1 /*
2 * EL4J, the Extension Library for the J2EE, adds incremental enhancements to
3 * the spring framework, http://el4j.sf.net
4 * Copyright (C) 2006 by ELCA Informatique SA, Av. de la Harpe 22-24,
5 * 1000 Lausanne, Switzerland, http://www.elca.ch
6 *
7 * EL4J is published under the GNU Lesser General Public License (LGPL)
8 * Version 2.1. See http://www.gnu.org/licenses/
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU Lesser General Public License for more details.
14 *
15 * For alternative licensing, please contact info@elca.ch
16 */
17 package ch.elca.el4j.services.security.authorization;
18
19 import java.lang.annotation.Annotation;
20 import java.lang.reflect.Field;
21 import java.lang.reflect.Method;
22 import java.util.Collection;
23 import java.util.HashSet;
24 import java.util.Set;
25
26 import javax.annotation.security.RolesAllowed;
27
28 import org.springframework.security.access.SecurityConfig;
29
30 import ch.elca.el4j.util.metadata.Attributes;
31
32 /**
33 *
34 * This class is a Java 5 Annotation <code>Attributes</code> metadata
35 * implementation used for secure method interception.
36 * <p>This <code>Attributes</code> implementation will return security
37 * configuration for classes described using the <code>RolesAllowed</code>
38 * Java 5 annotation.</p>
39 *
40 * This class is the equivalent of Acegi Security's
41 * <code>SecurityAnnotationAttributes</code> class for the
42 * <code>RolesAllowed</code> annotation.
43 *
44 * @see org.acegisecurity.annotation.SecurityAnnotationAttributes
45 *
46 * @svnLink $Revision: 4091 $;$Date: 2010-01-15 12:21:07 +0100 (Fr, 15. Jan 2010) $;$Author: jonasha $;$URL: https://el4j.svn.sourceforge.net/svnroot/el4j/branches/el4j_3_1/el4j/framework/modules/security/src/main/java/ch/elca/el4j/services/security/authorization/RolesAllowedAnnotationAttributes.java $
47 *
48 * @author Alex Mathey (AMA)
49 */
50 public class RolesAllowedAnnotationAttributes implements Attributes {
51 /**
52 * Get the <code>RolesAllowed</code> attributes for a given target class.
53 *
54 * @param target The target method
55 *
56 * @return Collection of <code>SecurityConfig</code>
57 *
58 * @see Attributes#getAttributes
59 */
60 public Collection getAttributes(Class target) {
61 Set<SecurityConfig> attributes = new HashSet<SecurityConfig>();
62
63 for (Annotation annotation : target.getAnnotations()) {
64 // check for RolesAllowed annotations
65 if (annotation instanceof RolesAllowed) {
66 RolesAllowed attr = (RolesAllowed) annotation;
67
68 for (String auth : attr.value()) {
69 attributes.add(new SecurityConfig(auth));
70 }
71
72 break;
73 }
74 }
75
76 return attributes;
77 }
78
79 public Collection getAttributes(Class clazz, Class filter) {
80 throw new UnsupportedOperationException("Unsupported operation");
81 }
82
83 /**
84 * Get the <code>RolesAllowed</code> attributes for a given target method.
85 *
86 * @param method The target method
87 *
88 * @return Collection of <code>SecurityConfig</code>
89 *
90 * @see Attributes#getAttributes
91 */
92 public Collection getAttributes(Method method) {
93 Set<SecurityConfig> attributes = new HashSet<SecurityConfig>();
94
95 for (Annotation annotation : method.getAnnotations()) {
96 // check for RolesAllowed annotations
97 if (annotation instanceof RolesAllowed) {
98 RolesAllowed attr = (RolesAllowed) annotation;
99
100 for (String auth : attr.value()) {
101 attributes.add(new SecurityConfig(auth));
102 }
103
104 break;
105 }
106 }
107
108 return attributes;
109 }
110
111 public Collection getAttributes(Method method, Class clazz) {
112 throw new UnsupportedOperationException("Unsupported operation");
113 }
114
115 public Collection getAttributes(Field field) {
116 throw new UnsupportedOperationException("Unsupported operation");
117 }
118
119 public Collection getAttributes(Field field, Class clazz) {
120 throw new UnsupportedOperationException("Unsupported operation");
121 }
122 }