aries-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cschnei...@apache.org
Subject svn commit: r1693536 - in /aries/trunk/blueprint: blueprint-authz/ blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/ blueprint-itests/src/test/java/org/apache/aries/blueprint/itests/authz/
Date Fri, 31 Jul 2015 07:29:02 GMT
Author: cschneider
Date: Fri Jul 31 07:29:02 2015
New Revision: 1693536

URL: http://svn.apache.org/r1693536
Log:
Small refactoring

Modified:
    aries/trunk/blueprint/blueprint-authz/pom.xml
    aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
    aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java
    aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
    aries/trunk/blueprint/blueprint-itests/src/test/java/org/apache/aries/blueprint/itests/authz/AuthorizationTest.java

Modified: aries/trunk/blueprint/blueprint-authz/pom.xml
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/pom.xml?rev=1693536&r1=1693535&r2=1693536&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/pom.xml (original)
+++ aries/trunk/blueprint/blueprint-authz/pom.xml Fri Jul 31 07:29:02 2015
@@ -64,7 +64,13 @@
         </dependency>
         <dependency>
             <groupId>org.apache.aries.blueprint</groupId>
-            <artifactId>org.apache.aries.blueprint.core</artifactId>
+            <artifactId>org.apache.aries.blueprint.api</artifactId>
+            <version>1.0.0</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.aries.blueprint</groupId>
+            <artifactId>blueprint-parser</artifactId>
             <version>1.0.0</version>
             <scope>provided</scope>
         </dependency>

Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java?rev=1693536&r1=1693535&r2=1693536&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
Fri Jul 31 07:29:02 2015
@@ -68,18 +68,15 @@ public class AuthorizationInterceptor im
         }
         Set<Principal> principals = subject.getPrincipals();
 
-
         for (Principal principal : principals) {
             if (roles.contains(principal.getName())) {
-                if (LOGGER.isDebugEnabled()) {
-                    LOGGER.debug("Granting access to Method: " + m + " for " + principal);
-                }
+                LOGGER.debug("Granting access to Method: {} for {}.", m, principal);
                 return null;
             }
         }
-
-        throw new AccessControlException("Method call " + m.getDeclaringClass() + "." + m.getName()
+ " denied. Roles allowed are " + roles + ". " 
-                                         + "Your principals are " + getNames(principals)
+".");
+        String msg = String.format("Method call %s.%s denied. Roles allowed are %s. Your
principals are %s.",
+                                   m.getDeclaringClass(), m.getName(), roles, getNames(principals));
+        throw new AccessControlException(msg);
     }
 
     private String getNames(Set<Principal> principals) {

Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java?rev=1693536&r1=1693535&r2=1693536&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationNsHandler.java
Fri Jul 31 07:29:02 2015
@@ -39,18 +39,26 @@ public class AuthorizationNsHandler impl
         
         if ("enable".equals(elt.getLocalName())) {
             if (!cdr.containsComponentDefinition(AuthorizationBeanProcessor.AUTH_PROCESSOR_BEAN_NAME))
{
-                MutableBeanMetadata meta = pc.createMetadata(MutableBeanMetadata.class);
-                meta.setId(AuthorizationBeanProcessor.AUTH_PROCESSOR_BEAN_NAME);
-                meta.setRuntimeClass(AuthorizationBeanProcessor.class);
-                meta.setProcessor(true);
-                MutablePassThroughMetadata cdrMeta = pc.createMetadata(MutablePassThroughMetadata.class);
-                cdrMeta.setObject(cdr);
-                meta.addProperty("cdr", cdrMeta);
-                cdr.registerComponentDefinition(meta);
+                cdr.registerComponentDefinition(authBeanProcessor(pc, cdr));
             }
         }
     }
 
+    private MutableBeanMetadata authBeanProcessor(ParserContext pc, ComponentDefinitionRegistry
cdr) {
+        MutableBeanMetadata meta = pc.createMetadata(MutableBeanMetadata.class);
+        meta.setId(AuthorizationBeanProcessor.AUTH_PROCESSOR_BEAN_NAME);
+        meta.setRuntimeClass(AuthorizationBeanProcessor.class);
+        meta.setProcessor(true);
+        meta.addProperty("cdr", passThrough(pc, cdr));
+        return meta;
+    }
+
+    private MutablePassThroughMetadata passThrough(ParserContext pc, Object o) {
+        MutablePassThroughMetadata meta = pc.createMetadata(MutablePassThroughMetadata.class);
+        meta.setObject(o);
+        return meta;
+    }
+
     public ComponentMetadata decorate(Node node, ComponentMetadata cm, ParserContext pc)
{
         if (node instanceof Element) {
             parseElement((Element)node, cm, pc);

Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java?rev=1693536&r1=1693535&r2=1693536&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
Fri Jul 31 07:29:02 2015
@@ -37,7 +37,7 @@ class SecurityAnotationParser {
     /**
      * Get the effective annotation regarding method annotations override class annotations.
      * DenyAll has highest priority then RolesAllowed and in the end PermitAll. 
-     * So the most restrictive annotation is pereferred.
+     * So the most restrictive annotation is preferred.
      * 
      * @param m Method to check
      * @return effective annotation (either DenyAll, PermitAll or RolesAllowed)

Modified: aries/trunk/blueprint/blueprint-itests/src/test/java/org/apache/aries/blueprint/itests/authz/AuthorizationTest.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-itests/src/test/java/org/apache/aries/blueprint/itests/authz/AuthorizationTest.java?rev=1693536&r1=1693535&r2=1693536&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-itests/src/test/java/org/apache/aries/blueprint/itests/authz/AuthorizationTest.java
(original)
+++ aries/trunk/blueprint/blueprint-itests/src/test/java/org/apache/aries/blueprint/itests/authz/AuthorizationTest.java
Fri Jul 31 07:29:02 2015
@@ -93,6 +93,16 @@ public class AuthorizationTest extends A
 
     @org.ops4j.pax.exam.Configuration
     public Option[] configuration() throws IOException, LoginException, BundleException {
+        return new Option[] {
+            baseOptions(),
+            CoreOptions.keepCaches(),
+            Helper.blueprintBundles(),
+            mvnBundle("org.apache.aries.blueprint", "org.apache.aries.blueprint.authz"),
+            streamBundle(testBundle()),
+        };
+    }
+
+    private InputStream testBundle() {
         InputStream testBundle = TinyBundles.bundle()
                 .set(Constants.BUNDLE_SYMBOLICNAME, "authz")
                 .add(SecuredServiceImpl.class)
@@ -101,14 +111,7 @@ public class AuthorizationTest extends A
                 .set(Constants.EXPORT_PACKAGE, SecuredService.class.getPackage().getName())
                 .set(Constants.IMPORT_PACKAGE, SecuredService.class.getPackage().getName())
                 .build(TinyBundles.withBnd());
-
-        return new Option[] {
-            baseOptions(),
-            CoreOptions.keepCaches(),
-            Helper.blueprintBundles(),
-            mvnBundle("org.apache.aries.blueprint", "org.apache.aries.blueprint.authz"),
-            streamBundle(testBundle),
-        };
+        return testBundle;
     }
     
     private final class CallUserAndAdmin implements PrivilegedAction<Void> {



Mime
View raw message