1
package org.hisp.dhis.security.vote;
4
* Copyright (c) 2004-2007, University of Oslo
7
* Redistribution and use in source and binary forms, with or without
8
* modification, are permitted provided that the following conditions are met:
9
* * Redistributions of source code must retain the above copyright notice, this
10
* list of conditions and the following disclaimer.
11
* * Redistributions in binary form must reproduce the above copyright notice,
12
* this list of conditions and the following disclaimer in the documentation
13
* and/or other materials provided with the distribution.
14
* * Neither the name of the HISP project nor the names of its contributors may
15
* be used to endorse or promote products derived from this software without
16
* specific prior written permission.
18
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
19
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
22
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
25
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
27
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30
import org.acegisecurity.Authentication;
31
import org.acegisecurity.ConfigAttribute;
32
import org.acegisecurity.ConfigAttributeDefinition;
33
import org.acegisecurity.GrantedAuthority;
34
import org.acegisecurity.vote.AccessDecisionVoter;
35
import org.apache.commons.logging.Log;
36
import org.apache.commons.logging.LogFactory;
39
* Simple AccessDecisionVoter which grants access if a specified required
40
* authority is among the configAttributes.
42
* @author Torgeir Lorange Ostby
43
* @version $Id: SimpleAccessVoter.java 6352 2008-11-20 15:49:52Z larshelg $
45
public class SimpleAccessVoter
46
implements AccessDecisionVoter
48
private static final Log LOG = LogFactory.getLog( SimpleAccessVoter.class );
50
private String requiredAuthority;
52
public void setRequiredAuthority( String requiredAuthority )
54
this.requiredAuthority = requiredAuthority;
57
// -------------------------------------------------------------------------
58
// Interface implementation
59
// -------------------------------------------------------------------------
61
public boolean supports( ConfigAttribute configAttribute )
63
return configAttribute != null && configAttribute.getAttribute() != null
64
&& configAttribute.getAttribute().equals( requiredAuthority );
67
@SuppressWarnings( "unchecked" )
68
public boolean supports( Class clazz )
73
public int vote( Authentication authentication, Object object, ConfigAttributeDefinition definition )
75
for ( GrantedAuthority authority : authentication.getAuthorities() )
77
if ( authority.getAuthority().equals( requiredAuthority ) )
79
LOG.debug( "ACCESS GRANTED [" + object.toString() + "]" );
81
return ACCESS_GRANTED;
85
LOG.debug( "ACCESS DENIED [" + object.toString() + "]" );