aries-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cschnei...@apache.org
Subject svn commit: r1693636 - in /aries/trunk/blueprint/blueprint-authz/src: main/java/org/apache/aries/blueprint/authorization/impl/ test/java/org/apache/aries/blueprint/authorization/impl/
Date Fri, 31 Jul 2015 18:03:30 GMT
Author: cschneider
Date: Fri Jul 31 18:03:30 2015
New Revision: 1693636

URL: http://svn.apache.org/r1693636
Log:
[ARIES-1316] Make sure impl class is used at parse time as well as at runtime

Modified:
    aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java
    aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
    aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
    aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java

Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java?rev=1693636&r1=1693635&r2=1693636&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationBeanProcessor.java
Fri Jul 31 18:03:30 2015
@@ -50,7 +50,7 @@ public class AuthorizationBeanProcessor
         Class<?> c = bean.getClass();
         if (new SecurityAnotationParser().isSecured(c)) {
             LOGGER.debug("Adding annotation based authorization interceptor for bean {} with
class {}", beanName, c);
-            cdr.registerInterceptorWithComponent(beanData, new AuthorizationInterceptor());
+            cdr.registerInterceptorWithComponent(beanData, new AuthorizationInterceptor(bean.getClass()));
         }
         return bean;
     }

Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java?rev=1693636&r1=1693635&r2=1693636&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/AuthorizationInterceptor.java
Fri Jul 31 18:03:30 2015
@@ -39,6 +39,11 @@ import org.slf4j.LoggerFactory;
 
 public class AuthorizationInterceptor implements Interceptor {
     private static final Logger LOGGER = LoggerFactory.getLogger(AuthorizationInterceptor.class);
+    private Class<?> beanClass;
+
+    public AuthorizationInterceptor(Class<?> beanClass) {
+        this.beanClass = beanClass;
+    }
 
     public int getRank() {
         return 0;
@@ -52,7 +57,7 @@ public class AuthorizationInterceptor im
     }
 
     public Object preCall(ComponentMetadata cm, Method m, Object... parameters) throws Throwable
{
-        Annotation ann = new SecurityAnotationParser().getEffectiveAnnotation(m);
+        Annotation ann = new SecurityAnotationParser().getEffectiveAnnotation(beanClass,
m);
         if (ann instanceof PermitAll) {
             return null;
         }

Modified: aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java?rev=1693636&r1=1693635&r2=1693636&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/main/java/org/apache/aries/blueprint/authorization/impl/SecurityAnotationParser.java
Fri Jul 31 18:03:30 2015
@@ -42,10 +42,15 @@ class SecurityAnotationParser {
      * @param m Method to check
      * @return effective annotation (either DenyAll, PermitAll or RolesAllowed)
      */
-    Annotation getEffectiveAnnotation(Method m) {
-        Annotation classLevel = getAuthAnnotation(m.getDeclaringClass());
-        Annotation methodLevel = getAuthAnnotation(m);
-        return (methodLevel != null) ? methodLevel : classLevel;
+    Annotation getEffectiveAnnotation(Class<?> beanClass, Method m) {
+        Annotation classLevel = getAuthAnnotation(beanClass);
+        try {
+            Method beanMethod = beanClass.getMethod(m.getName(), m.getParameterTypes());
+            Annotation methodLevel = getAuthAnnotation(beanMethod);
+            return (methodLevel != null) ? methodLevel : classLevel;
+        } catch (Exception e) {
+            throw new IllegalStateException(e);
+        }
     }
 
     private Annotation getAuthAnnotation(AnnotatedElement element) {
@@ -86,4 +91,5 @@ class SecurityAnotationParser {
     private boolean isSecuredEl(AnnotatedElement element) {
         return element.isAnnotationPresent(RolesAllowed.class) || element.isAnnotationPresent(DenyAll.class);

     }
+
 }

Modified: aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java?rev=1693636&r1=1693635&r2=1693636&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java
(original)
+++ aries/trunk/blueprint/blueprint-authz/src/test/java/org/apache/aries/blueprint/authorization/impl/SecurityAnnoationParserTest.java
Fri Jul 31 18:03:30 2015
@@ -58,7 +58,7 @@ public class SecurityAnnoationParserTest
     }
 
     private Annotation getEffective(String methodName) throws NoSuchMethodException {
-        return annParser.getEffectiveAnnotation(SecuredClass.class.getMethod(methodName));
+        return annParser.getEffectiveAnnotation(SecuredClass.class, SecuredClass.class.getMethod(methodName));
     }
     
     private String[] getRoles(String methodName) throws NoSuchMethodException {



Mime
View raw message