Index: topia-service/src/java/org/codelutin/topia/taas/TaasService.java diff -u topia-service/src/java/org/codelutin/topia/taas/TaasService.java:1.10 topia-service/src/java/org/codelutin/topia/taas/TaasService.java:1.11 --- topia-service/src/java/org/codelutin/topia/taas/TaasService.java:1.10 Thu Dec 20 15:12:26 2007 +++ topia-service/src/java/org/codelutin/topia/taas/TaasService.java Fri Dec 21 17:01:14 2007 @@ -24,9 +24,9 @@ * Created: 10 févr. 2006 * * @author Arnaud Thimel - * @version $Revision: 1.10 $ + * @version $Revision: 1.11 $ * - * Mise a jour: $Date: 2007-12-20 15:12:26 $ + * Mise a jour: $Date: 2007-12-21 17:01:14 $ * par : $Author: ruchaud $ */ @@ -58,10 +58,13 @@ import org.codelutin.topia.taas.entities.TaasPrincipalImpl; import org.codelutin.topia.taas.entities.TaasUserImpl; import org.codelutin.topia.taas.event.TaasAccessEntity; +import org.codelutin.topia.taas.event.TaasEntityVetoable; import org.codelutin.topia.taas.jaas.TaasConfiguration; import org.codelutin.topia.taas.jaas.TaasLoginModule; import org.codelutin.topia.taas.jaas.TaasPermission; import org.codelutin.topia.taas.jaas.TaasPolicy; +import org.codelutin.topia.taas.jaas.TaasSubject; +import org.codelutin.topia.taas.jaas.TaasSubjectImpl; /** * Service pour la sécurité @@ -69,7 +72,8 @@ * Pour utiliser le service taas, il suffit de rajouter les lignes suivantes dans * le TopiaContext.properties :

* topia.service.taas=org.codelutin.topia.taas.TaasService - * topia.service.taas.interceptor=org.codelutin.topia.taas.event.TaasEntityVetoable + * topia.service.taas.event=org.codelutin.topia.taas.event.TaasEntityVetoable + * topia.service.taas.subject=org.codelutin.topia.taas.jaas.TaasSubjectImpl * * @author julien * @@ -80,12 +84,14 @@ public static final String SERVICE_NAME = "taas"; public static final String SERVICE_LOGIN_MODULE = TaasLoginModule.class.getName(); - public static final String SERVICE_INTERCEPTOR = "topia.service.taas.interceptor"; + public static final String SERVICE_EVENT = "topia.service.taas.event"; + public static final String SERVICE_SUBJECT = "topia.service.taas.subject"; private TaasPolicy policy = new TaasPolicy(this); private TopiaContextImplementor rootContext; private TaasAccessEntity accessEntity; + private TaasSubject subject; /** * Contructeur par défaut @@ -122,12 +128,26 @@ initSecurity(rootContext); try { org.hibernate.cfg.Configuration configuration = rootContext.getHibernateConfiguration(); - String interceptorString = configuration.getProperty(SERVICE_INTERCEPTOR); - if(interceptorString != null && !"".equals(interceptorString)) { - Class interceptorClass = (Class) Class.forName(interceptorString); - Constructor interceptorConstructor = interceptorClass.getConstructor(TaasService.class); - accessEntity = interceptorConstructor.newInstance(this); + + // Récupération du paramètre pour l'événemnt + String eventString = configuration.getProperty(SERVICE_EVENT); + if(eventString != null && !"".equals(eventString)) { + Class eventClass = (Class) Class.forName(eventString); + Constructor eventConstructor = eventClass.getConstructor(TaasService.class); + accessEntity = eventConstructor.newInstance(this); + } else { + accessEntity = new TaasEntityVetoable(this); + } + + // Récupération du paramètre pour le subject + String subjectString = configuration.getProperty(SERVICE_SUBJECT); + if(subjectString != null && !"".equals(subjectString)) { + Class subjectClass = (Class) Class.forName(subjectString); + subject = subjectClass.newInstance(); + } else { + subject = new TaasSubjectImpl(); } + } catch (Exception e) { throw new SecurityException("Init security error", e); } @@ -180,14 +200,21 @@ } /** + * Permet de récupérer le subject en cours + * @return subject + */ + public Subject getSubject() { + return subject.getSubject(); + } + + /** * Permet de vérifier les authorizations sur une collection et de supprimer les données non autorisées * @param entities collection d'entités * @param actions actions * @throws SecurityException en cas d'erreur de sécurité */ public void check(Collection entities, int actions) throws SecurityException { - Subject subject = Subject.getSubject(AccessController.getContext()); - if (subject != null) { + if (getSubject() != null) { for (Iterator iterator = entities.iterator(); iterator.hasNext();) { TopiaEntity entity = iterator.next(); try { @@ -208,8 +235,7 @@ * @throws SecurityException en cas d'erreur de sécurité */ public void check(TopiaEntity entity, int actions) throws SecurityException { - Subject subject = Subject.getSubject(AccessController.getContext()); - if (subject != null) { + if (getSubject() != null) { try { AccessController.checkPermission(new TaasPermission(entity.getTopiaId(), actions)); } catch (SecurityException se) { @@ -227,8 +253,7 @@ * @throws SecurityException en cas d'erreur de sécurité */ public void checkRequestPermission(TopiaEntity entity, int actions) throws SecurityException { - Subject subject = Subject.getSubject(AccessController.getContext()); - if (subject != null) { + if (getSubject() != null) { List permissions = getRequestPermission(entity, actions); @@ -260,8 +285,7 @@ * @throws SecurityException en cas d'erreur de sécurité */ public void checkRequestPermission(Collection entities, int actions) throws SecurityException { - Subject subject = Subject.getSubject(AccessController.getContext()); - if (subject != null) { + if (getSubject() != null) { for (Iterator iterator = entities.iterator(); iterator.hasNext();) { TopiaEntity entity = iterator.next();