private ForbiddenException(final Identifier identifier, final AuthenticationSession session, final boolean isVisibleAndUsabable) { super((identifier.getType() == Identifier.Type.PROPERTY_OR_COLLECTION ? "Field" : "Action") + " '" + identifier.getMemberName() + "' in " + identifier.getClassName() + " is not " + (isVisibleAndUsabable ? "visible/usable " : "visible") + " for " + session.getUserName() + " " + session.getRoles()); this.identifier = identifier; this.session = session; }
/** * The supplied method can be null; at any rate it will be ignored. */ @Override public Identifier identifierFor(final Class<?> type, final Method method) { return Identifier.classIdentifier(type); } },
public static Identifier actionIdentifier(final String declaringClassName, final String actionName, final Class<?>... parameterClasses) { return actionIdentifier(declaringClassName, actionName, classNamesOf(parameterClasses)); }
public String toNameParmsIdentityString() { return getMemberName() + toParmsIdentityString(); }
private static String buildParameterTypeKey(final Identifier identifier, final String textType, final int paramNum) { return identifier.getClassName() + "." + MEMBER_TYPE_ACTION + "." + identifier.getMemberName() + "." + MEMBER_TYPE_PARAMETER + (paramNum + 1) + "." + textType; }
/** * Convenience method that returns the {@link Identifier#getMemberName() * member name} of the {@link #getIdentifier() identifier}. * * @see #getIdentifier */ public String getMemberName() { return identifier.getMemberName(); }
/** * As per {@link #getClassName()}, but naturalized. * * @see #getIdentifier */ public String getClassName() { return identifier.getClassName(); }
@Test public void classIdentifierClassNameIsSet() { final Class<?> domainClass = SomeDomainClass.class; final String domainClassFullyQualifiedName = domainClass.getCanonicalName(); identifier = Identifier.classIdentifier(domainClass); assertThat(identifier.getClassName(), is(domainClassFullyQualifiedName)); }
@Override public String toIdentityString(final Identifier identifier) { return identifier.toNameIdentityString(); } },
private static Identifier propertyOrCollectionIdentifierFor(final Class<?> type, final Method method) { final String capitalizedName = NameUtils.javaBaseName(method.getName()); final String beanName = Introspector.decapitalize(capitalizedName); return Identifier.propertyOrCollectionIdentifier(type.getName(), beanName); }
private ObjectMember getMember(final String memberName) { final Identifier id = Identifier.fromIdentityString(memberName); final ObjectSpecification specification = getSpecificationLoader().loadSpecification(id.getClassName()); if (id.isPropertyOrCollection()) { return getAssociationElseThrowException(id, specification); } else { return getActionElseThrowException(id, specification); } }
@Override public String toIdentityString(final Identifier identifier) { return identifier.toClassIdentityString(); } },
@Override public void process(final Request request) { final RequestContext context = request.getContext(); if (context.isDebugDisabled()) { return; } final Identifier identifier = (Identifier) context.getVariable("_security-identifier"); final List<String> roles = (List<String>) context.getVariable("_security-roles"); final StringBuffer roleList = new StringBuffer(); for (final String role : roles) { if (roleList.length() > 0) { roleList.append("|"); } roleList.append(role); } request.appendHtml("<pre>"); request.appendHtml(identifier.toClassIdentityString() + ":" + roleList + "\n"); request.appendHtml(identifier.toClassAndNameIdentityString() + ":" + roleList + "\n"); request.appendHtml(identifier.toFullIdentityString() + ":" + roleList + "\n"); request.appendHtml("</pre>"); }
private static String determineActionId(final ObjectAction objectAction) { final Identifier identifier = objectAction.getIdentifier(); if (identifier != null) { return identifier.toNameParmsIdentityString(); } // fallback (used for action sets) return objectAction.getId(); }
@Override public String toIdentityString(final Identifier identifier) { return identifier.toClassAndNameIdentityString(); } },
@Override public Identifier identifierFor(final Class<?> type, final Method method) { final String fullMethodName = method.getName(); final Class<?>[] parameterTypes = method.getParameterTypes(); return Identifier.actionIdentifier(type.getName(), fullMethodName, parameterTypes); } },
private ObjectAction getAction(final List<ObjectAction> availableActions, final ActionType type, final String id) { if (id == null) { return null; } outer: for (int i = 0; i < availableActions.size(); i++) { final ObjectAction action = availableActions.get(i); if (action.getActions().size() > 0) { // deal with action set final ObjectAction a = getAction(action.getActions(), type, id); if (a != null) { return a; } } else { // regular action if (!type.matchesTypeOf(action)) { continue outer; } if (id.equals(action.getIdentifier().toNameParmsIdentityString())) { return action; } if (id.equals(action.getIdentifier().toNameIdentityString())) { return action; } continue outer; } } return null; }
@Test public void memberParameterNames() { final Class<?> domainClass = SomeDomainClass.class; identifier = Identifier.actionIdentifier(domainClass, "placeOrder", int.class, String.class); assertThat(identifier.getMemberParameterNames(), is(Arrays.asList("int", "java.lang.String"))); }
public String toFullIdentityString() { if (identityString == null) { if (memberName.length() == 0) { identityString = toClassIdentityString(); } else { final StringBuilder buf = new StringBuilder(); toClassIdentityString(buf).append("#").append(memberName); toParmsIdentityString(buf); identityString = buf.toString(); } } return identityString; }
@Test public void paramsIdentityString() { final Class<?> domainClass = SomeDomainClass.class; identifier = Identifier.actionIdentifier(domainClass, "placeOrder", int.class, String.class, BigDecimal.class); assertThat(identifier.toParmsIdentityString(), is("(int,java.lang.String,java.math.BigDecimal)")); }