You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lo...@apache.org on 2015/05/27 13:29:27 UTC
svn commit: r1681983 - in /myfaces/tobago/branches/tobago-3.0.x: ./
tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java
Author: lofwyr
Date: Wed May 27 11:29:26 2015
New Revision: 1681983
URL: http://svn.apache.org/r1681983
Log:
Merged from trunk
TOBAGO-1468: NoSuchMethodException in security module, when using EL 2.0 paranthesis in actions [from revision 1681981]
Modified:
myfaces/tobago/branches/tobago-3.0.x/ (props changed)
myfaces/tobago/branches/tobago-3.0.x/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java
Propchange: myfaces/tobago/branches/tobago-3.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May 27 11:29:26 2015
@@ -1,3 +1,3 @@
/myfaces/tobago/branches/tobago-1.5.x:1356585,1357124
/myfaces/tobago/branches/tobago-tree-table:1226794-1341423
-/myfaces/tobago/trunk:1571193,1571804,1571816,1571941,1571945,1571962,1571966,1576730,1589960,1591854,1600239,1600818,1601860,1602151,1602154,1602343,1604224,1606201,1607642,1609696-1609697,1609718,1610942,1610948,1610970,1610989,1611011,1611259,1611264,1611276,1611329,1611338-1611339,1611571,1613015,1613032,1614827,1614853,1615053,1615114,1615121,1617310,1619789,1621101,1621107,1621134,1621156,1621264,1621282,1621332,1622222,1622243,1622508,1623934,1624033,1625968,1625972,1626270,1628899,1628953,1636842,1636911,1640117,1640147,1640541,1640548,1640638,1640761,1640917,1641575,1641635,1641772,1641775,1641777,1656502,1657180,1657269,1657276,1657279,1658909,1658912,1659026,1659031,1660696,1660699,1660708,1660714,1665569,1666464,1668147,1668153,1668249,1675330,1675565,1675584,1675588-1675589,1675636,1679031,1680197
+/myfaces/tobago/trunk:1571193,1571804,1571816,1571941,1571945,1571962,1571966,1576730,1589960,1591854,1600239,1600818,1601860,1602151,1602154,1602343,1604224,1606201,1607642,1609696-1609697,1609718,1610942,1610948,1610970,1610989,1611011,1611259,1611264,1611276,1611329,1611338-1611339,1611571,1613015,1613032,1614827,1614853,1615053,1615114,1615121,1617310,1619789,1621101,1621107,1621134,1621156,1621264,1621282,1621332,1622222,1622243,1622508,1623934,1624033,1625968,1625972,1626270,1628899,1628953,1636842,1636911,1640117,1640147,1640541,1640548,1640638,1640761,1640917,1641575,1641635,1641772,1641775,1641777,1656502,1657180,1657269,1657276,1657279,1658909,1658912,1659026,1659031,1660696,1660699,1660708,1660714,1665569,1666464,1668147,1668153,1668249,1675330,1675565,1675584,1675588-1675589,1675636,1679031,1680197,1681981
Modified: myfaces/tobago/branches/tobago-3.0.x/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/branches/tobago-3.0.x/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java?rev=1681983&r1=1681982&r2=1681983&view=diff
==============================================================================
--- myfaces/tobago/branches/tobago-3.0.x/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java (original)
+++ myfaces/tobago/branches/tobago-3.0.x/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java Wed May 27 11:29:26 2015
@@ -29,9 +29,13 @@ import javax.faces.context.FacesContext;
import java.lang.annotation.Annotation;
import java.lang.reflect.AnnotatedElement;
import java.lang.reflect.Method;
+import java.util.ArrayList;
import java.util.Arrays;
+import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
public class AuthorizationUtils {
private static final Logger LOG = LoggerFactory.getLogger(AuthorizationUtils.class);
@@ -102,25 +106,28 @@ public class AuthorizationUtils {
return null;
} else {
Annotation securityAnnotation = null;
- if (expression.startsWith("#{") && expression.endsWith("}")) {
- expression = expression.substring(2, expression.length()-1);
- final int index = expression.lastIndexOf('.');
- if (index != -1) {
- final String methodExpression = expression.substring(index+1, expression.length());
- final String beanExpression = expression.substring(0, index);
- // TODO find a better way
- final Object bean =
- facesContext.getApplication().getVariableResolver().resolveVariable(facesContext, beanExpression);
- if (bean != null) {
- try {
- final Method method = bean.getClass().getMethod(methodExpression);
- securityAnnotation = getSecurityAnnotations(method);
+ final Pattern pattern = Pattern.compile("#\\{(\\w+(?:\\.\\w+)*)\\.(\\w+)(?:\\(.*\\))?\\}");
+ final Matcher matcher = pattern.matcher(expression);
+ if (matcher.matches()) {
+ String beanString = matcher.group(1);
+ String methodString = matcher.group(2);
+ final Object bean =
+ facesContext.getELContext().getELResolver().getValue(facesContext.getELContext(), null, beanString);
+ if (bean != null) {
+ final List<Method> methods = findMethods(bean, methodString);
+ switch (methods.size()) {
+ case 0:
+ LOG.error("No Method '" + methodString + "' in class " + bean.getClass());
+ break;
+ case 1:
+ securityAnnotation = getSecurityAnnotations(methods.get(0));
if (securityAnnotation == null) {
securityAnnotation = getSecurityAnnotations(bean.getClass());
}
- } catch (final NoSuchMethodException e) {
- LOG.error("No Method " + methodExpression + " in class " + bean.getClass(), e);
- }
+ break;
+ default:
+ LOG.warn("Method name ambiguous '" + methodString + "' in class " + bean.getClass()
+ + ". Found " + methods.size() + " but only 1 is supported, yet.");
}
}
}
@@ -132,5 +139,15 @@ public class AuthorizationUtils {
return securityAnnotation;
}
}
-}
+ private static List<Method> findMethods(Object bean, String name) {
+ final Method[] methods = bean.getClass().getMethods();
+ final List<Method> result = new ArrayList<Method>();
+ for (Method method : methods) {
+ if (method.getName().equals(name)) {
+ result.add(method);
+ }
+ }
+ return result;
+ }
+}