I'm doing a bunch of refactoring of my project right now, breaking out
parts of it into different modules. I'm using maven in my build
process. I'm running into a situation where I have a Shiro dependency
in my "models" module. This makes me think there is probably a better
approach than what I'm using, so I'm hoping someone can provide some
advice. My "models" module has this dependency, and I'd like to remove
it:
<!-- SHIRO (for the utils package only -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
</dependency>
Basically, I have a Member that contains a set of Roles and a set of
Permissions. Each Role also contains a set of Permissions. I'm using
the folllowing Shiro dependencies in my Permission object:
* ShiroUtils.hasText()
* ShiroUtils.split()
I'm also using the values of the following, but I had to redefine them
since they aren't visible:
WildcardPermission.WILDCARD_TOKEN
WildcardPermission.PART_DIVIDER_TOKEN
Here's my Permission object, with some fluff removed
(getters/setters/equals/etc)...
@Entity
@Table(name="permissions")
@Cache(usage= CacheConcurrencyStrategy.READ_WRITE)
public class Permission extends AbstractEntity implements IEntity {
private static final long serialVersionUID = 1L;
// TODO: Should I do this differently?
// Copied from tokens from WildcardPermission since they aren't
visible, and it would
// make this pojo reliant on Shiro classes.
protected static final String WILDCARD_TOKEN = "*";
protected static final String PART_DIVIDER_TOKEN = ":";
private String domain;
private String actions;
private String targets;
/** Creates a domain permission with *all* actions for *all* targets; */
public Permission() {
this(null,null,null);
}
public Permission(String domain) {
this(domain,null,null);
}
public Permission(String domain, String actions) {
this(domain,actions,null);
}
public Permission(String domain, String actions, String targets) {
if (!StringUtils.hasText(domain)) {
// No domain specified, so create an All Permission
this.domain = "*";
this.actions = actions;
this.targets = targets;
}
else if (domain.contains(PART_DIVIDER_TOKEN)){
// Make sure that actions and targets are not declared
if (StringUtils.hasText(actions) ||
StringUtils.hasText(targets)) {
throw new IllegalArgumentException("cannot specify
actions
or targets if domain contains full permissions string");
}
// Domain contains a full permission string, so parse it
String[] parts = StringUtils.split(domain,
PART_DIVIDER_TOKEN.charAt(0));
if (parts.length > 0) {
this.domain = parts[0];
}
if (parts.length > 1) {
this.actions = parts[1];
}
if (parts.length > 2) {
this.targets = parts[2];
}
return;
}
else {
this.domain = domain;
this.actions = actions;
this.targets = targets;
}
}
@Transient
public String getPermissionString() {
StringBuilder sb = new StringBuilder(domain);
if (!StringUtils.hasText(actions)) {
if (StringUtils.hasText(targets)) {
sb.append(PART_DIVIDER_TOKEN).append(WILDCARD_TOKEN);
}
} else {
sb.append(PART_DIVIDER_TOKEN).append(actions);
}
if (targets != null) {
sb.append(PART_DIVIDER_TOKEN).append(targets);
}
return sb.toString();
}
}
Ideally, my "models" maven module would have no dependencies on Shiro.
Is there a better approach that I should consider? I don't want to
implement my own version of StringUtils, but would rather not include
all of Shiro core. I was hoping there was a Shiro-utils module.
I realize that much of StringUtils is copied from Spring, but I think
that split() was customized. Also, I really don't want any Spring
dependencies in my "models" either, and currently don't have any.
Thanks,
Tauren
