com.wooki.services.security.spring.TapestryResourceVoter.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.wooki.services.security.spring.TapestryResourceVoter.java

Introduction

Here is the source code for com.wooki.services.security.spring.TapestryResourceVoter.java

Source

//
// Copyright 2009 Robin Komiwes, Bruno Verachten, Christophe Cordenier
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//    http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

package com.wooki.services.security.spring;

import java.util.Collection;
import java.util.Map;

import javax.servlet.ServletContext;

import org.apache.tapestry5.SymbolConstants;
import org.apache.tapestry5.TapestryFilter;
import org.apache.tapestry5.internal.services.RequestImpl;
import org.apache.tapestry5.ioc.Registry;
import org.apache.tapestry5.ioc.internal.util.CollectionFactory;
import org.apache.tapestry5.ioc.services.SymbolSource;
import org.apache.tapestry5.services.ComponentEventLinkEncoder;
import org.apache.tapestry5.services.ComponentEventRequestParameters;
import org.apache.tapestry5.services.PageRenderRequestParameters;
import org.apache.tapestry5.services.RequestGlobals;
import org.apache.tapestry5.services.SessionPersistedObjectAnalyzer;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;

/**
 * This voter will be used to secure URL access authorization.
 * 
 * @author ccordenier
 */
public class TapestryResourceVoter implements AccessDecisionVoter {

    private Map<String, TapestryResourceAccessController> ac = CollectionFactory.newCaseInsensitiveMap();

    private Registry tapestryRegistry;

    private RequestGlobals globals;

    private ComponentEventLinkEncoder encoder;

    private String applicationCharset;

    private SessionPersistedObjectAnalyzer spoa;

    public TapestryResourceVoter(Map<String, TapestryResourceAccessController> configuration) {
        if (configuration != null) {
            for (String key : configuration.keySet()) {
                ac.put(key, configuration.get(key));
            }
        }
    }

    public boolean supports(ConfigAttribute attribute) {
        if (attribute.getAttribute() != null) {
            return true;
        } else {
            return false;
        }
    }

    /**
     * Initialize tapestry context for spring security.
     * 
     * @param ctx
     */
    private void initTapestry(ServletContext ctx) {
        this.tapestryRegistry = (Registry) ctx.getAttribute(TapestryFilter.REGISTRY_CONTEXT_NAME);
        this.encoder = this.tapestryRegistry.getService(ComponentEventLinkEncoder.class);
        this.spoa = this.tapestryRegistry.getService(SessionPersistedObjectAnalyzer.class);
        this.applicationCharset = this.tapestryRegistry.getService(SymbolSource.class)
                .valueForSymbol(SymbolConstants.CHARSET);
        this.globals = this.tapestryRegistry.getService(RequestGlobals.class);
    }

    /**
     * This implementation supports any type of class, because it does not query the presented
     * secure object.
     * 
     * @param clazz
     *            the secure object
     * @return always <code>true</code>
     */
    public boolean supports(Class<?> clazz) {
        if (clazz == FilterInvocation.class) {
            return true;
        }
        return false;
    }

    public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
        // Use Tapestry services to analyze the URL
        FilterInvocation fi = FilterInvocation.class.cast(object);
        if (tapestryRegistry == null) {
            initTapestry(fi.getHttpRequest().getSession().getServletContext());
        }
        RequestImpl request = new RequestImpl(fi.getHttpRequest(), applicationCharset, spoa);
        globals.storeRequestResponse(request, null);

        // Secure Render request
        PageRenderRequestParameters params = this.encoder.decodePageRenderRequest(request);
        if (params != null) {
            String logicalPageName = params.getLogicalPageName();
            if (this.ac.containsKey(logicalPageName)) {
                return this.ac.get(logicalPageName).isViewAuthorized(params) ? ACCESS_GRANTED : ACCESS_DENIED;
            }
        }

        // Secure action request
        ComponentEventRequestParameters actionParams = this.encoder.decodeComponentEventRequest(request);
        if (actionParams != null) {
            String logicalPageName = actionParams.getContainingPageName();
            if (this.ac.containsKey(logicalPageName)) {
                return this.ac.get(logicalPageName).isActionAuthorized(actionParams) ? ACCESS_GRANTED
                        : ACCESS_DENIED;
            }
        }

        return ACCESS_GRANTED;
    }

}