Examples with MotechAccessVoter - org.motechproject.security.authentication.MotechAccessVoter

Example 1 with MotechAccessVoter

use of org.motechproject.security.authentication.MotechAccessVoter in project motech by motech.

the class SecurityRuleBuilder method addFilterSecurityInterceptor.

private void addFilterSecurityInterceptor(List<Filter> filters, MotechURLSecurityRule securityRule) {
    Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
    List<AccessDecisionVoter> voters = new ArrayList<>();
    Collection<ConfigAttribute> configAtts = new ArrayList<>();
    if (CollectionUtils.isEmpty(securityRule.getPermissionAccess()) && CollectionUtils.isEmpty(securityRule.getUserAccess())) {
        configAtts.add(new SecurityConfig("IS_AUTHENTICATED_FULLY"));
        AuthenticatedVoter authVoter = new AuthenticatedVoter();
        voters.add(authVoter);
    } else {
        if (!CollectionUtils.isEmpty(securityRule.getPermissionAccess())) {
            for (String permission : securityRule.getPermissionAccess()) {
                configAtts.add(new SecurityConfig(permission));
            }
        }
        if (!CollectionUtils.isEmpty(securityRule.getUserAccess())) {
            for (String userAccess : securityRule.getUserAccess()) {
                configAtts.add(new SecurityConfig(SecurityConfigConstants.USER_ACCESS_PREFIX + userAccess));
            }
        }
    }
    buildRequestMap(requestMap, configAtts, securityRule);
    FilterInvocationSecurityMetadataSource metadataSource = new DefaultFilterInvocationSecurityMetadataSource((LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) requestMap);
    FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
    interceptor.setSecurityMetadataSource(metadataSource);
    RoleVoter roleVoter = new RoleVoter();
    roleVoter.setRolePrefix(SecurityConfigConstants.ROLE_ACCESS_PREFIX);
    voters.add(roleVoter);
    voters.add(new MotechAccessVoter());
    AccessDecisionManager decisionManager = new AffirmativeBased(voters);
    interceptor.setAccessDecisionManager(decisionManager);
    interceptor.setAuthenticationManager(authenticationManager);
    filters.add(interceptor);
}

Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AnyRequestMatcher(org.springframework.security.web.util.matcher.AnyRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) AccessDecisionManager(org.springframework.security.access.AccessDecisionManager) ConfigAttribute(org.springframework.security.access.ConfigAttribute) FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource) FilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource) LinkedHashMap(java.util.LinkedHashMap) AuthenticatedVoter(org.springframework.security.access.vote.AuthenticatedVoter) SecurityConfig(org.springframework.security.access.SecurityConfig) MotechAccessVoter(org.motechproject.security.authentication.MotechAccessVoter) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) Collection(java.util.Collection) DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)

Aggregations

ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 LinkedHashMap (java.util.LinkedHashMap)1 MotechAccessVoter (org.motechproject.security.authentication.MotechAccessVoter)1 AccessDecisionManager (org.springframework.security.access.AccessDecisionManager)1 AccessDecisionVoter (org.springframework.security.access.AccessDecisionVoter)1 ConfigAttribute (org.springframework.security.access.ConfigAttribute)1 SecurityConfig (org.springframework.security.access.SecurityConfig)1 AffirmativeBased (org.springframework.security.access.vote.AffirmativeBased)1 AuthenticatedVoter (org.springframework.security.access.vote.AuthenticatedVoter)1 RoleVoter (org.springframework.security.access.vote.RoleVoter)1 DefaultFilterInvocationSecurityMetadataSource (org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)1 FilterInvocationSecurityMetadataSource (org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource)1 FilterSecurityInterceptor (org.springframework.security.web.access.intercept.FilterSecurityInterceptor)1 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)1 AnyRequestMatcher (org.springframework.security.web.util.matcher.AnyRequestMatcher)1 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)1