01: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
02: *
03: * Licensed under the Apache License, Version 2.0 (the "License");
04: * you may not use this file except in compliance with the License.
05: * You may obtain a copy of the License at
06: *
07: * http://www.apache.org/licenses/LICENSE-2.0
08: *
09: * Unless required by applicable law or agreed to in writing, software
10: * distributed under the License is distributed on an "AS IS" BASIS,
11: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12: * See the License for the specific language governing permissions and
13: * limitations under the License.
14: */
15: package org.acegisecurity.vote;
16:
17: import org.acegisecurity.AuthorizationServiceException;
18:
19: import org.aopalliance.intercept.MethodInvocation;
20:
21: import org.aspectj.lang.JoinPoint;
22: import org.aspectj.lang.reflect.CodeSignature;
23:
24: import org.springframework.util.Assert;
25:
26: /**
27: * <p>Provides helper methods for writing domain object ACL voters. Is not bound to any particular ACL system.</p>
28: *
29: * @author Ben Alex
30: * @version $Id: AbstractAclVoter.java 1754 2006-11-17 02:01:21Z benalex $
31: */
32: public abstract class AbstractAclVoter implements AccessDecisionVoter {
33: //~ Instance fields ================================================================================================
34:
35: private Class processDomainObjectClass;
36:
37: //~ Methods ========================================================================================================
38:
39: protected Object getDomainObjectInstance(Object secureObject) {
40: Object[] args;
41: Class[] params;
42:
43: if (secureObject instanceof MethodInvocation) {
44: MethodInvocation invocation = (MethodInvocation) secureObject;
45: params = invocation.getMethod().getParameterTypes();
46: args = invocation.getArguments();
47: } else {
48: JoinPoint jp = (JoinPoint) secureObject;
49: params = ((CodeSignature) jp.getStaticPart().getSignature())
50: .getParameterTypes();
51: args = jp.getArgs();
52: }
53:
54: for (int i = 0; i < params.length; i++) {
55: if (processDomainObjectClass.isAssignableFrom(params[i])) {
56: return args[i];
57: }
58: }
59:
60: throw new AuthorizationServiceException("Secure object: "
61: + secureObject
62: + " did not provide any argument of type: "
63: + processDomainObjectClass);
64: }
65:
66: public Class getProcessDomainObjectClass() {
67: return processDomainObjectClass;
68: }
69:
70: public void setProcessDomainObjectClass(
71: Class processDomainObjectClass) {
72: Assert.notNull(processDomainObjectClass,
73: "processDomainObjectClass cannot be set to null");
74: this .processDomainObjectClass = processDomainObjectClass;
75: }
76:
77: /**
78: * This implementation supports only <code>MethodSecurityInterceptor</code>, because it queries the
79: * presented <code>MethodInvocation</code>.
80: *
81: * @param clazz the secure object
82: *
83: * @return <code>true</code> if the secure object is <code>MethodInvocation</code>, <code>false</code> otherwise
84: */
85: public boolean supports(Class clazz) {
86: if (MethodInvocation.class.isAssignableFrom(clazz)) {
87: return true;
88: } else if (JoinPoint.class.isAssignableFrom(clazz)) {
89: return true;
90: } else {
91: return false;
92: }
93: }
94: }
|