You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@aries.apache.org by cs...@apache.org on 2014/11/10 16:23:55 UTC
svn commit: r1637887 - in /aries/trunk/blueprint/blueprint-authz/src:
main/java/org/apache/aries/blueprint/authorization/impl/
test/java/org/apache/aries/blueprint/authorization/impl/
Author: cschneider
Date: Mon Nov 10 15:23:55 2014
New Revision: 1637887
URL: http://svn.apache.org/r1637887
Log:
ARIES-1226 Cleanup
Added:
aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java
- copied, changed from r1637878, aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AnnotationParser.java
Removed:
aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AnnotationParser.java
Modified:
aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java
aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java
Copied: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java (from r1637878, aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AnnotationParser.java)
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java?p2=aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java&p1=aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AnnotationParser.java&r1=1637878&r2=1637887&rev=1637887&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AnnotationParser.java (original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java Mon Nov 10 15:23:55 2014
@@ -18,23 +18,18 @@
*/
package org.apache.aries.blueprint.authorization.impl;
-import java.lang.reflect.Method;
-
-import javax.annotation.security.DenyAll;
-import javax.annotation.security.RolesAllowed;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.aries.blueprint.BeanProcessor;
import org.apache.aries.blueprint.ComponentDefinitionRegistry;
import org.osgi.service.blueprint.reflect.BeanMetadata;
-public class AnnotationParser implements BeanProcessor {
+public class AuthorizationBeanProcessor implements BeanProcessor {
private static final Logger LOGGER = LoggerFactory.getLogger(AuthorizationInterceptor.class);
+ public static final String AUTH_PROCESSOR_BEAN_NAME = "org_apache_aries_authz_annotations";
private ComponentDefinitionRegistry cdr;
- public static final String ANNOTATION_PARSER_BEAN_NAME = "org_apache_aries_authz_annotations";
- public AnnotationParser() {
+ public AuthorizationBeanProcessor() {
}
public void setCdr(ComponentDefinitionRegistry cdr) {
@@ -53,36 +48,11 @@ public class AnnotationParser implements
public Object beforeInit(Object bean, String beanName, BeanCreator beanCreator, BeanMetadata beanData) {
Class<?> c = bean.getClass();
- if (isSecured(c)) {
+ if (new SecurityAnotationParser().isSecured(c)) {
LOGGER.debug("Adding annotation based authorization interceptor for bean {} with class {}", beanName, c);
cdr.registerInterceptorWithComponent(beanData, new AuthorizationInterceptor());
}
return bean;
}
- /**
- * A class is secured if @RolesAllowed is used on class or method level of the class or its hierarchy.
- *
- * @param clazz
- * @return
- */
- private boolean isSecured(Class<?> clazz) {
- if (clazz == Object.class) {
- return false;
- }
- if (clazz.getAnnotation(RolesAllowed.class) != null || clazz.getAnnotation(DenyAll.class) != null) {
- return true;
- }
- for (Method m : clazz.getMethods()) {
- if (m.getAnnotation(RolesAllowed.class) != null) {
- return true;
- }
- if (m.getAnnotation(DenyAll.class) != null) {
- return true;
- }
-
- }
- return false;
- }
-
}
Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java?rev=1637887&r1=1637886&r2=1637887&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java (original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java Mon Nov 10 15:23:55 2014
@@ -38,10 +38,10 @@ public class AuthorizationNsHandler impl
ComponentDefinitionRegistry cdr = pc.getComponentDefinitionRegistry();
if ("enable".equals(elt.getLocalName())) {
- if (!cdr.containsComponentDefinition(AnnotationParser.ANNOTATION_PARSER_BEAN_NAME)) {
+ if (!cdr.containsComponentDefinition(AuthorizationBeanProcessor.AUTH_PROCESSOR_BEAN_NAME)) {
MutableBeanMetadata meta = pc.createMetadata(MutableBeanMetadata.class);
- meta.setId(AnnotationParser.ANNOTATION_PARSER_BEAN_NAME);
- meta.setRuntimeClass(AnnotationParser.class);
+ meta.setId(AuthorizationBeanProcessor.AUTH_PROCESSOR_BEAN_NAME);
+ meta.setRuntimeClass(AuthorizationBeanProcessor.class);
meta.setProcessor(true);
MutablePassThroughMetadata cdrMeta = pc.createMetadata(MutablePassThroughMetadata.class);
cdrMeta.setObject(cdr);
Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java?rev=1637887&r1=1637886&r2=1637887&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java (original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java Mon Nov 10 15:23:55 2014
@@ -60,4 +60,30 @@ class SecurityAnotationParser {
return ann;
}
+ /**
+ * A class is secured if either the class or one of its methods is secured.
+ * An AnnotatedElement is secured if @RolesAllowed or @DenyAll is present.
+ *
+ * @param clazz
+ * @return
+ */
+ public boolean isSecured(Class<?> clazz) {
+ if (clazz == Object.class) {
+ return false;
+ }
+ if (isSecuredEl(clazz)) {
+ return true;
+ }
+ for (Method m : clazz.getMethods()) {
+ if (isSecuredEl(m)) {
+ return true;
+ }
+
+ }
+ return false;
+ }
+
+ private boolean isSecuredEl(AnnotatedElement element) {
+ return element.isAnnotationPresent(RolesAllowed.class) || element.isAnnotationPresent(DenyAll.class);
+ }
}
Modified: aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java?rev=1637887&r1=1637886&r2=1637887&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java (original)
+++ aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java Mon Nov 10 15:23:55 2014
@@ -35,6 +35,13 @@ public class SecurityAnnoationParserTest
public SecurityAnnoationParserTest() {
annParser = new SecurityAnotationParser();
}
+
+ @Test
+ public void testIsSecured() {
+ Assert.assertTrue(annParser.isSecured(SecuredClass.class));
+ Assert.assertFalse(annParser.isSecured(Object.class));
+ Assert.assertFalse(annParser.isSecured(Activator.class));
+ }
@Test
public void testAnnotationType() throws NoSuchMethodException, SecurityException {
@@ -59,4 +66,5 @@ public class SecurityAnnoationParserTest
Assert.assertTrue(ann instanceof RolesAllowed);
return ((RolesAllowed)ann).value();
}
+
}