/** * Create bindings for entity class to its permission checks. * @param dictionary the entity dictionary to look up permissions from * @param cls entity class * @param fieldOrMethodList list of fields/methods */ public EntityPermissions(EntityDictionary dictionary, Class<?> cls, Collection<AccessibleObject> fieldOrMethodList) { this.dictionary = dictionary; for (Class<? extends Annotation> annotationClass : PERMISSION_ANNOTATIONS) { final Map<String, ParseTree> fieldPermissions = new HashMap<>(); fieldOrMethodList.stream() .forEach(member -> bindMemberPermissions(fieldPermissions, member, annotationClass)); if (annotationClass != SharePermission.class) { ParseTree classPermission = bindClassPermissions(cls, annotationClass); if (classPermission != null || !fieldPermissions.isEmpty()) { bindings.put(annotationClass, new AnnotationBinding(classPermission, fieldPermissions)); } } } }
/** * Gets the specified permission definition (if any) at the class level. * * @param resourceClass the entity to check * @param annotationClass the permission to look for * @return a {@code ParseTree} expressing the permissions, if one exists * or {@code null} if the permission is not specified at a class level */ public ParseTree getPermissionsForClass(Class<?> resourceClass, Class<? extends Annotation> annotationClass) { EntityBinding binding = getEntityBinding(resourceClass); return binding.entityPermissions.getClassChecksForPermission(annotationClass); }
/** * Gets the specified permission definition (if any) at the class level. * * @param resourceClass the entity to check * @param field the field to inspect * @param annotationClass the permission to look for * @return a {@code ParseTree} expressing the permissions, if one exists * or {@code null} if the permission is not specified on that field */ public ParseTree getPermissionsForField(Class<?> resourceClass, String field, Class<? extends Annotation> annotationClass) { EntityBinding binding = getEntityBinding(resourceClass); return binding.entityPermissions.getFieldChecksForPermission(field, annotationClass); }
private ParseTree bindClassPermissions(Class<?> cls, Class<? extends Annotation> annotationClass) { Annotation annotation = EntityDictionary.getFirstAnnotation(cls, Arrays.asList(annotationClass)); return (annotation == null) ? null : getPermissionExpressionTree(annotationClass, annotation); }
/** * Determine if a given (entity class, permission) pair have any permissions defined. * * @param resourceClass the entity class * @param annotationClass the permission annotation * @return {@code true} if that permission is defined anywhere within the class */ public boolean entityHasChecksForPermission(Class<?> resourceClass, Class<? extends Annotation> annotationClass) { EntityBinding binding = getEntityBinding(resourceClass); return binding.entityPermissions.hasChecksForPermission(annotationClass); }
private ParseTree getPermissionExpressionTree(Class<? extends Annotation> annotationClass, Annotation annotation) { try { String expression = (String) annotationClass.getMethod("expression").invoke(annotation); boolean hasExpression = !expression.isEmpty(); if (!hasExpression) { log.warn("Poorly configured permission: {} {}", annotationClass.getName(), "no checks specified."); throw new IllegalArgumentException("Poorly configured permission '" + annotationClass.getName() + "'"); } return parseExpression(expression); } catch (ReflectiveOperationException e) { log.warn("Unknown permission: {}, {}", annotationClass.getName(), e); throw new IllegalArgumentException("Unknown permission '" + annotationClass.getName() + "'", e); } }
entityPermissions = new EntityPermissions(dictionary, cls, fieldOrMethodList);
private ParseTree bindClassPermissions(Class<?> cls, Class<? extends Annotation> annotationClass) { Annotation annotation = EntityDictionary.getFirstAnnotation(cls, Arrays.asList(annotationClass)); return (annotation == null) ? null : getPermissionExpressionTree(annotationClass, annotation); }
/** * Determine if a given (entity class, permission) pair have any permissions defined. * * @param resourceClass the entity class * @param annotationClass the permission annotation * @return {@code true} if that permission is defined anywhere within the class */ public boolean entityHasChecksForPermission(Class<?> resourceClass, Class<? extends Annotation> annotationClass) { EntityBinding binding = getEntityBinding(resourceClass); return binding.entityPermissions.hasChecksForPermission(annotationClass); }
private ParseTree getPermissionExpressionTree(Class<? extends Annotation> annotationClass, Annotation annotation) { try { String expression = (String) annotationClass.getMethod("expression").invoke(annotation); boolean hasExpression = !expression.isEmpty(); if (!hasExpression) { log.warn("Poorly configured permission: {} {}", annotationClass.getName(), "no checks specified."); throw new IllegalArgumentException("Poorly configured permission '" + annotationClass.getName() + "'"); } return parseExpression(expression); } catch (ReflectiveOperationException e) { log.warn("Unknown permission: {}, {}", annotationClass.getName(), e); throw new IllegalArgumentException("Unknown permission '" + annotationClass.getName() + "'", e); } }
entityPermissions = new EntityPermissions(dictionary, cls, fieldOrMethodList);
/** * Create bindings for entity class to its permission checks. * @param dictionary the entity dictionary to look up permissions from * @param cls entity class * @param fieldOrMethodList list of fields/methods */ public EntityPermissions(EntityDictionary dictionary, Class<?> cls, Collection<AccessibleObject> fieldOrMethodList) { this.dictionary = dictionary; for (Class<? extends Annotation> annotationClass : PERMISSION_ANNOTATIONS) { final Map<String, ParseTree> fieldPermissions = new HashMap<>(); fieldOrMethodList.stream() .forEach(member -> bindMemberPermissions(fieldPermissions, member, annotationClass)); if (annotationClass != SharePermission.class) { ParseTree classPermission = bindClassPermissions(cls, annotationClass); if (classPermission != null || !fieldPermissions.isEmpty()) { bindings.put(annotationClass, new AnnotationBinding(classPermission, fieldPermissions)); } } } }
private void bindMemberPermissions(Map<String, ParseTree> fieldPermissions, AccessibleObject field, Class<? extends Annotation> annotationClass) { Annotation annotation = field.getAnnotation(annotationClass); if (annotation != null) { ParseTree permissions = getPermissionExpressionTree(annotationClass, annotation); fieldPermissions.put(EntityBinding.getFieldName(field), permissions); } }
/** * Gets the specified permission definition (if any) at the class level. * * @param resourceClass the entity to check * @param annotationClass the permission to look for * @return a {@code ParseTree} expressing the permissions, if one exists * or {@code null} if the permission is not specified at a class level */ public ParseTree getPermissionsForClass(Class<?> resourceClass, Class<? extends Annotation> annotationClass) { EntityBinding binding = getEntityBinding(resourceClass); return binding.entityPermissions.getClassChecksForPermission(annotationClass); }
/** * Gets the specified permission definition (if any) at the class level. * * @param resourceClass the entity to check * @param field the field to inspect * @param annotationClass the permission to look for * @return a {@code ParseTree} expressing the permissions, if one exists * or {@code null} if the permission is not specified on that field */ public ParseTree getPermissionsForField(Class<?> resourceClass, String field, Class<? extends Annotation> annotationClass) { EntityBinding binding = getEntityBinding(resourceClass); return binding.entityPermissions.getFieldChecksForPermission(field, annotationClass); }
private void bindMemberPermissions(Map<String, ParseTree> fieldPermissions, AccessibleObject field, Class<? extends Annotation> annotationClass) { Annotation annotation = field.getAnnotation(annotationClass); if (annotation != null) { ParseTree permissions = getPermissionExpressionTree(annotationClass, annotation); fieldPermissions.put(EntityBinding.getFieldName(field), permissions); } }