src/org/jsecurity/authz/ModularRealmAuthorizer.java - jsecurity - Git at Google

 /*
  * Copyright 2005-2008 Les Hazlewood
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.jsecurity.authz;

 import org.jsecurity.authz.permission.PermissionResolver;
 import org.jsecurity.authz.permission.PermissionResolverAware;
 import org.jsecurity.realm.Realm;
 import org.jsecurity.subject.PrincipalCollection;
 import org.jsecurity.util.Initializable;

 import java.util.Collection;
 import java.util.List;

 /**
  * A <tt>ModularRealmAuthorizer</tt> is an <tt>Authorizer</tt> implementation that consults one or more configured
  * {@link Realm Realm}s during an authorization operation.
  *
  * @author Les Hazlewood
  * @since 0.2
  */
 public class ModularRealmAuthorizer implements Authorizer, Initializable, PermissionResolverAware {

     protected Collection<Realm> realms = null;
     protected PermissionResolver permissionResolver = null;

     public ModularRealmAuthorizer() {
     }

     public ModularRealmAuthorizer(List<Realm> realms) {
         setRealms(realms);
         init();
     }

     public Collection<Realm> getRealms() {
         return this.realms;
     }

     public void setRealms(Collection<Realm> realms) {
         this.realms = realms;
     }

     public PermissionResolver getPermissionResolver() {
         return permissionResolver;
     }

     public void setPermissionResolver(PermissionResolver permissionResolver) {
         this.permissionResolver = permissionResolver;
     }

     public void init() {
         Collection<Realm> realms = getRealms();
         if (realms == null || realms.isEmpty()) {
             String msg = "One or more realms must be configured.";
             throw new IllegalStateException(msg);
         }
         PermissionResolver resolver = getPermissionResolver();
         if (resolver != null) {
             for (Realm realm : realms) {
                 if (realm instanceof PermissionResolverAware) {
                     ((PermissionResolverAware) realm).setPermissionResolver(resolver);
                 }
             }
         }
     }


     public boolean isPermitted(PrincipalCollection principals, String permission) {
         for (Realm realm : getRealms()) {
             if (realm.isPermitted(principals, permission)) {
                 return true;
             }
         }
         return false;
     }

     public boolean isPermitted(PrincipalCollection principals, Permission permission) {
         for (Realm realm : getRealms()) {
             if (realm.isPermitted(principals, permission)) {
                 return true;
             }
         }
         return false;
     }

     public boolean[] isPermitted(PrincipalCollection principals, String... permissions) {
         if (permissions != null && permissions.length > 0) {
             boolean[] isPermitted = new boolean[permissions.length];
             for (int i = 0; i < permissions.length; i++) {
                 isPermitted[i] = isPermitted(principals, permissions[i]);
             }
             return isPermitted;
         }
         return new boolean[0];
     }

     public boolean[] isPermitted(PrincipalCollection principals, List<Permission> permissions) {
         if (permissions != null && !permissions.isEmpty()) {
             boolean[] isPermitted = new boolean[permissions.size()];
             int i = 0;
             for (Permission p : permissions) {
                 isPermitted[i++] = isPermitted(principals, p);
             }
             return isPermitted;
         }

         return new boolean[0];
     }

     public boolean isPermittedAll(PrincipalCollection principals, String... permissions) {
         if (permissions != null && permissions.length > 0) {
             for (String perm : permissions) {
                 if (!isPermitted(principals, perm)) {
                     return false;
                 }
             }
         }
         return true;
     }

     public boolean isPermittedAll(PrincipalCollection principals, Collection<Permission> permissions) {
         if (permissions != null && !permissions.isEmpty()) {
             for (Permission permission : permissions) {
                 if (!isPermitted(principals, permission)) {
                     return false;
                 }
             }
         }
         return true;
     }

     public void checkPermission(PrincipalCollection principals, String permission) throws AuthorizationException {
         if (!isPermitted(principals, permission)) {
             throw new UnauthorizedException("Subject does not have permission [" + permission + "]");
         }
     }

     public void checkPermission(PrincipalCollection principals, Permission permission) throws AuthorizationException {
         if (!isPermitted(principals, permission)) {
             throw new UnauthorizedException("Subject does not have permission [" + permission + "]");
         }
     }

     public void checkPermissions(PrincipalCollection principals, String... permissions) throws AuthorizationException {
         if (permissions != null && permissions.length > 0) {
             for (String perm : permissions) {
                 checkPermission(principals, perm);
             }
         }
     }

     public void checkPermissions(PrincipalCollection principals, Collection<Permission> permissions) throws AuthorizationException {
         if (permissions != null) {
             for (Permission permission : permissions) {
                 checkPermission(principals, permission);
             }
         }
     }

     public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
         for (Realm realm : getRealms()) {
             if (realm.hasRole(principals, roleIdentifier)) {
                 return true;
             }
         }
         return false;
     }

     public boolean[] hasRoles(PrincipalCollection principals, List<String> roleIdentifiers) {
         if (roleIdentifiers != null && !roleIdentifiers.isEmpty()) {
             boolean[] isPermitted = new boolean[roleIdentifiers.size()];
             int i = 0;
             for (String roleId : roleIdentifiers) {
                 isPermitted[i++] = hasRole(principals, roleId);
             }
             return isPermitted;
         }

         return new boolean[0];
     }


     public boolean hasAllRoles(PrincipalCollection principals, Collection<String> roleIdentifiers) {
         for (String roleIdentifier : roleIdentifiers) {
             if (!hasRole(principals, roleIdentifier)) {
                 return false;
             }
         }
         return true;
     }

     public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException {
         if (!hasRole(principals, role)) {
             throw new UnauthorizedException("Subject does not have role [" + role + "]");
         }
     }

     public void checkRoles(PrincipalCollection principals, Collection<String> roles) throws AuthorizationException {
         if (roles != null) {
             for (String role : roles) {
                 checkRole(principals, role);
             }
         }
     }

 }
	/*
	* Copyright 2005-2008 Les Hazlewood
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.jsecurity.authz;

	import org.jsecurity.authz.permission.PermissionResolver;
	import org.jsecurity.authz.permission.PermissionResolverAware;
	import org.jsecurity.realm.Realm;
	import org.jsecurity.subject.PrincipalCollection;
	import org.jsecurity.util.Initializable;

	import java.util.Collection;
	import java.util.List;

	/**
	* A <tt>ModularRealmAuthorizer</tt> is an <tt>Authorizer</tt> implementation that consults one or more configured
	* {@link Realm Realm}s during an authorization operation.
	*
	* @author Les Hazlewood
	* @since 0.2
	*/
	public class ModularRealmAuthorizer implements Authorizer, Initializable, PermissionResolverAware {

	protected Collection<Realm> realms = null;
	protected PermissionResolver permissionResolver = null;

	public ModularRealmAuthorizer() {
	}

	public ModularRealmAuthorizer(List<Realm> realms) {
	setRealms(realms);
	init();
	}

	public Collection<Realm> getRealms() {
	return this.realms;
	}

	public void setRealms(Collection<Realm> realms) {
	this.realms = realms;
	}

	public PermissionResolver getPermissionResolver() {
	return permissionResolver;
	}

	public void setPermissionResolver(PermissionResolver permissionResolver) {
	this.permissionResolver = permissionResolver;
	}

	public void init() {
	Collection<Realm> realms = getRealms();
	if (realms == null \|\| realms.isEmpty()) {
	String msg = "One or more realms must be configured.";
	throw new IllegalStateException(msg);
	}
	PermissionResolver resolver = getPermissionResolver();
	if (resolver != null) {
	for (Realm realm : realms) {
	if (realm instanceof PermissionResolverAware) {
	((PermissionResolverAware) realm).setPermissionResolver(resolver);
	}
	}
	}
	}


	public boolean isPermitted(PrincipalCollection principals, String permission) {
	for (Realm realm : getRealms()) {
	if (realm.isPermitted(principals, permission)) {
	return true;
	}
	}
	return false;
	}

	public boolean isPermitted(PrincipalCollection principals, Permission permission) {
	for (Realm realm : getRealms()) {
	if (realm.isPermitted(principals, permission)) {
	return true;
	}
	}
	return false;
	}

	public boolean[] isPermitted(PrincipalCollection principals, String... permissions) {
	if (permissions != null && permissions.length > 0) {
	boolean[] isPermitted = new boolean[permissions.length];
	for (int i = 0; i < permissions.length; i++) {
	isPermitted[i] = isPermitted(principals, permissions[i]);
	}
	return isPermitted;
	}
	return new boolean[0];
	}

	public boolean[] isPermitted(PrincipalCollection principals, List<Permission> permissions) {
	if (permissions != null && !permissions.isEmpty()) {
	boolean[] isPermitted = new boolean[permissions.size()];
	int i = 0;
	for (Permission p : permissions) {
	isPermitted[i++] = isPermitted(principals, p);
	}
	return isPermitted;
	}

	return new boolean[0];
	}

	public boolean isPermittedAll(PrincipalCollection principals, String... permissions) {
	if (permissions != null && permissions.length > 0) {
	for (String perm : permissions) {
	if (!isPermitted(principals, perm)) {
	return false;
	}
	}
	}
	return true;
	}

	public boolean isPermittedAll(PrincipalCollection principals, Collection<Permission> permissions) {
	if (permissions != null && !permissions.isEmpty()) {
	for (Permission permission : permissions) {
	if (!isPermitted(principals, permission)) {
	return false;
	}
	}
	}
	return true;
	}

	public void checkPermission(PrincipalCollection principals, String permission) throws AuthorizationException {
	if (!isPermitted(principals, permission)) {
	throw new UnauthorizedException("Subject does not have permission [" + permission + "]");
	}
	}

	public void checkPermission(PrincipalCollection principals, Permission permission) throws AuthorizationException {
	if (!isPermitted(principals, permission)) {
	throw new UnauthorizedException("Subject does not have permission [" + permission + "]");
	}
	}

	public void checkPermissions(PrincipalCollection principals, String... permissions) throws AuthorizationException {
	if (permissions != null && permissions.length > 0) {
	for (String perm : permissions) {
	checkPermission(principals, perm);
	}
	}
	}

	public void checkPermissions(PrincipalCollection principals, Collection<Permission> permissions) throws AuthorizationException {
	if (permissions != null) {
	for (Permission permission : permissions) {
	checkPermission(principals, permission);
	}
	}
	}

	public boolean hasRole(PrincipalCollection principals, String roleIdentifier) {
	for (Realm realm : getRealms()) {
	if (realm.hasRole(principals, roleIdentifier)) {
	return true;
	}
	}
	return false;
	}

	public boolean[] hasRoles(PrincipalCollection principals, List<String> roleIdentifiers) {
	if (roleIdentifiers != null && !roleIdentifiers.isEmpty()) {
	boolean[] isPermitted = new boolean[roleIdentifiers.size()];
	int i = 0;
	for (String roleId : roleIdentifiers) {
	isPermitted[i++] = hasRole(principals, roleId);
	}
	return isPermitted;
	}

	return new boolean[0];
	}


	public boolean hasAllRoles(PrincipalCollection principals, Collection<String> roleIdentifiers) {
	for (String roleIdentifier : roleIdentifiers) {
	if (!hasRole(principals, roleIdentifier)) {
	return false;
	}
	}
	return true;
	}

	public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException {
	if (!hasRole(principals, role)) {
	throw new UnauthorizedException("Subject does not have role [" + role + "]");
	}
	}

	public void checkRoles(PrincipalCollection principals, Collection<String> roles) throws AuthorizationException {
	if (roles != null) {
	for (String role : roles) {
	checkRole(principals, role);
	}
	}
	}

	}