Index: topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityUtil.java
diff -u topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityUtil.java:1.7 topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityUtil.java:1.8
--- topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityUtil.java:1.7	Fri Oct 13 16:52:41 2006
+++ topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityUtil.java	Mon Oct 16 14:15:46 2006
@@ -24,9 +24,9 @@
 * Created: 15 févr. 2006
 *
 * @author Arnaud Thimel <thimel@codelutin.com>
-* @version $Revision: 1.7 $
+* @version $Revision: 1.8 $
 *
-* Mise a jour: $Date: 2006/10/13 16:52:41 $
+* Mise a jour: $Date: 2006/10/16 14:15:46 $
 * par : $Author: ruchaud $
 */
 
@@ -82,7 +82,7 @@
 
     public static final String TOPIA_LOGIN_MODULE = TopiaLoginModule.class.getName();
 
-    public static final String TOPIA_SECURITY_PERSISTENCE_CLASSES = "org.codelutin.topia.security.entities.authorization.HistoryImpl,org.codelutin.topia.security.entities.user.TopiaUserImpl,org.codelutin.topia.security.entities.authorization.TopiaEntityAuthorizationImpl,org.codelutin.topia.security.entities.user.TopiaGroupImpl,org.codelutin.topia.security.entities.authorization.TopiaLinkAuthorizationImpl,org.codelutin.topia.security.entities.authorization.TopiaAssociationAuthorizationImpl,org.codelutin.topia.security.entities.authorization.TopiaAuthorizationImpl";
+    public static final String TOPIA_SECURITY_PERSISTENCE_CLASSES = "org.codelutin.topia.security.entities.authorization.HistoryImpl,org.codelutin.topia.security.entities.user.TopiaUserImpl,org.codelutin.topia.security.entities.authorization.TopiaEntityAuthorizationImpl,org.codelutin.topia.security.entities.user.TopiaGroupImpl,org.codelutin.topia.security.entities.authorization.TopiaIdLinkImpl,org.codelutin.topia.security.entities.authorization.TopiaAssociationAuthorizationImpl,org.codelutin.topia.security.entities.authorization.TopiaAuthorizationImpl";
     
     /**
      * Applique un algorithme de hashage sur la chaine de caratère passée en
@@ -204,51 +204,6 @@
             return "";
         }
     }
-
-    /**
-     * Vérifie si l'utilisateur actuellement loggué a le droit d'accéder à 
-     * l'entité passée en paramètre pour les actions spécifiées.
-     * @param entientityClassty l'entité pour laquelle on vérifie les droits
-     * @param actions les actions [load, read, write, admin]
-     * @throws TopiaSecurityException
-     */
-    public static void checkPermission(Class entityClass, int actions) throws TopiaException {
-        if (log.isTraceEnabled()) {
-            log.trace("Checking permissions to entity class : " + entityClass);
-        }
-        if (entityClass == null) {
-            throw new TopiaException("Class cannot be null");
-        }
-        String topiaId = entityClass.getName() + "#*";
-        checkPermission(topiaId, actions);
-    }
-
-    /**
-     * Vérifie si l'utilisateur actuellement loggué a le droit d'accéder à 
-     * l'entité passée en paramètre pour les actions spécifiées.
-     * @param topiaId le topiaId de l'entité pour laquelle on vérifie les droits
-     * @param actions les actions [load, read, write, admin]
-     * @throws TopiaSecurityException
-     */
-    public static void checkPermission(String topiaId, int actions) throws TopiaException {
-        Subject subj = Subject.getSubject(AccessController.getContext());
-        if (subj != null) {
-            try {
-                TopiaEntityAuthorization authorization = new TopiaEntityAuthorizationImpl(
-                        topiaId, actions, subj.getPrincipals());
-                AccessController.checkPermission(new TopiaPermission(authorization));
-            } catch (AccessControlException e) {
-                throw new TopiaException("access denied to object \"" + topiaId + "\" for \"" + subj + "\"", e);
-            }
-            if (log.isTraceEnabled()) {
-                log.trace("Permission granted for entity : " + topiaId);
-            }
-        } else {
-            if(log.isWarnEnabled()) {
-                log.warn("Use doAs() and login first");
-            }
-        }
-    }
  
     /**
      * Permet de récupérer parmis la liste des principals, le principal de type

Index: topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityFactoryFilter.java
diff -u /dev/null topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityFactoryFilter.java:1.1
--- /dev/null	Mon Oct 16 14:15:51 2006
+++ topia-security/src/java/org/codelutin/topia/security/util/TopiaSecurityFactoryFilter.java	Mon Oct 16 14:15:46 2006
@@ -0,0 +1,79 @@
+/* *##%
+* Copyright (C) 2002, 2003, 2004, 2005 Code Lutin,
+*    Cédric Pineau, Benjamin Poussin,
+*
+*
+* This program is free software; you can redistribute it and/or
+* modify it under the terms of the GNU General Public License
+* as published by the Free Software Foundation; either version 2
+* of the License, or (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program; if not, write to the Free Software
+* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+*##%*/
+
+package org.codelutin.topia.security.util;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.codelutin.topia.TopiaException;
+import org.codelutin.topia.persistence.TopiaEntity;
+import org.codelutin.topia.security.TopiaSecurityManagerImpl;
+
+/**
+ * La classe permet d'encapsuler une collection d'entités et de filtrer son contenu
+ * par rapport à une permission.
+ * @author ruchaud
+ * @param <E>
+ */
+public class TopiaSecurityFactoryFilter {
+    
+    /** to use log facility, just put in your code: log.info(\"...\"); */
+    static private Log log = LogFactory.getLog(TopiaSecurityUtil.class);
+
+    private static final long serialVersionUID = 1L;
+    
+    private TopiaSecurityManagerImpl securityManager;
+    
+    public TopiaSecurityFactoryFilter(TopiaSecurityManagerImpl securityManager) {
+        super();
+        this.securityManager = securityManager;
+    }
+
+    public <E extends TopiaEntity> List<E> filter(List<E> entities, int actions) {
+        return (List<E>) filter((Collection<E>)entities, actions);
+    }
+    
+    public <E extends TopiaEntity> Collection<E> filter(Collection<E> entities, int actions) {
+        Collection<E> result = new ArrayList<E>(entities);
+        for (Iterator iterator = result.iterator(); iterator.hasNext();) {
+            TopiaEntity entity = (TopiaEntity) iterator.next();
+            try {
+                securityManager.checkPermission(entity.getTopiaId(), actions);
+            } catch (TopiaException e) {
+                iterator.remove();
+                if(log.isDebugEnabled()) {
+                    log.debug("Removed because : " + e);
+                }
+            }
+        }
+        return result;
+    }
+
+    public void filter(Collection<TopiaEntity> entities, int actions, String ... fields) {
+        //TODO: Gestion des autorisations sur les champs (cf TopiaEntityAuthorization)
+        throw new UnsupportedOperationException();
+    }
+    
+}