1
package org.hisp.dhis.security.authority;
4
* Copyright (c) 2004-2007, University of Oslo
7
* Redistribution and use in source and binary forms, with or without
8
* modification, are permitted provided that the following conditions are met:
9
* * Redistributions of source code must retain the above copyright notice, this
10
* list of conditions and the following disclaimer.
11
* * Redistributions in binary form must reproduce the above copyright notice,
12
* this list of conditions and the following disclaimer in the documentation
13
* and/or other materials provided with the distribution.
14
* * Neither the name of the HISP project nor the names of its contributors may
15
* be used to endorse or promote products derived from this software without
16
* specific prior written permission.
18
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
19
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
22
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
25
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
27
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30
import java.util.Collection;
31
import java.util.Collections;
32
import java.util.HashSet;
35
import java.util.StringTokenizer;
37
import org.acegisecurity.ConfigAttributeDefinition;
38
import org.acegisecurity.SecurityConfig;
39
import org.acegisecurity.intercept.ObjectDefinitionSource;
40
import org.hisp.dhis.security.intercept.SingleObjectDefinitionSource;
42
import com.opensymphony.xwork.config.entities.ActionConfig;
45
* @author Torgeir Lorange Ostby
46
* @version $Id: DefaultRequiredAuthoritiesProvider.java 3160 2007-03-24 20:15:06Z torgeilo $
48
public class DefaultRequiredAuthoritiesProvider
49
implements RequiredAuthoritiesProvider
51
// -------------------------------------------------------------------------
53
// -------------------------------------------------------------------------
55
private String requiredAuthoritiesKey;
57
public void setRequiredAuthoritiesKey( String requiredAuthoritiesKey )
59
this.requiredAuthoritiesKey = requiredAuthoritiesKey;
62
private Set<String> globalAttributes = Collections.emptySet();
64
public void setGlobalAttributes( Set<String> globalAttributes )
66
this.globalAttributes = globalAttributes;
69
// -------------------------------------------------------------------------
70
// RequiredAuthoritiesProvider implementation
71
// -------------------------------------------------------------------------
73
public ObjectDefinitionSource createObjectDefinitionSource( ActionConfig actionConfig )
75
return createObjectDefinitionSource( actionConfig, actionConfig );
78
public ObjectDefinitionSource createObjectDefinitionSource( ActionConfig actionConfig, Object object )
80
Collection<String> requiredAuthorities = getRequiredAuthorities( actionConfig );
82
ConfigAttributeDefinition attributes = new ConfigAttributeDefinition();
84
for ( String requiredAuthority : requiredAuthorities )
86
attributes.addConfigAttribute( new SecurityConfig( requiredAuthority ) );
89
for ( String globalAttribute : globalAttributes )
91
attributes.addConfigAttribute( new SecurityConfig( globalAttribute ) );
94
return new SingleObjectDefinitionSource( object, attributes );
97
@SuppressWarnings( "unchecked" )
98
public Collection<String> getRequiredAuthorities( ActionConfig actionConfig )
100
final Map<String, String> staticParams = actionConfig.getParams();
102
if ( staticParams == null || !staticParams.containsKey( requiredAuthoritiesKey ) )
104
return Collections.emptySet();
107
final String param = staticParams.get( requiredAuthoritiesKey );
109
HashSet<String> requiredAuthorities = new HashSet<String>();
111
StringTokenizer t = new StringTokenizer( param, "\t\n\r ," );
113
while ( t.hasMoreTokens() )
115
requiredAuthorities.add( t.nextToken() );
118
return requiredAuthorities;