Menu
▾
▴
[Openutils-svn] SF.net SVN: openutils: [391] trunk/openutils-hibernate-security/src
|
From: <fc...@us...> - 2007-08-08 15:38:58
|
Revision: 391
http://openutils.svn.sourceforge.net/openutils/?rev=391&view=rev
Author: fcarone
Date: 2007-08-08 08:38:52 -0700 (Wed, 08 Aug 2007)
Log Message:
-----------
Initial implementation for java bean security filter
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
Added Paths:
-----------
trunk/openutils-hibernate-security/src/test/java/it/
trunk/openutils-hibernate-security/src/test/java/it/openutils/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -21,6 +21,7 @@
import org.hibernate.annotations.CollectionOfElements;
import org.hibernate.annotations.Fetch;
import org.hibernate.annotations.FetchMode;
+import org.apache.commons.lang.builder.ToStringBuilder;
/**
@@ -173,7 +174,6 @@
this.permissions = permissions;
}
-
/**
* Returns the id.
* @return the id
@@ -183,7 +183,6 @@
return id;
}
-
/**
* Sets the id.
* @param id the id to set
@@ -193,4 +192,21 @@
this.id = id;
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public String toString()
+ {
+ return new ToStringBuilder(this)
+ .append("id", this.id)
+ .append("role", this.role)
+ .append("entity", this.entity)
+ .append("property", this.property)
+ .append("value", this.value)
+ .append("modifier", this.modifier)
+ .append("permissions", this.permissions)
+ .toString();
+ }
+
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -3,8 +3,21 @@
*/
package it.openutils.hibernate.security.filter;
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+
+import java.lang.reflect.Field;
+import java.util.ArrayList;
import java.util.Collection;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Table;
+
+import org.apache.commons.lang.StringUtils;
import org.hibernate.Filter;
import org.hibernate.HibernateException;
import org.hibernate.engine.FilterDefinition;
@@ -17,13 +30,117 @@
public class JavaBeanFilter implements Filter
{
+ private FilterDefinition filterDefinition;
+
/**
+ * @param bean The bean to set rules for
+ * @param securityRules The list of {@link SecurityRule}s to apply.
+ * @throws ClassNotFoundException
+ * @throws InstantiationException
+ * @throws IllegalAccessException
+ * @throws SecurityException
+ * @throws NoSuchFieldException
+ */
+ public JavaBeanFilter(String bean, List<SecurityRule> securityRules)
+ throws ClassNotFoundException,
+ InstantiationException,
+ IllegalAccessException,
+ SecurityException,
+ NoSuchFieldException
+ {
+ Class< ? extends Object> beanClass = Class.forName(bean, true, this.getClass().getClassLoader());
+
+ if (!beanClass.isAnnotationPresent(Entity.class))
+ {
+ throw new IllegalArgumentException();
+ }
+ if (!(beanClass.isAnnotationPresent(Table.class) || beanClass
+ .isAnnotationPresent(org.hibernate.annotations.Table.class)))
+ {
+ throw new IllegalArgumentException();
+ }
+
+ Map<String, String> propertyColumnMap = new HashMap<String, String>();
+
+ String filterDefCondition = StringUtils.EMPTY;
+ String filterName = StringUtils.EMPTY;
+
+ Map<String, List<SecurityRule>> roleRuleMap = new LinkedHashMap<String, List<SecurityRule>>();
+ for (SecurityRule securityRule : securityRules)
+ {
+ if (!roleRuleMap.containsKey(securityRule.getRole()))
+ {
+ roleRuleMap.put(securityRule.getRole(), new ArrayList<SecurityRule>());
+ }
+ roleRuleMap.get(securityRule.getRole()).add(securityRule);
+ }
+
+ for (Map.Entry<String, List<SecurityRule>> entry : roleRuleMap.entrySet())
+ {
+ filterName += entry.getKey();
+
+ List<SecurityRule> rules = entry.getValue();
+ if (!StringUtils.isEmpty(filterDefCondition))
+ {
+ filterDefCondition += " OR ";
+ }
+ filterDefCondition += "(";
+ String subFilterCond = StringUtils.EMPTY;
+ for (SecurityRule securityRule : rules)
+ {
+ String property = securityRule.getProperty();
+ filterName += property;
+
+ Field field = beanClass.getDeclaredField(property);
+
+ // @todo: annotations may also be defined on getters/setters...
+ propertyColumnMap.put(property, field.getAnnotation(Column.class).name());
+ if (!StringUtils.isEmpty(subFilterCond))
+ {
+ subFilterCond += " AND ";
+ }
+ String modifier = null;
+ String startQuote = null;
+ String endQuote = null;
+ switch (securityRule.getModifier())
+ {
+ case EQUALS :
+ modifier = " = ";
+ startQuote = "\'";
+ endQuote = startQuote;
+ break;
+
+ case NOT :
+ modifier = " != ";
+ startQuote = "\'";
+ endQuote = startQuote;
+ break;
+
+ default :
+ throw new IllegalArgumentException("Modifier " + securityRule.getModifier() + "not recognized");
+ }
+ subFilterCond += field.getAnnotation(Column.class).name()
+ + modifier
+ + startQuote
+ + securityRule.getValue()
+ + endQuote;
+
+ filterName += securityRule.getValue();
+ }
+ filterDefCondition += subFilterCond;
+ filterDefCondition += ")";
+ }
+
+ // filtername is unique, but untraceable
+ this.filterDefinition = new FilterDefinition(Integer.toString(filterName.hashCode()), filterDefCondition, new HashMap());
+ }
+
+ /**
* {@inheritDoc}
*/
public FilterDefinition getFilterDefinition()
{
- // TODO Auto-generated method stub
- return null;
+ return this.filterDefinition;
}
/**
@@ -31,8 +148,7 @@
*/
public String getName()
{
- // TODO Auto-generated method stub
- return null;
+ return this.filterDefinition.getFilterName();
}
/**
@@ -40,8 +156,7 @@
*/
public Filter setParameter(String name, Object value)
{
- // TODO Auto-generated method stub
- return null;
+ return this;
}
/**
@@ -49,8 +164,7 @@
*/
public Filter setParameterList(String name, Collection values)
{
- // TODO Auto-generated method stub
- return null;
+ return this;
}
/**
@@ -58,8 +172,7 @@
*/
public Filter setParameterList(String name, Object[] values)
{
- // TODO Auto-generated method stub
- return null;
+ return this;
}
/**
@@ -67,8 +180,7 @@
*/
public void validate() throws HibernateException
{
- // TODO Auto-generated method stub
-
+ //
}
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -5,9 +5,9 @@
import it.openutils.hibernate.security.dataobject.SecurityRule;
+import java.lang.reflect.InvocationTargetException;
import java.util.List;
-import org.acegisecurity.Authentication;
import org.hibernate.Filter;
@@ -64,12 +64,15 @@
void update(SecurityRule securityRule);
/**
- * @param entity The hibernate entity bean name
- * @param authentication The current {@link Authentication} object
- * @return A Hibernate {@link Filter} encapsulating all the rules that can be applied for the given authentication
+ * @param entity The entity to apply rules for
+ * @param rules The list of rules to apply
+ * @return
+ * @throws SecurityException
+ * @throws ClassNotFoundException
+ * @throws InstantiationException
+ * @throws IllegalAccessException
+ * @throws NoSuchFieldException
*/
- Filter getEntityFilterForAuthentication(String entity, Authentication authentication);
-
-
-
+ public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
+ ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException;
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -5,24 +5,38 @@
import it.openutils.hibernate.security.dao.SecurityRuleDAO;
import it.openutils.hibernate.security.dataobject.SecurityRule;
+import it.openutils.hibernate.security.filter.JavaBeanFilter;
import it.openutils.hibernate.security.services.SecurityRuleManager;
+import java.beans.PropertyDescriptor;
+import java.lang.reflect.InvocationTargetException;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
-import org.acegisecurity.Authentication;
+import javax.persistence.Entity;
+import javax.persistence.Table;
+
+import org.apache.commons.beanutils.PropertyUtils;
import org.hibernate.Filter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-
/**
* @author fcarone
* @version $Id: $
*/
public class SecurityRuleManagerImpl implements SecurityRuleManager
{
- SecurityRuleDAO securityRuleDAO;
+ /**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(SecurityRuleManagerImpl.class);
+ private SecurityRuleDAO securityRuleDAO;
+
/**
* Sets the securityRuleDAO.
* @param securityRuleDAO the securityRuleDAO to set
@@ -32,7 +46,6 @@
this.securityRuleDAO = securityRuleDAO;
}
-
/**
* {@inheritDoc}
*/
@@ -41,7 +54,6 @@
return securityRuleDAO.findAll();
}
-
/**
* {@inheritDoc}
*/
@@ -50,14 +62,14 @@
return securityRuleDAO.findFiltered(filter);
}
-
/**
* {@inheritDoc}
*/
- public Filter getEntityFilterForAuthentication(String entity, Authentication authentication)
+ public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
+ ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException
{
- // TODO Auto-generated method stub
- return null;
+ // @todo: check rules consistency with the given entity
+ return new JavaBeanFilter(entity, rules);
}
/**
@@ -68,7 +80,6 @@
return securityRuleDAO.load(id);
}
-
/**
* {@inheritDoc}
*/
@@ -77,7 +88,6 @@
return securityRuleDAO.loadIfAvailable(id);
}
-
/**
* {@inheritDoc}
*/
@@ -86,7 +96,6 @@
return securityRuleDAO.delete(id);
}
-
/**
* {@inheritDoc}
*/
@@ -95,7 +104,6 @@
return securityRuleDAO.save(securityRule);
}
-
/**
* {@inheritDoc}
*/
@@ -104,7 +112,6 @@
securityRuleDAO.saveOrUpdate(securityRule);
}
-
/**
* {@inheritDoc}
*/
Added: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java (rev 0)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -0,0 +1,70 @@
+package it.openutils.hibernate.security.filter;
+
+import it.openutils.hibernate.security.dataobject.ModifierEnum;
+import it.openutils.hibernate.security.dataobject.PermissionEnum;
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+
+/**
+ * @author fcarone
+ * @version $Id: $
+ */
+public class JavaBeanFilterTest
+{
+
+ /**
+ * @throws Exception Any exception
+ */
+ @Test
+ public void testFilterConstrutor() throws Exception
+ {
+ List<SecurityRule> rules = new ArrayList<SecurityRule>();
+
+ SecurityRule rule = new SecurityRule();
+ rule.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule.setModifier(ModifierEnum.EQUALS);
+ List<PermissionEnum> permissions = new ArrayList<PermissionEnum>();
+ permissions.add(PermissionEnum.CREATE);
+ rule.setPermissions(permissions);
+ rule.setProperty("entity");
+ rule.setRole("ROLE_1");
+ rule.setValue("VALUE");
+
+ SecurityRule rule2 = new SecurityRule();
+ rule2.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule2.setModifier(ModifierEnum.NOT);
+ rule2.setPermissions(permissions);
+ rule2.setProperty("value");
+ rule2.setRole("ROLE_1");
+ rule2.setValue("VALUE2");
+
+ SecurityRule rule3 = new SecurityRule();
+ rule3.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule3.setModifier(ModifierEnum.NOT);
+ rule3.setPermissions(permissions);
+ rule3.setProperty("value");
+ rule3.setRole("ROLE_2");
+ rule3.setValue("VALUE3");
+
+ rules.add(rule);
+ rules.add(rule2);
+ rules.add(rule3);
+
+ JavaBeanFilter filter = new JavaBeanFilter("it.openutils.hibernate.security.dataobject.SecurityRule", rules);
+ Assert.assertNotNull(filter);
+ Assert.assertEquals("(ENTITY = 'VALUE' AND VALUE != 'VALUE2') OR (VALUE != 'VALUE3')", filter
+ .getFilterDefinition()
+ .getDefaultFilterCondition());
+ }
+
+}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
