Menu
▾
▴
openutils-svn
|
From: <fc...@us...> - 2007-08-08 15:38:58
|
Revision: 391
http://openutils.svn.sourceforge.net/openutils/?rev=391&view=rev
Author: fcarone
Date: 2007-08-08 08:38:52 -0700 (Wed, 08 Aug 2007)
Log Message:
-----------
Initial implementation for java bean security filter
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
Added Paths:
-----------
trunk/openutils-hibernate-security/src/test/java/it/
trunk/openutils-hibernate-security/src/test/java/it/openutils/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -21,6 +21,7 @@
import org.hibernate.annotations.CollectionOfElements;
import org.hibernate.annotations.Fetch;
import org.hibernate.annotations.FetchMode;
+import org.apache.commons.lang.builder.ToStringBuilder;
/**
@@ -173,7 +174,6 @@
this.permissions = permissions;
}
-
/**
* Returns the id.
* @return the id
@@ -183,7 +183,6 @@
return id;
}
-
/**
* Sets the id.
* @param id the id to set
@@ -193,4 +192,21 @@
this.id = id;
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public String toString()
+ {
+ return new ToStringBuilder(this)
+ .append("id", this.id)
+ .append("role", this.role)
+ .append("entity", this.entity)
+ .append("property", this.property)
+ .append("value", this.value)
+ .append("modifier", this.modifier)
+ .append("permissions", this.permissions)
+ .toString();
+ }
+
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -3,8 +3,21 @@
*/
package it.openutils.hibernate.security.filter;
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+
+import java.lang.reflect.Field;
+import java.util.ArrayList;
import java.util.Collection;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Table;
+
+import org.apache.commons.lang.StringUtils;
import org.hibernate.Filter;
import org.hibernate.HibernateException;
import org.hibernate.engine.FilterDefinition;
@@ -17,13 +30,117 @@
public class JavaBeanFilter implements Filter
{
+ private FilterDefinition filterDefinition;
+
/**
+ * @param bean The bean to set rules for
+ * @param securityRules The list of {@link SecurityRule}s to apply.
+ * @throws ClassNotFoundException
+ * @throws InstantiationException
+ * @throws IllegalAccessException
+ * @throws SecurityException
+ * @throws NoSuchFieldException
+ */
+ public JavaBeanFilter(String bean, List<SecurityRule> securityRules)
+ throws ClassNotFoundException,
+ InstantiationException,
+ IllegalAccessException,
+ SecurityException,
+ NoSuchFieldException
+ {
+ Class< ? extends Object> beanClass = Class.forName(bean, true, this.getClass().getClassLoader());
+
+ if (!beanClass.isAnnotationPresent(Entity.class))
+ {
+ throw new IllegalArgumentException();
+ }
+ if (!(beanClass.isAnnotationPresent(Table.class) || beanClass
+ .isAnnotationPresent(org.hibernate.annotations.Table.class)))
+ {
+ throw new IllegalArgumentException();
+ }
+
+ Map<String, String> propertyColumnMap = new HashMap<String, String>();
+
+ String filterDefCondition = StringUtils.EMPTY;
+ String filterName = StringUtils.EMPTY;
+
+ Map<String, List<SecurityRule>> roleRuleMap = new LinkedHashMap<String, List<SecurityRule>>();
+ for (SecurityRule securityRule : securityRules)
+ {
+ if (!roleRuleMap.containsKey(securityRule.getRole()))
+ {
+ roleRuleMap.put(securityRule.getRole(), new ArrayList<SecurityRule>());
+ }
+ roleRuleMap.get(securityRule.getRole()).add(securityRule);
+ }
+
+ for (Map.Entry<String, List<SecurityRule>> entry : roleRuleMap.entrySet())
+ {
+ filterName += entry.getKey();
+
+ List<SecurityRule> rules = entry.getValue();
+ if (!StringUtils.isEmpty(filterDefCondition))
+ {
+ filterDefCondition += " OR ";
+ }
+ filterDefCondition += "(";
+ String subFilterCond = StringUtils.EMPTY;
+ for (SecurityRule securityRule : rules)
+ {
+ String property = securityRule.getProperty();
+ filterName += property;
+
+ Field field = beanClass.getDeclaredField(property);
+
+ // @todo: annotations may also be defined on getters/setters...
+ propertyColumnMap.put(property, field.getAnnotation(Column.class).name());
+ if (!StringUtils.isEmpty(subFilterCond))
+ {
+ subFilterCond += " AND ";
+ }
+ String modifier = null;
+ String startQuote = null;
+ String endQuote = null;
+ switch (securityRule.getModifier())
+ {
+ case EQUALS :
+ modifier = " = ";
+ startQuote = "\'";
+ endQuote = startQuote;
+ break;
+
+ case NOT :
+ modifier = " != ";
+ startQuote = "\'";
+ endQuote = startQuote;
+ break;
+
+ default :
+ throw new IllegalArgumentException("Modifier " + securityRule.getModifier() + "not recognized");
+ }
+ subFilterCond += field.getAnnotation(Column.class).name()
+ + modifier
+ + startQuote
+ + securityRule.getValue()
+ + endQuote;
+
+ filterName += securityRule.getValue();
+ }
+ filterDefCondition += subFilterCond;
+ filterDefCondition += ")";
+ }
+
+ // filtername is unique, but untraceable
+ this.filterDefinition = new FilterDefinition(Integer.toString(filterName.hashCode()), filterDefCondition, new HashMap());
+ }
+
+ /**
* {@inheritDoc}
*/
public FilterDefinition getFilterDefinition()
{
- // TODO Auto-generated method stub
- return null;
+ return this.filterDefinition;
}
/**
@@ -31,8 +148,7 @@
*/
public String getName()
{
- // TODO Auto-generated method stub
- return null;
+ return this.filterDefinition.getFilterName();
}
/**
@@ -40,8 +156,7 @@
*/
public Filter setParameter(String name, Object value)
{
- // TODO Auto-generated method stub
- return null;
+ return this;
}
/**
@@ -49,8 +164,7 @@
*/
public Filter setParameterList(String name, Collection values)
{
- // TODO Auto-generated method stub
- return null;
+ return this;
}
/**
@@ -58,8 +172,7 @@
*/
public Filter setParameterList(String name, Object[] values)
{
- // TODO Auto-generated method stub
- return null;
+ return this;
}
/**
@@ -67,8 +180,7 @@
*/
public void validate() throws HibernateException
{
- // TODO Auto-generated method stub
-
+ //
}
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -5,9 +5,9 @@
import it.openutils.hibernate.security.dataobject.SecurityRule;
+import java.lang.reflect.InvocationTargetException;
import java.util.List;
-import org.acegisecurity.Authentication;
import org.hibernate.Filter;
@@ -64,12 +64,15 @@
void update(SecurityRule securityRule);
/**
- * @param entity The hibernate entity bean name
- * @param authentication The current {@link Authentication} object
- * @return A Hibernate {@link Filter} encapsulating all the rules that can be applied for the given authentication
+ * @param entity The entity to apply rules for
+ * @param rules The list of rules to apply
+ * @return
+ * @throws SecurityException
+ * @throws ClassNotFoundException
+ * @throws InstantiationException
+ * @throws IllegalAccessException
+ * @throws NoSuchFieldException
*/
- Filter getEntityFilterForAuthentication(String entity, Authentication authentication);
-
-
-
+ public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
+ ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException;
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-08 11:14:09 UTC (rev 390)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -5,24 +5,38 @@
import it.openutils.hibernate.security.dao.SecurityRuleDAO;
import it.openutils.hibernate.security.dataobject.SecurityRule;
+import it.openutils.hibernate.security.filter.JavaBeanFilter;
import it.openutils.hibernate.security.services.SecurityRuleManager;
+import java.beans.PropertyDescriptor;
+import java.lang.reflect.InvocationTargetException;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
-import org.acegisecurity.Authentication;
+import javax.persistence.Entity;
+import javax.persistence.Table;
+
+import org.apache.commons.beanutils.PropertyUtils;
import org.hibernate.Filter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-
/**
* @author fcarone
* @version $Id: $
*/
public class SecurityRuleManagerImpl implements SecurityRuleManager
{
- SecurityRuleDAO securityRuleDAO;
+ /**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(SecurityRuleManagerImpl.class);
+ private SecurityRuleDAO securityRuleDAO;
+
/**
* Sets the securityRuleDAO.
* @param securityRuleDAO the securityRuleDAO to set
@@ -32,7 +46,6 @@
this.securityRuleDAO = securityRuleDAO;
}
-
/**
* {@inheritDoc}
*/
@@ -41,7 +54,6 @@
return securityRuleDAO.findAll();
}
-
/**
* {@inheritDoc}
*/
@@ -50,14 +62,14 @@
return securityRuleDAO.findFiltered(filter);
}
-
/**
* {@inheritDoc}
*/
- public Filter getEntityFilterForAuthentication(String entity, Authentication authentication)
+ public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
+ ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException
{
- // TODO Auto-generated method stub
- return null;
+ // @todo: check rules consistency with the given entity
+ return new JavaBeanFilter(entity, rules);
}
/**
@@ -68,7 +80,6 @@
return securityRuleDAO.load(id);
}
-
/**
* {@inheritDoc}
*/
@@ -77,7 +88,6 @@
return securityRuleDAO.loadIfAvailable(id);
}
-
/**
* {@inheritDoc}
*/
@@ -86,7 +96,6 @@
return securityRuleDAO.delete(id);
}
-
/**
* {@inheritDoc}
*/
@@ -95,7 +104,6 @@
return securityRuleDAO.save(securityRule);
}
-
/**
* {@inheritDoc}
*/
@@ -104,7 +112,6 @@
securityRuleDAO.saveOrUpdate(securityRule);
}
-
/**
* {@inheritDoc}
*/
Added: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java (rev 0)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2007-08-08 15:38:52 UTC (rev 391)
@@ -0,0 +1,70 @@
+package it.openutils.hibernate.security.filter;
+
+import it.openutils.hibernate.security.dataobject.ModifierEnum;
+import it.openutils.hibernate.security.dataobject.PermissionEnum;
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+
+/**
+ * @author fcarone
+ * @version $Id: $
+ */
+public class JavaBeanFilterTest
+{
+
+ /**
+ * @throws Exception Any exception
+ */
+ @Test
+ public void testFilterConstrutor() throws Exception
+ {
+ List<SecurityRule> rules = new ArrayList<SecurityRule>();
+
+ SecurityRule rule = new SecurityRule();
+ rule.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule.setModifier(ModifierEnum.EQUALS);
+ List<PermissionEnum> permissions = new ArrayList<PermissionEnum>();
+ permissions.add(PermissionEnum.CREATE);
+ rule.setPermissions(permissions);
+ rule.setProperty("entity");
+ rule.setRole("ROLE_1");
+ rule.setValue("VALUE");
+
+ SecurityRule rule2 = new SecurityRule();
+ rule2.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule2.setModifier(ModifierEnum.NOT);
+ rule2.setPermissions(permissions);
+ rule2.setProperty("value");
+ rule2.setRole("ROLE_1");
+ rule2.setValue("VALUE2");
+
+ SecurityRule rule3 = new SecurityRule();
+ rule3.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule3.setModifier(ModifierEnum.NOT);
+ rule3.setPermissions(permissions);
+ rule3.setProperty("value");
+ rule3.setRole("ROLE_2");
+ rule3.setValue("VALUE3");
+
+ rules.add(rule);
+ rules.add(rule2);
+ rules.add(rule3);
+
+ JavaBeanFilter filter = new JavaBeanFilter("it.openutils.hibernate.security.dataobject.SecurityRule", rules);
+ Assert.assertNotNull(filter);
+ Assert.assertEquals("(ENTITY = 'VALUE' AND VALUE != 'VALUE2') OR (VALUE != 'VALUE3')", filter
+ .getFilterDefinition()
+ .getDefaultFilterCondition());
+ }
+
+}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2007-08-09 08:47:25
|
Revision: 392
http://openutils.svn.sourceforge.net/openutils/?rev=392&view=rev
Author: fcarone
Date: 2007-08-09 01:47:26 -0700 (Thu, 09 Aug 2007)
Log Message:
-----------
The interceptor has been basically implemented. manager tests infrastructure started.
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
Added Paths:
-----------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java
trunk/openutils-hibernate-security/src/main/resources/docs/
trunk/openutils-hibernate-security/src/main/resources/docs/TODO
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java
trunk/openutils-hibernate-security/src/test/resources/database.properties
trunk/openutils-hibernate-security/src/test/resources/dataset.dtd
trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml
trunk/openutils-hibernate-security/src/test/resources/log4j.dtd
trunk/openutils-hibernate-security/src/test/resources/log4j.xml
trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml
trunk/openutils-hibernate-security/src/test/resources/spring-database.xml
trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml
trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml
Removed Paths:
-------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java
Added: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java (rev 0)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateRUDSecurityInterceptor.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+package it.openutils.hibernate.security.aop;
+
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+import it.openutils.hibernate.security.services.SecurityRuleManager;
+
+import java.util.List;
+
+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.context.SecurityContextHolder;
+import org.aopalliance.intercept.MethodInterceptor;
+import org.aopalliance.intercept.MethodInvocation;
+import org.apache.commons.lang.StringUtils;
+import org.hibernate.Filter;
+import org.hibernate.SessionFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * This is a Hibernate Read-Update-Delete security interceptor. This enforces a DENY_ALL default policy.
+ * @author fcarone
+ * @version $Id: $
+ */
+public class HibernateRUDSecurityInterceptor implements MethodInterceptor
+{
+
+ /**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(HibernateRUDSecurityInterceptor.class);
+
+ private SecurityRuleManager securityRuleManager;
+
+ private SessionFactory sessionFactory;
+
+ /**
+ * {@inheritDoc}
+ */
+ public Object invoke(MethodInvocation invocation) throws Throwable
+ {
+ Object[] arguments = invocation.getArguments();
+
+ String entity = StringUtils.EMPTY;
+ for (int i = 0; i < arguments.length; i++)
+ {
+ Object argument = arguments[i];
+ if (sessionFactory.getClassMetadata(argument.getClass()) != null)
+ {
+ entity = argument.getClass().getCanonicalName();
+ break;
+ }
+ }
+
+ // the current invocation is not about any session managed entity
+ if (StringUtils.isEmpty(entity))
+ {
+ return invocation.proceed();
+ }
+
+ GrantedAuthority[] authorities = SecurityContextHolder.getContext().getAuthentication().getAuthorities();
+ List<SecurityRule> rules = securityRuleManager.getRulesForRoles(entity, authorities);
+ if (rules.isEmpty())
+ {
+ String roles = StringUtils.EMPTY;
+ for (int i = 0; i < authorities.length; i++)
+ {
+ roles += authorities[i].getAuthority() + " ";
+ }
+ log.error("Access is denied for entity {}, and roles {}", entity, roles);
+ throw new SecurityException("Access is denied");
+ }
+ Filter filter = securityRuleManager.getEntityFilterFromRules(entity, rules);
+
+ sessionFactory.getCurrentSession().enableFilter(filter.getName());
+ Object result = invocation.proceed();
+ sessionFactory.getCurrentSession().disableFilter(filter.getName());
+ return result;
+ }
+
+ /**
+ * Sets the securityRuleManager.
+ * @param securityRuleManager the securityRuleManager to set
+ */
+ public void setSecurityRuleManager(SecurityRuleManager securityRuleManager)
+ {
+ this.securityRuleManager = securityRuleManager;
+ }
+
+ /**
+ * Sets the sessionFactory.
+ * @param sessionFactory the sessionFactory to set
+ */
+ public void setSessionFactory(SessionFactory sessionFactory)
+ {
+ this.sessionFactory = sessionFactory;
+ }
+
+}
Deleted: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/HibernateSecurityInterceptor.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
- */
-package it.openutils.hibernate.security.aop;
-
-import org.aopalliance.intercept.MethodInterceptor;
-import org.aopalliance.intercept.MethodInvocation;
-
-
-/**
- * @author fcarone
- * @version $Id: $
- */
-public class HibernateSecurityInterceptor implements MethodInterceptor
-{
-
- /**
- * {@inheritDoc}
- */
- public Object invoke(MethodInvocation invocation) throws Throwable
- {
- // TODO Auto-generated method stub
- return null;
- }
-
-}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -35,11 +35,11 @@
/**
* @param bean The bean to set rules for
* @param securityRules The list of {@link SecurityRule}s to apply.
- * @throws ClassNotFoundException
- * @throws InstantiationException
- * @throws IllegalAccessException
- * @throws SecurityException
- * @throws NoSuchFieldException
+ * @throws ClassNotFoundException If the bean class has not been found
+ * @throws InstantiationException If the bean doesn't contain the no-arg constructor
+ * @throws IllegalAccessException If the bean properties cannot be accessed
+ * @throws SecurityException If the bean class cannot be accessed
+ * @throws NoSuchFieldException If the property contained in the security rule refers to a bean non-existent field
*/
public JavaBeanFilter(String bean, List<SecurityRule> securityRules)
throws ClassNotFoundException,
@@ -120,10 +120,10 @@
throw new IllegalArgumentException("Modifier " + securityRule.getModifier() + "not recognized");
}
subFilterCond += field.getAnnotation(Column.class).name()
- + modifier
- + startQuote
- + securityRule.getValue()
- + endQuote;
+ + modifier
+ + startQuote
+ + securityRule.getValue()
+ + endQuote;
filterName += securityRule.getValue();
}
@@ -132,7 +132,10 @@
}
// filtername is unique, but untraceable
- this.filterDefinition = new FilterDefinition(Integer.toString(filterName.hashCode()), filterDefCondition, new HashMap());
+ this.filterDefinition = new FilterDefinition(
+ Integer.toString(filterName.hashCode()),
+ filterDefCondition,
+ new HashMap());
}
/**
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -5,9 +5,9 @@
import it.openutils.hibernate.security.dataobject.SecurityRule;
-import java.lang.reflect.InvocationTargetException;
import java.util.List;
+import org.acegisecurity.GrantedAuthority;
import org.hibernate.Filter;
@@ -75,4 +75,11 @@
*/
public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException;
+
+ /**
+ * @param entity
+ * @param authorities
+ * @return
+ */
+ List<SecurityRule> getRulesForRoles(String entity, GrantedAuthority[] authorities);
}
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-08 15:38:52 UTC (rev 391)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -8,16 +8,10 @@
import it.openutils.hibernate.security.filter.JavaBeanFilter;
import it.openutils.hibernate.security.services.SecurityRuleManager;
-import java.beans.PropertyDescriptor;
-import java.lang.reflect.InvocationTargetException;
-import java.util.HashMap;
+import java.util.ArrayList;
import java.util.List;
-import java.util.Map;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-
-import org.apache.commons.beanutils.PropertyUtils;
+import org.acegisecurity.GrantedAuthority;
import org.hibernate.Filter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -68,7 +62,7 @@
public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException
{
- // @todo: check rules consistency with the given entity
+ // @todo: check rules consistency with the gentity
return new JavaBeanFilter(entity, rules);
}
@@ -119,4 +113,21 @@
{
securityRuleDAO.update(securityRule);
}
+
+ /**
+ * {@inheritDoc}
+ */
+ public List<SecurityRule> getRulesForRoles(String entity, GrantedAuthority[] authorities)
+ {
+ List<SecurityRule> rules = new ArrayList<SecurityRule>();
+ for (int i = 0; i < authorities.length; i++)
+ {
+ GrantedAuthority authority = authorities[i];
+ SecurityRule filter = new SecurityRule();
+ filter.setEntity(entity);
+ filter.setRole(authority.getAuthority());
+ rules.addAll(findFiltered(filter));
+ }
+ return rules;
+ }
}
Added: trunk/openutils-hibernate-security/src/main/resources/docs/TODO
===================================================================
--- trunk/openutils-hibernate-security/src/main/resources/docs/TODO (rev 0)
+++ trunk/openutils-hibernate-security/src/main/resources/docs/TODO 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,4 @@
+TODO (in sparse order)
+
+1. Evaluate the use of hibernate ClassMetadata, instead of using reflection. This could enable the
+ java bean filter to work on non-annotated but configured classes.
Added: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java (rev 0)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/services/impl/SecurityManagerImplTest.java 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+package it.openutils.hibernate.security.services.impl;
+
+import it.openutils.hibernate.security.services.SecurityRuleManager;
+import it.openutils.testing.junit.GenericsDbUnitTestCase;
+
+
+/**
+ * @author fcarone
+ * @version $Id: $
+ */
+public class SecurityManagerImplTest extends GenericsDbUnitTestCase<SecurityRuleManager>
+{
+
+ public void testManagerApplyRules() throws Exception
+ {
+
+ }
+
+}
Added: trunk/openutils-hibernate-security/src/test/resources/database.properties
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/database.properties (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/database.properties 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,11 @@
+# ATTENZIONE: queste propriet\xE0 sono utilizzate solo per gli unit tests
+# i file per la configurazione del db utilizzati dall'applicazione web sono in
+# src/main/web-app/WEB-INF
+
+hibernate.connection.driver=org.apache.derby.jdbc.EmbeddedDriver
+hibernate.dialect=org.hibernate.dialect.DerbyDialect
+hibernate.connection.username=ikam
+hibernate.connection.password=
+hibernate.connection.url=jdbc:derby:target/db/openutils-usermanagement-db-test;create=true
+hibernate.hbm2ddl.auto=update
+
Added: trunk/openutils-hibernate-security/src/test/resources/dataset.dtd
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/dataset.dtd (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/dataset.dtd 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,13 @@
+<!ELEMENT dataset (table*)>
+<!ELEMENT table (column+,row+)>
+<!ATTLIST table
+ name CDATA #REQUIRED
+>
+<!ELEMENT row (value|null)+>
+<!ELEMENT column (#PCDATA)>
+<!ELEMENT value (#PCDATA)>
+<!ELEMENT null EMPTY>
+<!--
+nb una tabella senza righe sarebbe valida (per cancellare tutto il contenuto),
+ma NON DEVE ESISTERE NEI NOSTRI TEST IN QUANTO TUTTE LE TABELLE VENGONO SVUOTATE PRIMA DEL CARICAMENTO
+-->
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/hibernate.cfg.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,8 @@
+<!DOCTYPE hibernate-configuration PUBLIC
+ "-//Hibernate/Hibernate Configuration DTD 3.0//EN"
+ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
+<hibernate-configuration>
+ <session-factory>
+ <mapping class="it.openutils.hibernate.security.dataobject.SecurityRule" />
+ </session-factory>
+</hibernate-configuration>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/log4j.dtd
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/log4j.dtd (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/log4j.dtd 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<!-- Authors: Chris Taylor, Ceki Gulcu. -->
+
+<!-- Version: 1.2 -->
+
+<!-- A configuration element consists of optional renderer
+elements,appender elements, categories and an optional root
+element. -->
+
+<!ELEMENT log4j:configuration (renderer*, appender*,(category|logger)*,root?,
+ categoryFactory?)>
+
+<!-- The "threshold" attribute takes a level value such that all -->
+<!-- logging statements with a level equal or below this value are -->
+<!-- disabled. -->
+
+<!-- Setting the "debug" enable the printing of internal log4j logging -->
+<!-- statements. -->
+
+<!-- By default, debug attribute is "null", meaning that we not do touch -->
+<!-- internal log4j logging settings. The "null" value for the threshold -->
+<!-- attribute can be misleading. The threshold field of a repository -->
+<!-- cannot be set to null. The "null" value for the threshold attribute -->
+<!-- simply means don't touch the threshold field, the threshold field -->
+<!-- keeps its old value. -->
+
+<!ATTLIST log4j:configuration
+ xmlns:log4j CDATA #FIXED "http://jakarta.apache.org/log4j/"
+ threshold (all|debug|info|warn|error|fatal|off|null) "null"
+ debug (true|false|null) "null"
+>
+
+<!-- renderer elements allow the user to customize the conversion of -->
+<!-- message objects to String. -->
+
+<!ELEMENT renderer EMPTY>
+<!ATTLIST renderer
+ renderedClass CDATA #REQUIRED
+ renderingClass CDATA #REQUIRED
+>
+
+<!-- Appenders must have a name and a class. -->
+<!-- Appenders may contain an error handler, a layout, optional parameters -->
+<!-- and filters. They may also reference (or include) other appenders. -->
+<!ELEMENT appender (errorHandler?, param*, layout?, filter*, appender-ref*)>
+<!ATTLIST appender
+ name ID #REQUIRED
+ class CDATA #REQUIRED
+>
+
+<!ELEMENT layout (param*)>
+<!ATTLIST layout
+ class CDATA #REQUIRED
+>
+
+<!ELEMENT filter (param*)>
+<!ATTLIST filter
+ class CDATA #REQUIRED
+>
+
+<!-- ErrorHandlers can be of any class. They can admit any number of -->
+<!-- parameters. -->
+
+<!ELEMENT errorHandler (param*, root-ref?, logger-ref*, appender-ref?)>
+<!ATTLIST errorHandler
+ class CDATA #REQUIRED
+>
+
+<!ELEMENT root-ref EMPTY>
+
+<!ELEMENT logger-ref EMPTY>
+<!ATTLIST logger-ref
+ ref IDREF #REQUIRED
+>
+
+<!ELEMENT param EMPTY>
+<!ATTLIST param
+ name CDATA #REQUIRED
+ value CDATA #REQUIRED
+>
+
+
+<!-- The priority class is org.apache.log4j.Level by default -->
+<!ELEMENT priority (param*)>
+<!ATTLIST priority
+ class CDATA #IMPLIED
+ value CDATA #REQUIRED
+>
+
+<!-- The level class is org.apache.log4j.Level by default -->
+<!ELEMENT level (param*)>
+<!ATTLIST level
+ class CDATA #IMPLIED
+ value CDATA #REQUIRED
+>
+
+
+<!-- If no level element is specified, then the configurator MUST not -->
+<!-- touch the level of the named category. -->
+<!ELEMENT category (param*,(priority|level)?,appender-ref*)>
+<!ATTLIST category
+ class CDATA #IMPLIED
+ name CDATA #REQUIRED
+ additivity (true|false) "true"
+>
+
+<!-- If no level element is specified, then the configurator MUST not -->
+<!-- touch the level of the named logger. -->
+<!ELEMENT logger (level?,appender-ref*)>
+<!ATTLIST logger
+ name ID #REQUIRED
+ additivity (true|false) "true"
+>
+
+
+<!ELEMENT categoryFactory (param*)>
+<!ATTLIST categoryFactory
+ class CDATA #REQUIRED>
+
+<!ELEMENT appender-ref EMPTY>
+<!ATTLIST appender-ref
+ ref IDREF #REQUIRED
+>
+
+<!-- If no priority element is specified, then the configurator MUST not -->
+<!-- touch the priority of root. -->
+<!-- The root category always exists and cannot be subclassed. -->
+<!ELEMENT root (param*, (priority|level)?, appender-ref*)>
+
+
+<!-- ==================================================================== -->
+<!-- A logging event -->
+<!-- ==================================================================== -->
+<!ELEMENT log4j:eventSet (log4j:event*)>
+<!ATTLIST log4j:eventSet
+ xmlns:log4j CDATA #FIXED "http://jakarta.apache.org/log4j/"
+ version (1.1|1.2) "1.2"
+ includesLocationInfo (true|false) "true"
+>
+
+
+
+<!ELEMENT log4j:event (log4j:message, log4j:NDC?, log4j:throwable?,
+ log4j:locationInfo?) >
+
+<!-- The timestamp format is application dependent. -->
+<!ATTLIST log4j:event
+ logger CDATA #REQUIRED
+ level CDATA #REQUIRED
+ thread CDATA #REQUIRED
+ timestamp CDATA #REQUIRED
+>
+
+<!ELEMENT log4j:message (#PCDATA)>
+<!ELEMENT log4j:NDC (#PCDATA)>
+
+<!ELEMENT log4j:throwable (#PCDATA)>
+
+<!ELEMENT log4j:locationInfo EMPTY>
+<!ATTLIST log4j:locationInfo
+ class CDATA #REQUIRED
+ method CDATA #REQUIRED
+ file CDATA #REQUIRED
+ line CDATA #REQUIRED
+>
Added: trunk/openutils-hibernate-security/src/test/resources/log4j.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/log4j.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/log4j.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+<log4j:configuration>
+ <!-- log4j test configuration -->
+ <appender name="test-appender" class="org.apache.log4j.ConsoleAppender">
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%-5p %c.%M(%C{1}.java:%L) %m%n" />
+ <!-- <param name="ConversionPattern" value="%-5p %m%n" />-->
+ </layout>
+ </appender>
+ <category name="it">
+ <priority value="debug" />
+ </category>
+ <category name="org">
+ <priority value="warn" />
+ </category>
+ <category name="com">
+ <priority value="warn" />
+ </category>
+ <category name="net">
+ <priority value="warn" />
+ </category>
+ <category name="org.hibernate">
+ <priority value="warn" />
+ </category>
+ <category name="it.openutils.test.ApplicationContextHolder">
+ <priority value="info" />
+ </category>
+ <category name="it.openutils.test.BaseDAOTestCase">
+ <priority value="INFO" />
+ </category>
+ <category name="it.openutils">
+ <priority value="INFO" />
+ </category>
+ <category name="it.openutils.test">
+ <priority value="INFO" />
+ </category>
+ <category name="it.openutils.dbupdate.DbSetupManagerImpl">
+ <priority value="INFO" />
+ </category>
+ <root>
+ <priority value="debug" />
+ <appender-ref ref="test-appender" />
+ </root>
+</log4j:configuration>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-dao.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+"http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+ <bean id="securityRuleDAO" parent="txProxyTemplate">
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.dao.SecurityRuleDAOImpl">
+ <property name="sessionFactory" ref="sessionFactory" />
+ </bean>
+ </property>
+ </bean>
+</beans>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-database.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-database.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-database.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+ # ATTENZIONE: queste proprietà sono utilizzate solo per gli unit tests
+ # i file per la configurazione del db utilizzati dall'applicazione web sono in
+ # src/main/web-app/WEB-INF
+-->
+<beans>
+ <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+ <property name="location">
+ <value>classpath:database.properties</value>
+ </property>
+ </bean>
+ <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
+ <property name="driverClassName">
+ <value>${hibernate.connection.driver}</value>
+ </property>
+ <property name="url">
+ <value>${hibernate.connection.url}</value>
+ </property>
+ <property name="username">
+ <value>${hibernate.connection.username}</value>
+ </property>
+ <property name="password">
+ <value>${hibernate.connection.password}</value>
+ </property>
+ </bean>
+</beans>
Added: trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-hibernate.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+"http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+
+ <bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
+ <property name="dataSource">
+ <ref bean="dataSource" />
+ </property>
+ <property name="configLocation">
+ <value>classpath:hibernate.cfg.xml</value>
+ </property>
+ <property name="configurationClass">
+ <value>org.hibernate.cfg.AnnotationConfiguration</value>
+ </property>
+ <property name="hibernateProperties">
+ <props>
+ <prop key="hibernate.dialect">${hibernate.dialect}</prop>
+ <prop key="hibernate.generate_statistics">false</prop>
+ <prop key="hibernate.bytecode.use_reflection_optimizer">true</prop>
+ <prop key="hibernate.show_sql">false</prop>
+ <prop key="hibernate.use_sql_comments">false</prop>
+ <prop key="hibernate.hbm2ddl.auto">${hibernate.hbm2ddl.auto}</prop>
+ </props>
+ </property>
+ </bean>
+ <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
+ <property name="sessionFactory">
+ <ref local="sessionFactory" />
+ </property>
+ </bean>
+ <bean id="txProxyTemplate" abstract="true"
+ class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="save*">PROPAGATION_REQUIRED</prop>
+ <prop key="delete*">PROPAGATION_REQUIRED</prop>
+ <prop key="update*">PROPAGATION_REQUIRED</prop>
+ <prop key="clean*">PROPAGATION_REQUIRED</prop>
+ <prop key="*">PROPAGATION_REQUIRED,readOnly</prop>
+ </props>
+ </property>
+ </bean>
+</beans>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,17 @@
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+ <bean id="securityRuleManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean"
+ autowire="byType">
+ <property name="transactionManager">
+ <ref bean="transactionManager" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="*">PROPAGATION_REQUIRED</prop>
+ </props>
+ </property>
+ <property name="target">
+ <bean class="it.openutils.hibernate.security.services.impl.SecurityRuleManagerImpl" autowire="byType"></bean>
+ </property>
+ </bean>
+</beans>
\ No newline at end of file
Added: trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml (rev 0)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-tests.xml 2007-08-09 08:47:26 UTC (rev 392)
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<beans>
+ <import resource="classpath:spring-database.xml" />
+ <import resource="classpath:spring-hibernate.xml" />
+ <import resource="classpath:spring-dao.xml" />
+ <import resource="classpath:spring-managers.xml" />
+</beans>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-19 18:32:08
|
Revision: 647
http://openutils.svn.sourceforge.net/openutils/?rev=647&view=rev
Author: fcarone
Date: 2008-02-19 10:31:24 -0800 (Tue, 19 Feb 2008)
Log Message:
-----------
More tests and various fixes:
- javabeanfilter is only used for loading, so ignore all rules with permissions != LOAD
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-19 18:31:24 UTC (rev 647)
@@ -15,6 +15,7 @@
*/
package it.openutils.hibernate.security.filter;
+import it.openutils.hibernate.security.dataobject.PermissionEnum;
import it.openutils.hibernate.security.dataobject.SecurityRule;
import java.lang.reflect.Field;
@@ -33,6 +34,8 @@
import org.hibernate.Filter;
import org.hibernate.HibernateException;
import org.hibernate.engine.FilterDefinition;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -45,6 +48,12 @@
private FilterDefinition filterDefinition;
/**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(JavaBeanFilter.class);
+
+
+ /**
* @param bean The bean to set rules for
* @param securityRules The list of {@link SecurityRule}s to apply.
* @throws ClassNotFoundException If the bean class has not been found
@@ -93,6 +102,18 @@
filterName += entry.getKey();
List<SecurityRule> rules = entry.getValue();
+ if (rules == null || rules.isEmpty())
+ {
+ log.debug("No rules defined for role {}", entry.getKey());
+ continue;
+ }
+
+ if (!rulesContainLoad(rules))
+ {
+ log.debug("No LOAD rules defined for role {}", entry.getKey());
+ continue;
+ }
+
if (!StringUtils.isEmpty(filterDefCondition.toString()))
{
filterDefCondition.append(" OR ");
@@ -101,6 +122,11 @@
StringBuffer subFilterCond = new StringBuffer();
for (SecurityRule securityRule : rules)
{
+ if (!securityRule.getPermissions().contains(PermissionEnum.LOAD))
+ {
+ log.debug("Skipping rule {} since it is not related to LOAD.", securityRule);
+ continue;
+ }
String property = securityRule.getProperty();
filterName += property;
@@ -164,6 +190,22 @@
}
/**
+ * @param rules
+ * @return
+ */
+ private boolean rulesContainLoad(List<SecurityRule> rules)
+ {
+ for (SecurityRule rule : rules)
+ {
+ if (rule.getPermissions().contains(PermissionEnum.LOAD))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
* {@inheritDoc}
*/
public FilterDefinition getFilterDefinition()
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2008-02-19 18:31:24 UTC (rev 647)
@@ -12,8 +12,6 @@
import java.util.List;
import org.hibernate.Filter;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
/**
@@ -22,12 +20,6 @@
*/
public class SecurityRuleManagerImpl implements SecurityRuleManager
{
-
- /**
- * Logger.
- */
- private Logger log = LoggerFactory.getLogger(SecurityRuleManagerImpl.class);
-
private SecurityRuleDAO securityRuleDAO;
/**
@@ -61,7 +53,6 @@
public Filter getEntityFilterFromRules(String entity, List<SecurityRule> rules) throws SecurityException,
ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchFieldException
{
- // @todo: check rules consistency with the gentity
return new JavaBeanFilter(entity, rules);
}
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-19 18:31:24 UTC (rev 647)
@@ -86,10 +86,12 @@
new ArrayList<Criterion>());
Assert.assertNotNull(dummyObjects);
Assert.assertEquals(1, dummyObjects.size());
+ Assert.assertEquals(1, dummyObjects.get(0).getIntValue().intValue());
dummyObjects = securedObject.findFiltered(filter);
Assert.assertNotNull(dummyObjects);
Assert.assertEquals(1, dummyObjects.size());
+ Assert.assertEquals(1, dummyObjects.get(0).getIntValue().intValue());
}
/**
@@ -182,11 +184,29 @@
List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
Assert.assertNotNull(dummyObjects);
DummyDataobject ddo = dummyObjects.get(0);
+ ddo.setIntValue(0);
dummyObjectManager.create(ddo);
}
/**
+ * @throws Exception Any exception
+ */
+ @Test
+ public void testCreateWithIntValueNull() throws Exception
+ {
+ authenticate("UserDue", "password");
+ DummyDataobject filter = new DummyDataobject();
+ List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
+ Assert.assertNotNull(dummyObjects);
+ DummyDataobject ddo = dummyObjects.get(0);
+
+ ddo.setIntValue(null);
+
+ dummyObjectManager.create(ddo);
+ }
+
+ /**
* Sets the securedObject.
* @param securedObject the securedObject to set
*/
@@ -195,7 +215,6 @@
this.securedObject = securedObject;
}
-
/**
* Sets the authenticationProvider.
* @param authenticationProvider the authenticationProvider to set
@@ -205,7 +224,6 @@
this.authenticationProvider = authenticationProvider;
}
-
/**
* Sets the dummyObjectManager.
* @param dummyObjectManager the dummyObjectManager to set
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java 2008-02-19 18:31:24 UTC (rev 647)
@@ -11,8 +11,6 @@
public class DummyObjectManagerImpl implements DummyObjectManager
{
- private DummyDAO dummyDAO;
-
/**
* {@inheritDoc}
*/
@@ -40,14 +38,4 @@
}
-
- /**
- * Sets the dummyDAO.
- * @param dummyDAO the dummyDAO to set
- */
- public void setDummyDAO(DummyDAO dummyDAO)
- {
- this.dummyDAO = dummyDAO;
- }
-
}
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2008-02-19 18:31:24 UTC (rev 647)
@@ -33,38 +33,62 @@
SecurityRule rule = new SecurityRule();
rule.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
rule.setModifier(ModifierEnum.EQUALS);
- List<PermissionEnum> permissions = new ArrayList<PermissionEnum>();
- permissions.add(PermissionEnum.CREATE);
- rule.setPermissions(permissions);
+ List<PermissionEnum> permissionsRole1 = new ArrayList<PermissionEnum>();
+ permissionsRole1.add(PermissionEnum.CREATE);
+ rule.setPermissions(permissionsRole1);
rule.setProperty("entity");
rule.setRole("ROLE_1");
rule.setValue("VALUE");
SecurityRule rule2 = new SecurityRule();
rule2.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
- rule2.setModifier(ModifierEnum.NOT);
- rule2.setPermissions(permissions);
+ rule2.setModifier(ModifierEnum.EQUALS);
+ List<PermissionEnum> permissionsRole2 = new ArrayList<PermissionEnum>();
+ permissionsRole2.add(PermissionEnum.LOAD);
+ rule2.setPermissions(permissionsRole2);
rule2.setProperty("value");
rule2.setRole("ROLE_1");
rule2.setValue("VALUE2");
+ SecurityRule rule2b = new SecurityRule();
+ rule2b.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
+ rule2b.setModifier(ModifierEnum.EQUALS);
+ rule2b.setPermissions(permissionsRole2);
+ rule2b.setProperty("id");
+ rule2b.setRole("ROLE_1");
+ rule2b.setValue("4");
+
SecurityRule rule3 = new SecurityRule();
rule3.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
rule3.setModifier(ModifierEnum.NOT);
- rule3.setPermissions(permissions);
+ List<PermissionEnum> permissionsRole3 = new ArrayList<PermissionEnum>();
+ permissionsRole3.add(PermissionEnum.LOAD);
+ rule3.setPermissions(permissionsRole3);
rule3.setProperty("value");
rule3.setRole("ROLE_2");
rule3.setValue("VALUE3");
rules.add(rule);
rules.add(rule2);
+ rules.add(rule2b);
rules.add(rule3);
JavaBeanFilter filter = new JavaBeanFilter("it.openutils.hibernate.security.dataobject.SecurityRule", rules);
Assert.assertNotNull(filter);
- Assert.assertEquals("(ENTITY = 'VALUE' AND VALUE != 'VALUE2') OR (VALUE != 'VALUE3')", filter
+ Assert.assertEquals("(VALUE = 'VALUE2' AND ID_SECURITY_RULE = 4) OR (VALUE != 'VALUE3')", filter
.getFilterDefinition()
.getDefaultFilterCondition());
}
+ /**
+ * @throws Exception Any exception
+ */
+ @Test(expected = IllegalArgumentException.class)
+ public void testFilterConstrutorFail() throws Exception
+ {
+ new JavaBeanFilter(
+ "it.openutils.hibernate.security.filter.JavaBeanFilter",
+ new ArrayList<SecurityRule>());
+ }
+
}
Modified: trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-19 18:31:24 UTC (rev 647)
@@ -115,7 +115,7 @@
<value>it.openutils.hibernate.security.apptest.DummyDataobject</value>
<value>intValue</value>
<value>1</value>
- <value>EQUALS</value>
+ <value>NOT</value>
</row>
</table>
<table name="SECRULE_PERMISSION">
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml 2008-02-19 18:29:31 UTC (rev 646)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-managers.xml 2008-02-19 18:31:24 UTC (rev 647)
@@ -25,9 +25,7 @@
</props>
</property>
<property name="target">
- <bean class="it.openutils.hibernate.security.apptest.DummyObjectManagerImpl">
- <property name="dummyDAO" ref="dummyDAO" />
- </bean>
+ <bean class="it.openutils.hibernate.security.apptest.DummyObjectManagerImpl" />
</property>
</bean>
<bean id="userManager" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-20 14:09:09
|
Revision: 658
http://openutils.svn.sourceforge.net/openutils/?rev=658&view=rev
Author: fcarone
Date: 2008-02-20 06:09:10 -0800 (Wed, 20 Feb 2008)
Log Message:
-----------
Some (heavy) refactoring
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
Added Paths:
-----------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleUtils.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 10:38:55 UTC (rev 657)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 14:09:10 UTC (rev 658)
@@ -32,7 +32,6 @@
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
-import org.dbunit.dataset.csv.handlers.EscapeHandler;
import org.hibernate.Filter;
import org.hibernate.HibernateException;
import org.hibernate.engine.FilterDefinition;
@@ -149,7 +148,7 @@
startQuote = "\'";
endQuote = startQuote;
}
- else if (field.getType().getSuperclass().isAssignableFrom(Number.class))
+ else if (Number.class.isAssignableFrom(field.getType()))
{
startQuote = StringUtils.EMPTY;
endQuote = StringUtils.EMPTY;
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java 2008-02-20 10:38:55 UTC (rev 657)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java 2008-02-20 14:09:10 UTC (rev 658)
@@ -15,24 +15,14 @@
*/
package it.openutils.hibernate.security.filter;
-import it.openutils.hibernate.security.dataobject.ModifierEnum;
-import it.openutils.hibernate.security.dataobject.PermissionEnum;
import it.openutils.hibernate.security.dataobject.SecurityRule;
import it.openutils.hibernate.security.services.SecurityRuleManager;
-import java.lang.reflect.InvocationTargetException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
import java.util.List;
import org.acegisecurity.Authentication;
-import org.acegisecurity.ConfigAttribute;
import org.acegisecurity.ConfigAttributeDefinition;
-import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.vote.AccessDecisionVoter;
-import org.apache.commons.beanutils.BeanUtils;
-import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.ReflectiveMethodInvocation;
@@ -42,7 +32,7 @@
* @author fcarone
* @version $Id: $
*/
-public class SecurityRuleAccessDecisionVoter implements AccessDecisionVoter
+public class SecurityRuleAccessDecisionVoter extends SecurityRuleBaseHandler implements AccessDecisionVoter
{
/**
@@ -52,44 +42,14 @@
private SecurityRuleManager securityRuleManager;
- /**
- * {@inheritDoc}
- */
- public boolean supports(ConfigAttribute attribute)
- {
- log.debug("Evaluating attribute {}", attribute.getAttribute());
+ private SecurityRuleUtils ruleUtils = new SecurityRuleUtils();
- if (attribute.getAttribute() != null)
- {
- for (PermissionEnum permission : PermissionEnum.values())
- {
- if (StringUtils.equals(permission.getValue(), attribute.getAttribute()))
- {
- log.debug("Support ok.");
- return true;
- }
- }
- }
- log.debug("Not supporting attribute.");
- return false;
- }
-
/**
* {@inheritDoc}
*/
- @SuppressWarnings("unchecked")
- public boolean supports(Class clazz)
- {
- return true;
- }
-
- /**
- * {@inheritDoc}
- */
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config)
{
- List<String> roles = new ArrayList<String>();
- roles.addAll(getRolesFromAuthentication(authentication));
+ List<String> roles = ruleUtils.getRolesFromAuthentication(authentication);
if (object instanceof ReflectiveMethodInvocation)
{
@@ -98,13 +58,13 @@
{
log.debug("Evaluating argument {}", argument);
List<SecurityRule> rules = securityRuleManager.getRulesForRoles(argument.getClass().getName(), roles);
- boolean permissionMatches = checkPermissions(rules, config);
+ boolean permissionMatches = ruleUtils.checkPermissions(rules, config);
if (!permissionMatches)
{
return ACCESS_DENIED;
}
- boolean areRulesMatching = checkRules(rules, argument);
+ boolean areRulesMatching = ruleUtils.checkRules(rules, argument);
if (!areRulesMatching)
{
return ACCESS_DENIED;
@@ -116,101 +76,6 @@
}
/**
- * @param authentication
- * @return
- */
- private Collection< ? extends String> getRolesFromAuthentication(Authentication authentication)
- {
- List<String> roles = new ArrayList<String>();
- for (GrantedAuthority authority : authentication.getAuthorities())
- {
- log.debug("Granted authority for user {}: {}", authentication.getName(), authority.getAuthority());
- roles.add(authority.getAuthority());
- }
- return roles;
- }
-
- /**
- * @param rules
- * @param argument
- * @return
- */
- private boolean checkRules(List<SecurityRule> rules, Object argument)
- {
- log.debug("Evaluating rules.");
- try
- {
- for (SecurityRule rule : rules)
- {
- String objProperty = BeanUtils.getSimpleProperty(argument, rule.getProperty());
- if (rule.getModifier().equals(ModifierEnum.EQUALS))
- {
- if (StringUtils.equals(objProperty, rule.getValue()))
- {
- log.debug("Matching rule found: {}", rule);
- return true;
- }
- }
- else if (rule.getModifier().equals(ModifierEnum.NOT))
- {
- if (!StringUtils.equals(objProperty, rule.getValue()))
- {
- log.debug("Matching rule found: {}", rule);
- return true;
- }
- }
- else
- {
- throw new RuntimeException("Modifier " + rule.getModifier() + " is not recognized");
- }
- }
- }
- catch (NoSuchMethodException e)
- {
- log.error("{}", e);
- }
- catch (IllegalAccessException e)
- {
- log.error("{}", e);
- }
- catch (InvocationTargetException e)
- {
- log.error("{}", e);
- }
- log.debug("No matching rules found.");
- return false;
- }
-
- /**
- * @param rules
- * @param config
- * @return
- */
- @SuppressWarnings("unchecked")
- private boolean checkPermissions(List<SecurityRule> rules, ConfigAttributeDefinition config)
- {
- log.debug("Evaluation permissions");
- Iterator iterator = config.getConfigAttributes();
- while (iterator.hasNext())
- {
- String attribute = ((ConfigAttribute) iterator.next()).getAttribute();
- for (SecurityRule rule : rules)
- {
- for (PermissionEnum permission : rule.getPermissions())
- {
- if (StringUtils.equals(permission.getValue(), attribute))
- {
- log.debug("Matching permission: {}", permission.getValue());
- return true;
- }
- }
- }
- }
- log.debug("No matching permissions found.");
- return false;
- }
-
- /**
* Sets the securityRuleManager.
* @param securityRuleManager the securityRuleManager to set
*/
@@ -218,5 +83,4 @@
{
this.securityRuleManager = securityRuleManager;
}
-
}
Added: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java (rev 0)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java 2008-02-20 14:09:10 UTC (rev 658)
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+package it.openutils.hibernate.security.filter;
+
+import it.openutils.hibernate.security.dataobject.ModifierEnum;
+import it.openutils.hibernate.security.dataobject.PermissionEnum;
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+
+import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import org.acegisecurity.Authentication;
+import org.acegisecurity.ConfigAttribute;
+import org.acegisecurity.ConfigAttributeDefinition;
+import org.acegisecurity.GrantedAuthority;
+import org.apache.commons.beanutils.BeanUtils;
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * @author fcarone
+ * @version $Id: $
+ */
+public abstract class SecurityRuleBaseHandler
+{
+
+ /**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(SecurityRuleBaseHandler.class);
+
+ /**
+ * {@inheritDoc}
+ */
+ public boolean supports(ConfigAttribute attribute)
+ {
+ log.debug("Evaluating attribute {}", attribute.getAttribute());
+
+ if (attribute.getAttribute() != null)
+ {
+ for (PermissionEnum permission : PermissionEnum.values())
+ {
+ if (StringUtils.equals(permission.getValue(), attribute.getAttribute()))
+ {
+ log.debug("Support ok.");
+ return true;
+ }
+ }
+ }
+ log.debug("Not supporting attribute.");
+ return false;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @SuppressWarnings("unchecked")
+ public boolean supports(Class clazz)
+ {
+ return true;
+ }
+
+}
Added: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleUtils.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleUtils.java (rev 0)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleUtils.java 2008-02-20 14:09:10 UTC (rev 658)
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
+ */
+package it.openutils.hibernate.security.filter;
+
+import it.openutils.hibernate.security.dataobject.ModifierEnum;
+import it.openutils.hibernate.security.dataobject.PermissionEnum;
+import it.openutils.hibernate.security.dataobject.SecurityRule;
+
+import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import org.acegisecurity.Authentication;
+import org.acegisecurity.ConfigAttribute;
+import org.acegisecurity.ConfigAttributeDefinition;
+import org.acegisecurity.GrantedAuthority;
+import org.apache.commons.beanutils.BeanUtils;
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * @author fcarone
+ * @version $Id: $
+ */
+public class SecurityRuleUtils
+{
+ /**
+ * Logger.
+ */
+ private Logger log = LoggerFactory.getLogger(SecurityRuleUtils.class);
+
+ /**
+ * @param rules The list of rules to check
+ * @param config The config attribute to check the rules against
+ * @return True if any of the rules matches the given config attribute, false otherwise.
+ */
+ @SuppressWarnings("unchecked")
+ protected boolean checkPermissions(List<SecurityRule> rules, ConfigAttributeDefinition config)
+ {
+ log.debug("Evaluation permissions");
+ Iterator iterator = config.getConfigAttributes();
+ while (iterator.hasNext())
+ {
+ String attribute = ((ConfigAttribute) iterator.next()).getAttribute();
+ for (SecurityRule rule : rules)
+ {
+ for (PermissionEnum permission : rule.getPermissions())
+ {
+ if (StringUtils.equals(permission.getValue(), attribute))
+ {
+ log.debug("Matching permission: {}", permission.getValue());
+ return true;
+ }
+ }
+ }
+ }
+ log.debug("No matching permissions found.");
+ return false;
+ }
+
+ /**
+ * @param rules The list of rules to check
+ * @param argument The object to check the rules against
+ * @return True if any of the rules matches the given object, false otherwise.
+ */
+ protected boolean checkRules(List<SecurityRule> rules, Object argument)
+ {
+ log.debug("Evaluating rules.");
+ try
+ {
+ for (SecurityRule rule : rules)
+ {
+ String objProperty = BeanUtils.getSimpleProperty(argument, rule.getProperty());
+ if (rule.getModifier().equals(ModifierEnum.EQUALS))
+ {
+ if (StringUtils.equals(objProperty, rule.getValue()))
+ {
+ log.debug("Matching rule found: {}", rule);
+ return true;
+ }
+ }
+ else if (rule.getModifier().equals(ModifierEnum.NOT))
+ {
+ if (!StringUtils.equals(objProperty, rule.getValue()))
+ {
+ log.debug("Matching rule found: {}", rule);
+ return true;
+ }
+ }
+ else
+ {
+ throw new RuntimeException("Modifier " + rule.getModifier() + " is not recognized");
+ }
+ }
+ }
+ catch (NoSuchMethodException e)
+ {
+ log.error("{}", e);
+ }
+ catch (IllegalAccessException e)
+ {
+ log.error("{}", e);
+ }
+ catch (InvocationTargetException e)
+ {
+ log.error("{}", e);
+ }
+ log.debug("No matching rules found.");
+ return false;
+ }
+
+
+ /**
+ * @param authentication The authentication method
+ * @return The collection of roles contained in the authentication
+ */
+ protected List<String> getRolesFromAuthentication(Authentication authentication)
+ {
+ List<String> roles = new ArrayList<String>();
+ for (GrantedAuthority authority : authentication.getAuthorities())
+ {
+ log.debug("Granted authority for user {}: {}", authentication.getName(), authority.getAuthority());
+ roles.add(authority.getAuthority());
+ }
+ return roles;
+ }
+}
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-20 10:38:55 UTC (rev 657)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-20 14:09:10 UTC (rev 658)
@@ -67,6 +67,9 @@
SecurityContextHolder.setContext(sci);
}
+ /**
+ * Init this test class with the dummyDAO DAO (with AOP enabled)
+ */
@Before
public void initDummyDAO()
{
@@ -245,7 +248,7 @@
DummyDataobject filter = new DummyDataobject();
List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
Assert.assertNotNull(dummyObjects);
- Assert.assertEquals(2, dummyObjects.size());
+ Assert.assertEquals(3, dummyObjects.size());
}
/**
@@ -259,10 +262,13 @@
DummyDataobject filter = new DummyDataobject();
List<DummyDataobject> dummyObjects = securedObject.findFiltered(filter);
Assert.assertNotNull(dummyObjects);
- Assert.assertEquals(2, dummyObjects.size());
+ Assert.assertEquals(3, dummyObjects.size());
+
+ ((AOPSecurity) applicationContext.getBean("securityAspect")).setEnabled(true);
}
+
/**
* Sets the securedObject.
* @param securedObject the securedObject to set
Modified: trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-20 10:38:55 UTC (rev 657)
+++ trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-20 14:09:10 UTC (rev 658)
@@ -25,6 +25,7 @@
<value>Verdi</value>
<value>ve...@ex...</value>
</row>
+ <!-- UserTre has no access to any data -->
<row>
<value>UserTre</value>
<!-- sha1 for 'password' -->
@@ -181,6 +182,11 @@
<value>1</value>
<value>DEF</value>
</row>
+ <row>
+ <value>2</value>
+ <value>3</value>
+ <value>GHI</value>
+ </row>
</table>
</dataset>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-20 17:14:49
|
Revision: 672
http://openutils.svn.sourceforge.net/openutils/?rev=672&view=rev
Author: fcarone
Date: 2008-02-20 09:14:54 -0800 (Wed, 20 Feb 2008)
Log Message:
-----------
Id property set on java files
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/SecurityRuleDAO.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/impl/SecurityRuleDAOImpl.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/ModifierEnum.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/PermissionEnum.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAfterInvocationHandler.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/utils/SecurityRuleUtils.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/HsqlDatatypeFactory.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDAO.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDaoImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDataobject.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManager.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
Property Changed:
----------------
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/SecurityRuleDAO.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/impl/SecurityRuleDAOImpl.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/ModifierEnum.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/PermissionEnum.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAfterInvocationHandler.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/utils/SecurityRuleUtils.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/HsqlDatatypeFactory.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDAO.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDaoImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDataobject.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManager.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -37,7 +37,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
@Aspect
public class AOPSecurity
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/SecurityRuleDAO.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/SecurityRuleDAO.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/SecurityRuleDAO.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -9,7 +9,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public interface SecurityRuleDAO extends HibernateDAO<SecurityRule, Long>
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/SecurityRuleDAO.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/impl/SecurityRuleDAOImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/impl/SecurityRuleDAOImpl.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/impl/SecurityRuleDAOImpl.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -10,7 +10,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class SecurityRuleDAOImpl extends HibernateDAOImpl<SecurityRule, Long> implements SecurityRuleDAO
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dao/impl/SecurityRuleDAOImpl.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/ModifierEnum.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/ModifierEnum.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/ModifierEnum.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -5,7 +5,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public enum ModifierEnum {
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/ModifierEnum.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/PermissionEnum.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/PermissionEnum.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/PermissionEnum.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -5,7 +5,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public enum PermissionEnum {
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/PermissionEnum.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -26,7 +26,7 @@
/**
* @author fcarone
- * @version $Id: $ A security rule
+ * @version $Id$ A security rule
*/
@Entity
@Table(name = "SECURITY_RULE")
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/dataobject/SecurityRule.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -41,7 +41,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class JavaBeanFilter implements Filter
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/JavaBeanFilter.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -31,7 +31,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class SecurityRuleAccessDecisionVoter extends SecurityRuleBaseHandler implements AccessDecisionVoter
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAccessDecisionVoter.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAfterInvocationHandler.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAfterInvocationHandler.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAfterInvocationHandler.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -18,7 +18,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class SecurityRuleAfterInvocationHandler extends SecurityRuleBaseHandler implements AfterInvocationProvider
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleAfterInvocationHandler.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -13,7 +13,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public abstract class SecurityRuleBaseHandler
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRuleBaseHandler.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -16,7 +16,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class SecurityRulePredicate implements Predicate
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/utils/SecurityRuleUtils.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/utils/SecurityRuleUtils.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/utils/SecurityRuleUtils.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -23,7 +23,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class SecurityRuleUtils
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/utils/SecurityRuleUtils.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -12,7 +12,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public interface SecurityRuleManager
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/SecurityRuleManager.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -16,7 +16,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class SecurityRuleManagerImpl implements SecurityRuleManager
{
Property changes on: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/services/impl/SecurityRuleManagerImpl.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/HsqlDatatypeFactory.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/HsqlDatatypeFactory.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/HsqlDatatypeFactory.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -12,7 +12,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class HsqlDatatypeFactory extends DefaultDataTypeFactory
{
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/HsqlDatatypeFactory.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -38,7 +38,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
@ContextConfiguration(locations = {"/spring-tests.xml" })
@DbUnitExecution(datasets = {"/SecurityIntegrationTest-load.xml" }, dataSource = "dataSource", //
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/SecurityIntegrationTest.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDAO.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDAO.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDAO.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -8,7 +8,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public interface DummyDAO extends HibernateDAO<DummyDataobject, Long>
{
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDAO.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDaoImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDaoImpl.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDaoImpl.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -8,7 +8,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class DummyDaoImpl extends HibernateDAOImpl<DummyDataobject, Long> implements DummyDAO
{
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDaoImpl.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDataobject.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDataobject.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDataobject.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -11,7 +11,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
@Entity
@Table(name = "DUMMYDATAOBJECT")
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyDataobject.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManager.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManager.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManager.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -8,7 +8,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public interface DummyObjectManager
{
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManager.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -8,7 +8,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class DummyObjectManagerImpl implements DummyObjectManager
{
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/apptest/DummyObjectManagerImpl.java
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2008-02-20 16:56:50 UTC (rev 671)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2008-02-20 17:14:54 UTC (rev 672)
@@ -17,7 +17,7 @@
/**
* @author fcarone
- * @version $Id: $
+ * @version $Id$
*/
public class JavaBeanFilterTest
{
Property changes on: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
___________________________________________________________________
Name: svn:keywords
+ Id
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fc...@us...> - 2008-02-25 11:59:26
|
Revision: 694
http://openutils.svn.sourceforge.net/openutils/?rev=694&view=rev
Author: fcarone
Date: 2008-02-25 03:59:31 -0800 (Mon, 25 Feb 2008)
Log Message:
-----------
Tests updated
Modified Paths:
--------------
trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
trunk/openutils-hibernate-security/src/test/resources/spring-security.xml
Added Paths:
-----------
trunk/openutils-hibernate-security/src/site/apt/
trunk/openutils-hibernate-security/src/site/apt/index.apt
Added: trunk/openutils-hibernate-security/src/site/apt/index.apt
===================================================================
--- trunk/openutils-hibernate-security/src/site/apt/index.apt (rev 0)
+++ trunk/openutils-hibernate-security/src/site/apt/index.apt 2008-02-25 11:59:31 UTC (rev 694)
@@ -0,0 +1,19 @@
+ --------------------------
+ O p e n u t i l s
+ --------------------------
+ Filippo Carone
+ --------------------------
+
+openutils-hibernate-security
+
+ openutils-hibernate-security provides base generic hibernate security classes, implementing a role based access control
+ (RBAC) on data managed through hibernate.
+
+
+ See the test classes for how to setup security and look at {{{apidocs/index.html}javadocs}} for more details.
+
+
+Released versions
+
+ Check it at {{{http://www.mvnrepository.com/artifact/net.sourceforge.openutils/openutils-hibernate-security}http://www.mvnrepository.com/artifact/net.sourceforge.openutils/openutils-hibernate-security}}
+
Modified: trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java
===================================================================
--- trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2008-02-25 09:56:14 UTC (rev 693)
+++ trunk/openutils-hibernate-security/src/test/java/it/openutils/hibernate/security/filter/JavaBeanFilterTest.java 2008-02-25 11:59:31 UTC (rev 694)
@@ -1,3 +1,18 @@
+/*
+ * Copyright Openmind http://www.openmindonline.it
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package it.openutils.hibernate.security.filter;
import it.openutils.hibernate.security.dataobject.ModifierEnum;
@@ -3,4 +18,5 @@
import it.openutils.hibernate.security.dataobject.PermissionEnum;
import it.openutils.hibernate.security.dataobject.SecurityRule;
+import it.openutils.hibernate.security.dataobject.StatusEnum;
import java.util.ArrayList;
@@ -10,11 +26,6 @@
import org.junit.Assert;
import org.junit.Test;
-
-/*
- * Copyright (c) Openmind. All rights reserved. http://www.openmindonline.it
- */
-
/**
* @author fcarone
* @version $Id$
@@ -39,6 +50,7 @@
rule.setProperty("entity");
rule.setRole("ROLE_1");
rule.setValue("VALUE");
+ rule.setStatus(StatusEnum.ENABLED);
SecurityRule rule2 = new SecurityRule();
rule2.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
@@ -49,6 +61,7 @@
rule2.setProperty("value");
rule2.setRole("ROLE_1");
rule2.setValue("VALUE2");
+ rule2.setStatus(StatusEnum.ENABLED);
SecurityRule rule2b = new SecurityRule();
rule2b.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
@@ -57,6 +70,7 @@
rule2b.setProperty("id");
rule2b.setRole("ROLE_1");
rule2b.setValue("4");
+ rule2b.setStatus(StatusEnum.ENABLED);
SecurityRule rule3 = new SecurityRule();
rule3.setEntity("it.openutils.hibernate.security.dataobject.SecurityRule");
@@ -67,6 +81,7 @@
rule3.setProperty("value");
rule3.setRole("ROLE_2");
rule3.setValue("VALUE3");
+ rule3.setStatus(StatusEnum.ENABLED);
rules.add(rule);
rules.add(rule2);
Modified: trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-25 09:56:14 UTC (rev 693)
+++ trunk/openutils-hibernate-security/src/test/resources/SecurityIntegrationTest-load.xml 2008-02-25 11:59:31 UTC (rev 694)
@@ -119,6 +119,8 @@
<column>PROPERTY</column>
<column>VALUE</column>
<column>MODIFIER</column>
+ <column>STATUS</column>
+ <column>DELETED</column>
<row>
<value>1</value>
<value>RoleUno</value>
@@ -126,6 +128,8 @@
<value>intValue</value>
<value>1</value>
<value>EQUALS</value>
+ <value>ENABLED</value>
+ <value>0</value>
</row>
<row>
<value>2</value>
@@ -134,6 +138,8 @@
<value>intValue</value>
<value>1</value>
<value>EQUALS</value>
+ <value>ENABLED</value>
+ <value>0</value>
</row>
<row>
<value>3</value>
@@ -142,7 +148,19 @@
<value>intValue</value>
<value>1</value>
<value>NOT</value>
+ <value>ENABLED</value>
+ <value>0</value>
</row>
+ <row>
+ <value>4</value>
+ <value>RoleTre</value>
+ <value>it.openutils.hibernate.security.apptest.DummyDataobject</value>
+ <value>intValue</value>
+ <value>1</value>
+ <value>NOT</value>
+ <value>ENABLED</value>
+ <value>1</value>
+ </row>
</table>
<table name="SECRULE_PERMISSION">
<column>ID_SECURITY_RULE</column>
Modified: trunk/openutils-hibernate-security/src/test/resources/spring-security.xml
===================================================================
--- trunk/openutils-hibernate-security/src/test/resources/spring-security.xml 2008-02-25 09:56:14 UTC (rev 693)
+++ trunk/openutils-hibernate-security/src/test/resources/spring-security.xml 2008-02-25 11:59:31 UTC (rev 694)
@@ -62,7 +62,6 @@
</property>
</bean>
-
<bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
<property name="providers">
<list>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X