You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by gp...@apache.org on 2011/09/27 15:11:53 UTC
svn commit: r1176374 - in /myfaces/extensions/cdi/trunk:
core/api/src/main/java/org/apache/myfaces/extensions/cdi/core/api/security/
jee-modules/jsf-module/impl/src/main/java/org/apache/myfaces/extensions/cdi/jsf/impl/util/
Author: gpetracek
Date: Tue Sep 27 13:11:53 2011
New Revision: 1176374
URL: http://svn.apache.org/viewvc?rev=1176374&view=rev
Log:
EXTCDI-229 optional SecurityViolationHandler
Added:
myfaces/extensions/cdi/trunk/core/api/src/main/java/org/apache/myfaces/extensions/cdi/core/api/security/SecurityViolationHandler.java
Modified:
myfaces/extensions/cdi/trunk/jee-modules/jsf-module/impl/src/main/java/org/apache/myfaces/extensions/cdi/jsf/impl/util/SecurityUtils.java
Added: myfaces/extensions/cdi/trunk/core/api/src/main/java/org/apache/myfaces/extensions/cdi/core/api/security/SecurityViolationHandler.java
URL: http://svn.apache.org/viewvc/myfaces/extensions/cdi/trunk/core/api/src/main/java/org/apache/myfaces/extensions/cdi/core/api/security/SecurityViolationHandler.java?rev=1176374&view=auto
==============================================================================
--- myfaces/extensions/cdi/trunk/core/api/src/main/java/org/apache/myfaces/extensions/cdi/core/api/security/SecurityViolationHandler.java (added)
+++ myfaces/extensions/cdi/trunk/core/api/src/main/java/org/apache/myfaces/extensions/cdi/core/api/security/SecurityViolationHandler.java Tue Sep 27 13:11:53 2011
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.myfaces.extensions.cdi.core.api.security;
+
+import java.util.Set;
+
+/**
+ * Allows to handle custom implementations of {@link SecurityViolation}
+ *
+ * @author Gerhard Petracek
+ */
+public interface SecurityViolationHandler
+{
+ /**
+ * Instead of adding the violations as message for the user, it's possible to implement a custom behaviour
+ * (e.g. something like an InternalViolation which won't get added)
+ * @param securityViolations current violations
+ */
+ void processSecurityViolations(Set<SecurityViolation> securityViolations);
+}
Modified: myfaces/extensions/cdi/trunk/jee-modules/jsf-module/impl/src/main/java/org/apache/myfaces/extensions/cdi/jsf/impl/util/SecurityUtils.java
URL: http://svn.apache.org/viewvc/myfaces/extensions/cdi/trunk/jee-modules/jsf-module/impl/src/main/java/org/apache/myfaces/extensions/cdi/jsf/impl/util/SecurityUtils.java?rev=1176374&r1=1176373&r2=1176374&view=diff
==============================================================================
--- myfaces/extensions/cdi/trunk/jee-modules/jsf-module/impl/src/main/java/org/apache/myfaces/extensions/cdi/jsf/impl/util/SecurityUtils.java (original)
+++ myfaces/extensions/cdi/trunk/jee-modules/jsf-module/impl/src/main/java/org/apache/myfaces/extensions/cdi/jsf/impl/util/SecurityUtils.java Tue Sep 27 13:11:53 2011
@@ -22,9 +22,11 @@ import org.apache.myfaces.extensions.cdi
import org.apache.myfaces.extensions.cdi.core.api.security.AccessDeniedException;
import org.apache.myfaces.extensions.cdi.core.api.security.SecurityViolation;
import org.apache.myfaces.extensions.cdi.core.api.config.view.ViewConfig;
+import org.apache.myfaces.extensions.cdi.core.api.security.SecurityViolationHandler;
import org.apache.myfaces.extensions.cdi.core.api.tools.DefaultAnnotation;
import static org.apache.myfaces.extensions.cdi.core.impl.util.CodiUtils.getContextualReferenceByClass;
+import org.apache.myfaces.extensions.cdi.core.impl.util.CodiUtils;
import org.apache.myfaces.extensions.cdi.jsf.api.config.view.ViewConfigDescriptor;
import org.apache.myfaces.extensions.cdi.message.api.MessageContext;
import org.apache.myfaces.extensions.cdi.message.api.payload.MessageSeverity;
@@ -130,7 +132,18 @@ public abstract class SecurityUtils
{
FacesContext facesContext = FacesContext.getCurrentInstance();
- addViolationsAsMessage(exception.getViolations());
+ SecurityViolationHandler securityViolationHandler =
+ CodiUtils.getContextualReferenceByClass(SecurityViolationHandler.class, true);
+
+ if(securityViolationHandler != null)
+ {
+ //optional (custom handler) - allows to handle custom implementations of SecurityViolation
+ securityViolationHandler.processSecurityViolations(exception.getViolations());
+ }
+ else
+ {
+ addViolationsAsMessage(exception.getViolations());
+ }
if(allowNavigation)
{