Package org.craftercms.commons.security.permissions.annotations

Class AbstractPermissionAnnotationHandler

java.lang.Object

org.craftercms.commons.security.permissions.annotations.AbstractPermissionAnnotationHandler

Direct Known Subclasses:

HasPermissionAnnotationHandler

public abstract class AbstractPermissionAnnotationHandler
extends Object

Base class for Permission Annotation Handlers.

Field Summary

Fields

Modifier and Type	Field	Description
protected final Map<Class<?>,PermissionEvaluator<?,?>>	permissionEvaluators

Constructor Summary

Constructors

Constructor	Description
AbstractPermissionAnnotationHandler(Map<Class<?>,PermissionEvaluator<?,?>> permissionEvaluators)

Method Summary

Modifier and Type	Method	Description
protected boolean	checkPermissions(Method method, HasPermission hasPermission, Object securedResource)	Checks the permissions to perform the action configured in the HasPermission to the securedResource (if any)
protected Object	getAnnotatedProtectedResource(Method method, Object[] params)	Gets the protected resource (parameter annotated with ProtectedResource) from the method parameters.
protected Map<String,Object>	getAnnotatedProtectedResourceIds(Method method, Object[] paramValues)	Gets the protected resource ids (e.g.: siteId, path) from the method parameters.
protected <T extends Annotation> T	getHasPermissionAnnotation(Method method, org.aspectj.lang.ProceedingJoinPoint pjp, Class<T> annotationType)	Get a permission annotation of the given type from the given method or its containing class if exists

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

permissionEvaluators

protected final Map<Class<?>,PermissionEvaluator<?,?>> permissionEvaluators

Constructor Details

AbstractPermissionAnnotationHandler

public AbstractPermissionAnnotationHandler(Map<Class<?>,PermissionEvaluator<?,?>> permissionEvaluators)

Method Details

getHasPermissionAnnotation

protected <T extends Annotation> T getHasPermissionAnnotation(Method method,
 org.aspectj.lang.ProceedingJoinPoint pjp,
 Class<T> annotationType)

Get a permission annotation of the given type from the given method or its containing class if exists

Type Parameters:

T - the annotation type

Parameters:

method - the method to get the annotation from

pjp - the join point

annotationType - the desired annotation type

Returns:

the annotation, or null if none found

getAnnotatedProtectedResource

protected Object getAnnotatedProtectedResource(Method method,
 Object[] params)

Gets the protected resource (parameter annotated with ProtectedResource) from the method parameters.

Parameters:

method - the method to extract protected resource from

params - the parameter values

Returns:

the protected resource, or null if none found

getAnnotatedProtectedResourceIds

protected Map<String,Object> getAnnotatedProtectedResourceIds(Method method,
 Object[] paramValues)

Gets the protected resource ids (e.g.: siteId, path) from the method parameters.

Parameters:

method - the method to extract parameters from

paramValues - the parameter values

Returns:

a map with the protected resource ids

checkPermissions

protected boolean checkPermissions(Method method,
 HasPermission hasPermission,
 Object securedResource)

Checks the permissions to perform the action configured in the HasPermission to the securedResource (if any)

Parameters:

method - the Method to secure

hasPermission - the HasPermission annotation

securedResource - the securedResource, if any

Returns:

true if the action is allowed, false otherwise