cvs commit: jakarta-slide/src/share/org/apache/slide/security Security.java SecurityImpl.java

Sun, 11 Feb 2001 19:58:57 -0800 

remm        01/02/11 20:14:11

  Modified:    src/share/org/apache/slide/security Security.java
                        SecurityImpl.java
  Log:
  - Added a new Security.hasPermission method which does the
    same as checkPermission, but returns a boolean instead of throwing an
    exception. Otherwise, checking security an expensive operation for client
    applications.
    Thanks to David McDonnell <[EMAIL PROTECTED]> for suggesting
    that change.
  
  Revision  Changes    Path
  1.11      +21 -4     jakarta-slide/src/share/org/apache/slide/security/Security.java
  
  Index: Security.java
  ===================================================================
  RCS file: /home/cvs/jakarta-slide/src/share/org/apache/slide/security/Security.java,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- Security.java     2000/12/26 17:16:40     1.10
  +++ Security.java     2001/02/12 04:14:11     1.11
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/share/org/apache/slide/security/Security.java,v 1.10 
2000/12/26 17:16:40 remm Exp $
  - * $Revision: 1.10 $
  - * $Date: 2000/12/26 17:16:40 $
  + * $Header: 
/home/cvs/jakarta-slide/src/share/org/apache/slide/security/Security.java,v 1.11 
2001/02/12 04:14:11 remm Exp $
  + * $Revision: 1.11 $
  + * $Date: 2001/02/12 04:14:11 $
    *
    * ====================================================================
    *
  @@ -73,7 +73,7 @@
    * Security helper.
    * 
    * @author <a href="mailto:[EMAIL PROTECTED]">Remy Maucherat</a>
  - * @version $Revision: 1.10 $
  + * @version $Revision: 1.11 $
    */
   public interface Security {
       
  @@ -269,6 +269,23 @@
                            ActionNode action)
           throws ServiceAccessException, AccessDeniedException, 
           ObjectNotFoundException;
  +    
  +    
  +    /**
  +     * Check whether or not an actor can perform the specified activity 
  +     * on a collection.
  +     * 
  +     * @param object Object on which access is tested
  +     * @param subject Subject who seeks to perform the action
  +     * @param action Action which is to be performed
  +     * @return true if the action can be performed
  +     * @exception ServiceAccessException DataSource access error
  +     * @exception ObjectNotFoundException Specified object was not found 
  +     * in the DataSource
  +     */
  +    boolean hasPermission(ObjectNode object, SubjectNode subject, 
  +                          ActionNode action)
  +        throws ServiceAccessException, ObjectNotFoundException;
       
       
       /**
  
  
  
  1.17      +33 -8     
jakarta-slide/src/share/org/apache/slide/security/SecurityImpl.java
  
  Index: SecurityImpl.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-slide/src/share/org/apache/slide/security/SecurityImpl.java,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- SecurityImpl.java 2001/02/10 19:18:29     1.16
  +++ SecurityImpl.java 2001/02/12 04:14:11     1.17
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/share/org/apache/slide/security/SecurityImpl.java,v 1.16 
2001/02/10 19:18:29 remm Exp $
  - * $Revision: 1.16 $
  - * $Date: 2001/02/10 19:18:29 $
  + * $Header: 
/home/cvs/jakarta-slide/src/share/org/apache/slide/security/SecurityImpl.java,v 1.17 
2001/02/12 04:14:11 remm Exp $
  + * $Revision: 1.17 $
  + * $Date: 2001/02/12 04:14:11 $
    *
    * ====================================================================
    *
  @@ -75,7 +75,7 @@
    * Security helper.
    * 
    * @author <a href="mailto:[EMAIL PROTECTED]">Remy Maucherat</a>
  - * @version $Revision: 1.16 $
  + * @version $Revision: 1.17 $
    */
   public final class SecurityImpl implements Security {
       
  @@ -343,6 +343,30 @@
           throws ServiceAccessException, AccessDeniedException, 
           ObjectNotFoundException {
           
  +        if (!hasPermission(object, subject, action)) {
  +            throw new AccessDeniedException(object.getUri(), subject.getUri(),
  +                                            action.getUri());
  +        }
  +        
  +    }
  +    
  +    
  +    /**
  +     * Check whether or not an actor can perform the specified activity 
  +     * on a collection.
  +     * 
  +     * @param object Object on which access is tested
  +     * @param subject Subject who seeks to perform the action
  +     * @param action Action which is to be performed
  +     * @return true if the action can be performed
  +     * @exception ServiceAccessException DataSource access error
  +     * @exception ObjectNotFoundException Specified object was not found 
  +     * in the DataSource
  +     */
  +    public boolean hasPermission(ObjectNode object, SubjectNode subject, 
  +                                 ActionNode action)
  +        throws ServiceAccessException, ObjectNotFoundException {
  +        
           boolean granted = false;
           boolean denied = false;
           boolean rootObjectReached = false;
  @@ -438,14 +462,15 @@
           // Negative permissions have priority (if they're defined on the same
           // node)
           if (denied) {
  -            throw new AccessDeniedException(object.getUri(), subject.getUri(),
  -                                            action.getUri());
  +            return false;
           }
           
           if (!granted) {
  -            throw new AccessDeniedException(object.getUri(), subject.getUri(),
  -                                            action.getUri());
  +            return false;
           }
  +        
  +        return true;
  +        
       }

Reply via email to