Author: gk
Date: Wed May 16 13:37:35 2018
New Revision: 1831712
URL: http://svn.apache.org/viewvc?rev=1831712&view=rev
Log:
- isAuthorized using more ConditionType to check role
- use security snapshot
Modified:
turbine/core/trunk/pom.xml
turbine/core/trunk/src/java/org/apache/turbine/annotation/AnnotationProcessor.java
Modified: turbine/core/trunk/pom.xml
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/pom.xml?rev=1831712&r1=1831711&r2=1831712&view=diff
==============================================================================
--- turbine/core/trunk/pom.xml (original)
+++ turbine/core/trunk/pom.xml Wed May 16 13:37:35 2018
@@ -1148,7 +1148,7 @@
<!--turbine.site.path>turbine/development/turbine-4.1</turbine.site.path-->
<turbine.site.path>turbine/turbine-4.0</turbine.site.path>
<fulcrum.intake>1.2.3</fulcrum.intake>
- <fulcrum.security>1.1.2</fulcrum.security>
+ <fulcrum.security>1.1.3-SNAPSHOT</fulcrum.security>
<slf4j.version>1.7.25</slf4j.version>
</properties>
Modified:
turbine/core/trunk/src/java/org/apache/turbine/annotation/AnnotationProcessor.java
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/annotation/AnnotationProcessor.java?rev=1831712&r1=1831711&r2=1831712&view=diff
==============================================================================
---
turbine/core/trunk/src/java/org/apache/turbine/annotation/AnnotationProcessor.java
(original)
+++
turbine/core/trunk/src/java/org/apache/turbine/annotation/AnnotationProcessor.java
Wed May 16 13:37:35 2018
@@ -75,16 +75,39 @@ public class AnnotationProcessor
}
return annotations;
}
-
+
+ public enum ConditionType
+ {
+ COMPOUND, ANY;
+ }
+
/**
* Check if the object given is authorized to be executed based on its
annotations
+ *
* The method will return false if one of the annotations denies execution
+ *
+ * @see #isAuthorized(AccessibleObject, TurbineAccessControlList,
ConditionType)
+ *
+ * @param object
+ * @param acl
+ * @return true if the execution is allowed
+ */
+ public static <A extends TurbineAccessControlList> boolean
isAuthorized(AccessibleObject object, A acl)
+ {
+ return isAuthorized( object, acl, ConditionType.COMPOUND );
+ }
+
+ /**
+ * Check if the object given is authorized to be executed based on its
annotations
+ * The method's return value depends on the conditonType, cft. {@link
RoleConditionType}.
*
* @param object the object
* @param acl
+ * @param conditonType either {@link RoleConditionType#COMPOUND}: The
method will return false if one of the annotations denies execution
+ * or {@link RoleConditionType#SINGLE} : The method
will return true if one of the annotations allows execution
* @return true if the execution is allowed
*/
- public static <A extends TurbineAccessControlList> boolean
isAuthorized(AccessibleObject object, A acl)
+ public static <A extends TurbineAccessControlList> boolean
isAuthorized(AccessibleObject object, A acl, ConditionType conditonType)
{
Annotation[] annotations = getAnnotations(object);
@@ -100,9 +123,19 @@ public class AnnotationProcessor
{
for (String roleName : roleNames)
{
- if (!acl.hasRole(roleName))
- {
- return false;
+ switch ( conditonType ) {
+ case COMPOUND: default:
+ if (!acl.hasRole(roleName))
+ {
+ return false;
+ }
+ break;
+ case ANY:
+ if (acl.hasRole(roleName))
+ {
+ return true;
+ }
+ break;
}
}
}
@@ -110,9 +143,19 @@ public class AnnotationProcessor
{
for (String roleName : roleNames)
{
- if (!acl.hasRole(roleName, group))
- {
- return false;
+ switch ( conditonType ) {
+ case COMPOUND: default:
+ if (!acl.hasRole(roleName, group))
+ {
+ return false;
+ }
+ break;
+ case ANY:
+ if (acl.hasRole(roleName, group))
+ {
+ return true;
+ }
+ break;
}
}
}
@@ -127,9 +170,19 @@ public class AnnotationProcessor
{
for (String permissionName : permissionNames)
{
- if (!acl.hasPermission(permissionName))
- {
- return false;
+ switch ( conditonType ) {
+ case COMPOUND: default:
+ if (!acl.hasPermission(permissionName))
+ {
+ return false;
+ }
+ break;
+ case ANY:
+ if (acl.hasPermission(permissionName))
+ {
+ return true;
+ }
+ break;
}
}
}
@@ -137,10 +190,21 @@ public class AnnotationProcessor
{
for (String permissionName : permissionNames)
{
- if (!acl.hasPermission(permissionName, group))
- {
- return false;
+ switch ( conditonType ) {
+ case COMPOUND: default:
+ if (!acl.hasPermission(permissionName, group))
+ {
+ return false;
+ }
+ break;
+ case ANY:
+ if (acl.hasPermission(permissionName, group))
+ {
+ return true;
+ }
+ break;
}
+
}
}
}
