org.springmodules.validation.valang.functions.InRoleFunction.java Source code

Java tutorial

Introduction

Here is the source code for org.springmodules.validation.valang.functions.InRoleFunction.java

Source

/*
 * Copyright 2004-2005 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springmodules.validation.valang.functions;

import java.util.Collection;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;

/**
 * A function that accepts a one string argument that indicates a security role.
 * This function returns a <code>true</code> if the current user is in the
 * passed in role, and <code>false</code> otherwise. <br/>
 * <br/>
 * This method uses Acegi's
 * <code>SecurityContextHolder.getContext().getAuthentication()</code> to get
 * the current user. <br/>
 * <br/>
 * This function may be used to apply different validation rules based on the
 * logged in user roles.
 * 
 * @author Uri Boness
 * @since May 25, 2006
 */
public class InRoleFunction extends AbstractFunction {

    public InRoleFunction(Function[] arguments, int line, int column) {
        super(arguments, line, column);
        definedExactNumberOfArguments(1);
    }

    protected Object doGetResult(Object target) {

        Object role = getArguments()[0].getResult(target);

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return Boolean.FALSE;
        }

        Collection<GrantedAuthority> authorities = authentication.getAuthorities();

        for (GrantedAuthority grantedAuthority : authorities) {
            if (grantedAuthority.equals(role)) {
                return Boolean.TRUE;
            }
        }

        return Boolean.FALSE;
    }

}