voterState = AccessDecisionState.NO_VIOLATION_FOUND;
        }
        accessDecisionVoterContext.setState(voterState);
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) Secured(org.apache.deltaspike.security.api.authorization.Secured) ErrorViewAwareAccessDeniedException(org.apache.deltaspike.security.api.authorization.ErrorViewAwareAccessDeniedException) ViewConfig(org.apache.deltaspike.core.api.config.view.ViewConfig) AccessDecisionState(org.apache.deltaspike.security.api.authorization.AccessDecisionState) SecurityViolation(org.apache.deltaspike.security.api.authorization.SecurityViolation) Annotation(java.lang.annotation.Annotation)

Example 2 with Secured

use of org.apache.deltaspike.security.api.authorization.Secured in project deltaspike by apache.

the class SecuredAnnotationAuthorizer method doSecuredCheck.

@Secures
@Secured({})
@SuppressWarnings("UnusedDeclaration")
public boolean doSecuredCheck(InvocationContext invocationContext) throws Exception {
    List<Class<? extends AccessDecisionVoter>> voterClasses = new ArrayList<Class<? extends AccessDecisionVoter>>();
    List<Annotation> annotatedTypeMetadata = extractMetadata(invocationContext);
    for (Annotation annotation : annotatedTypeMetadata) {
        if (Secured.class.isAssignableFrom(annotation.annotationType())) {
            voterClasses.addAll(Arrays.asList(((Secured) annotation).value()));
        } else if (voterContext instanceof EditableAccessDecisionVoterContext) {
            ((EditableAccessDecisionVoterContext) voterContext).addMetaData(annotation.annotationType().getName(), annotation);
        }
    }
    invokeVoters(invocationContext, voterClasses);
    // X TODO check the use-cases for it
    return true;
}
Also used : Secured(org.apache.deltaspike.security.api.authorization.Secured) AccessDecisionVoter(org.apache.deltaspike.security.api.authorization.AccessDecisionVoter) Annotation(java.lang.annotation.Annotation) EditableAccessDecisionVoterContext(org.apache.deltaspike.security.spi.authorization.EditableAccessDecisionVoterContext) Secures(org.apache.deltaspike.security.api.authorization.Secures) Secured(org.apache.deltaspike.security.api.authorization.Secured)

Aggregations

Annotation (java.lang.annotation.Annotation)2 Secured (org.apache.deltaspike.security.api.authorization.Secured)2 HashSet (java.util.HashSet)1 Set (java.util.Set)1 ViewConfig (org.apache.deltaspike.core.api.config.view.ViewConfig)1 AccessDecisionState (org.apache.deltaspike.security.api.authorization.AccessDecisionState)1 AccessDecisionVoter (org.apache.deltaspike.security.api.authorization.AccessDecisionVoter)1 ErrorViewAwareAccessDeniedException (org.apache.deltaspike.security.api.authorization.ErrorViewAwareAccessDeniedException)1 Secures (org.apache.deltaspike.security.api.authorization.Secures)1 SecurityViolation (org.apache.deltaspike.security.api.authorization.SecurityViolation)1 EditableAccessDecisionVoterContext (org.apache.deltaspike.security.spi.authorization.EditableAccessDecisionVoterContext)1