Skip to content

Commit

Permalink
Add license information.
Browse files Browse the repository at this point in the history
  • Loading branch information
gbondarchuk9 committed May 13, 2020
1 parent 134e3b1 commit 8bbff58
Show file tree
Hide file tree
Showing 64 changed files with 1,222 additions and 185 deletions.
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,9 @@ Framework also requires spring-context dependency for not spring-based projects:
</dependency>
```

**Components**
![Easy-ABAC components](https://github.com/exadel-inc/activity-based-security-framework/blob/master/abac-diagram.png)

**Core Attributes**
- ```Action``` interface - to define possible actions with entity
- ```@Access``` annotation - to define custom annotation to restrict access to entity
Expand Down
Binary file added abac-diagram.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
18 changes: 17 additions & 1 deletion easy-abac-demo/pom.xml
Original file line number Diff line number Diff line change
@@ -1,4 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2019-2020 the original author or authors.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ https://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

Expand All @@ -13,7 +29,7 @@

<groupId>com.exadel.security</groupId>
<artifactId>easy-abac-demo</artifactId>
<version>1.0-RC2</version>
<version>1.0-RC3</version>

<name>easy-abac-demo</name>
<description>easy-abac implementation example</description>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.exadel.easyabac.demo;

import com.exadel.easyabac.aspect.AbacConfiguration;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.exadel.easyabac.demo.configuration;

import org.springframework.context.annotation.Configuration;
Expand All @@ -19,7 +35,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/*", "/welcome", "/login-as-user", "/login-as-administrator").permitAll()
.antMatchers("/*", "/welcome", "/login-as-admin", "/login-as-ba", "/login-as-dev").permitAll()
.anyRequest()
.authenticated();
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,19 +1,32 @@
package com.exadel.easyabac.demo.controller;
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

import static com.exadel.easyabac.demo.security.model.project.ProjectAction.DELETE;
import static com.exadel.easyabac.demo.security.model.project.ProjectAction.UPDATE;
import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
package com.exadel.easyabac.demo.controller;

import com.exadel.easyabac.demo.security.model.project.ProjectAccess;
import com.exadel.easyabac.demo.security.model.project.ProjectId;
import com.exadel.easyabac.model.annotation.ProtectedResource;
import com.exadel.easyabac.model.annotation.PublicResource;

import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import static com.exadel.easyabac.demo.security.model.project.ProjectAction.*;

/**
* Sample controller for Project entity.
*
Expand All @@ -29,24 +42,28 @@ public class ProjectController {
@ProjectAccess(VIEW)
@RequestMapping
public ResponseEntity get(@ProjectId @PathVariable("projectId") Long projectId) {
return ResponseEntity.ok().build();
return getResponse(projectId);
}

@ProjectAccess(UPDATE)
@RequestMapping("/update")
public ResponseEntity update(@ProjectId @PathVariable("projectId") Long projectId) {
return ResponseEntity.ok().build();
return getResponse(projectId);
}

@ProjectAccess(DELETE)
@RequestMapping("/delete")
public ResponseEntity delete(@ProjectId @PathVariable("projectId") Long projectId) {
return ResponseEntity.ok().build();
return getResponse(projectId);
}

@PublicResource
@RequestMapping("/public-info")
public ResponseEntity getPublicInfo() {
return ResponseEntity.ok().build();
}

private ResponseEntity getResponse(Long projectId) {
return ResponseEntity.ok(String.format("Project[id=%s]", projectId));
}
}
Original file line number Diff line number Diff line change
@@ -1,19 +1,34 @@
package com.exadel.easyabac.demo.controller;
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
package com.exadel.easyabac.demo.controller;

import com.exadel.easyabac.demo.security.model.project.ProjectAccess;
import com.exadel.easyabac.demo.security.model.project.ProjectId;
import com.exadel.easyabac.demo.security.model.story.StoryAccess;
import com.exadel.easyabac.demo.security.model.story.StoryAction;
import com.exadel.easyabac.demo.security.model.story.StoryId;
import com.exadel.easyabac.model.annotation.ProtectedResource;

import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;

/**
* Sample controller for Story entity.
*
Expand All @@ -31,14 +46,18 @@ public class StoryController {
public ResponseEntity get(
@ProjectId @PathVariable("projectId") Long projectId,
@StoryId @PathVariable("storyId") Long storyId) {
return ResponseEntity.ok().build();
return getResponse(projectId, storyId);
}

@StoryAccess(StoryAction.UPDATE)
@RequestMapping("/update")
public ResponseEntity update(
@ProjectId @PathVariable("projectId") Long projectId,
@StoryId @PathVariable("storyId") Long storyId) {
return ResponseEntity.ok().build();
return getResponse(projectId, storyId);
}

private ResponseEntity getResponse(Long projectId, Long storyId) {
return ResponseEntity.ok(String.format("Project[id=%s], Story[id=%s]", projectId, storyId));
}
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,20 @@
package com.exadel.easyabac.demo.controller;
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
package com.exadel.easyabac.demo.controller;

import com.exadel.easyabac.demo.security.model.project.ProjectAccess;
import com.exadel.easyabac.demo.security.model.project.ProjectId;
Expand All @@ -11,12 +25,13 @@
import com.exadel.easyabac.demo.security.model.task.TaskAction;
import com.exadel.easyabac.demo.security.model.task.TaskId;
import com.exadel.easyabac.model.annotation.ProtectedResource;

import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;

/**
* Sample controller for Task entity.
*
Expand All @@ -36,7 +51,7 @@ public ResponseEntity get(
@ProjectId @PathVariable("projectId") Long projectId,
@StoryId @PathVariable("storyId") Long storyId,
@TaskId @PathVariable("taskId") Long taskId) {
return ResponseEntity.ok().build();
return getResponse(projectId, storyId, taskId);
}

@TaskAccess(TaskAction.UPDATE)
Expand All @@ -45,6 +60,10 @@ public ResponseEntity update(
@ProjectId @PathVariable("projectId") Long projectId,
@StoryId @PathVariable("storyId") Long storyId,
@TaskId @PathVariable("taskId") Long taskId) {
return ResponseEntity.ok().build();
return getResponse(projectId, storyId, taskId);
}

private ResponseEntity getResponse(Long projectId, Long storyId, Long taskId) {
return ResponseEntity.ok(String.format("Project[id=%s], Story[id=%s], Task[id=%s]", projectId, storyId, taskId));
}
}
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.exadel.easyabac.demo.controller;

import com.exadel.easyabac.demo.security.authorization.DemoAuthorization;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.exadel.easyabac.demo.exception;

import com.exadel.easyabac.demo.security.model.AccessResponse;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.exadel.easyabac.demo.handler;

import com.exadel.easyabac.demo.exception.AccessException;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
/*
* Copyright 2019-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.exadel.easyabac.demo.security.action;

import com.exadel.easyabac.model.core.Action;

import java.lang.reflect.ParameterizedType;
import java.util.Set;

/**
* Example of entity action provider.
*
* @param <T> the type parameter
* @author Gleb Bondarchuk
* @author Igor Sych
* @since 1.0-RC1
*/
public interface ActionProvider<T extends Action> {

/**
* Example of generic method to fetch actions by particular type.
*
* @param entityId the entity identifier
* @return the available actions for entity
*/
Set<T> getAvailableActions(Long entityId);

/**
* Check whether provider accepts action type.
*
* @param actionType the action type
* @return true if accepts, false otherwise
*/
@SuppressWarnings("unchecked")
default boolean accepts(Class<?> actionType) {
Class<T> type = (Class<T>) ((ParameterizedType) getClass().getGenericInterfaces()[0]).getActualTypeArguments()[0];
return actionType.equals(type);
}
}

0 comments on commit 8bbff58

Please sign in to comment.