/** * Check the advisor stack - if anyone declares ALLOWED or NOT_ALLOWED, stop and return that, else, while they PASS, keep checking. * * @param userId * The user id. * @param function * The security function. * @param reference * The Entity reference. * @return ALLOWED or NOT_ALLOWED if an advisor makes a decision, or PASS if there are no advisors or they cannot make a decision. */ protected SecurityAdvisor.SecurityAdvice adviseIsAllowed(String userId, String function, String reference) { Stack<SecurityAdvisor> advisors = getAdvisorStack(false); if ((advisors == null) || (advisors.isEmpty())) return SecurityAdvisor.SecurityAdvice.PASS; // a Stack grows to the right - process from top to bottom for (int i = advisors.size() - 1; i >= 0; i--) { SecurityAdvisor advisor = advisors.elementAt(i); SecurityAdvisor.SecurityAdvice advice = advisor.isAllowed(userId, function, reference); if (advice != SecurityAdvisor.SecurityAdvice.PASS) { return advice; } } return SecurityAdvisor.SecurityAdvice.PASS; }