public Collection<ConfigAttribute> extractAttributes(Secured secured) { String[] attributeTokens = secured.value(); List<ConfigAttribute> attributes = new ArrayList<>( attributeTokens.length); for (String token : attributeTokens) { attributes.add(new SecurityConfig(token)); } return attributes; } }
public Collection<ConfigAttribute> extractAttributes(Secured secured) { String[] attributeTokens = secured.value(); List<ConfigAttribute> attributes = new ArrayList<>( attributeTokens.length); for (String token : attributeTokens) { attributes.add(new SecurityConfig(token)); } return attributes; } }
@Override public boolean hasAccessToSecuredMethod(Object securedObject, String methodName, Class<?>... methodParameterTypes) { try { final Method method = securedObject.getClass().getMethod(methodName, methodParameterTypes); final Secured secured = AnnotationUtils.findAnnotation(method, Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); } catch (NoSuchMethodException ex) { throw new IllegalArgumentException("Method " + methodName + " does not exist", ex); } } }
public Collection<ConfigAttribute> extractAttributes(Secured secured) { String[] attributeTokens = secured.value(); List<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>(attributeTokens.length); for(String token : attributeTokens) { attributes.add(new SecurityConfig(token)); } return attributes; } }
@Override public boolean hasAccessToSecuredMethod(Object securedObject, String methodName, Class<?>... methodParameterTypes) { try { final Method method = securedObject.getClass().getMethod(methodName, methodParameterTypes); final Secured secured = AnnotationUtils.findAnnotation(method, Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); } catch (NoSuchMethodException ex) { throw new IllegalArgumentException("Method " + methodName + " does not exist", ex); } } }
public Collection<ConfigAttribute> extractAttributes(Secured secured) { String[] attributeTokens = secured.value(); List<ConfigAttribute> attributes = new ArrayList<>( attributeTokens.length); for (String token : attributeTokens) { attributes.add(new SecurityConfig(token)); } return attributes; } }
/** * {@inheritDoc} */ @Override public boolean hasAccessToSecuredMethod(Object securedObject, String methodName, Class<?>... methodParameterTypes) { try { final Method method = securedObject.getClass().getMethod(methodName, methodParameterTypes); final Secured secured = AnnotationUtils.findAnnotation(method, Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); } catch (NoSuchMethodException ex) { throw new IllegalArgumentException("Method " + methodName + " does not exist", ex); } }
@Override public boolean hasAccessToSecuredObject(Object securedObject) { final Secured secured = AopUtils.getTargetClass(securedObject).getAnnotation(Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); }
/** * {@inheritDoc} */ @Override public boolean hasAccessToSecuredObject(Object securedObject) { final Secured secured = AopUtils.getTargetClass(securedObject).getAnnotation(Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); }
@Override public boolean hasAccessToSecuredObject(Object securedObject) { final Secured secured = AopUtils.getTargetClass(securedObject).getAnnotation(Secured.class); Assert.notNull(secured, "securedObject did not have @Secured annotation"); return hasAccessToObject(securedObject, secured.value()); }
@Override public boolean isAccessGranted(UI ui, String beanName) { final Secured viewSecured = applicationContext.findAnnotationOnBean(beanName, Secured.class); if (viewSecured == null) { logger.trace("No @Secured annotation found on view {}. Granting access.", beanName); return true; } else { final boolean result = security.hasAnyAuthority(viewSecured.value()); logger.trace("Is access granted to view {}: {}", beanName, result); return result; } } }
@Override public boolean isAccessGranted(UI ui, String beanName) { final Secured viewSecured = applicationContext.findAnnotationOnBean(beanName, Secured.class); if (viewSecured == null) { logger.trace("No @Secured annotation found on view {}. Granting access.", beanName); return true; } else { final boolean result = security.hasAnyAuthority(viewSecured.value()); logger.trace("Is access granted to view {}: {}", beanName, result); return result; } } }
@Override public boolean passesFilter(SideBarItemDescriptor descriptor) { Secured secured = descriptor.findAnnotationOnBean(Secured.class); if (secured != null) { return vaadinSecurity.hasAnyAuthority(secured.value()); } return true; } }
@Override public void beforeEnter(BeforeEnterEvent event) { final Class<?> navigationTarget = event.getNavigationTarget(); if (navigationTarget != null) { String[] roles = AnnotationUtils.getAnnotation(navigationTarget, Secured.class) .map(s -> (s.value() != null) ? s.value() : new String[0]).orElse(null); if (roles != null) { if (!isAccessGranted(roles)) { // redirect to error event.rerouteToError(ForbiddenNavigationException.class, LocalizationProvider.localize(ForbiddenNavigationException.DEFAULT_MESSAGE, ForbiddenNavigationException.DEFAULT_MESSAGE_CODE)); } } } }
@Override public boolean isAccessGranted(String beanName, UI ui) { Secured viewSecured = applicationContext.findAnnotationOnBean(beanName, Secured.class); if ( viewSecured == null ) { return true; } else if ( security.hasAccessDecisionManager() ) { return true; // Leave decision to the second hook } else { return security.hasAnyAuthority(viewSecured.value()); } }