Add license information.

README.md

@@ -74,6 +74,9 @@ Framework also requires spring-context dependency for not spring-based projects:
 </dependency>
 ```
 
+**Components**
+![Easy-ABAC components](https://github.com/exadel-inc/activity-based-security-framework/blob/master/abac-diagram.png)
+
 **Core Attributes**
 - ```Action``` interface - to define possible actions with entity
 - ```@Access``` annotation - to define custom annotation to restrict access to entity

easy-abac-demo/pom.xml

@@ -1,4 +1,20 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright 2019-2020 the original author or authors.
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~       https://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
@@ -13,7 +29,7 @@
 
     <groupId>com.exadel.security</groupId>
     <artifactId>easy-abac-demo</artifactId>
-    <version>1.0-RC2</version>
+    <version>1.0-RC3</version>
 
     <name>easy-abac-demo</name>
     <description>easy-abac implementation example</description>

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/DemoApplication.java

@@ -1,3 +1,19 @@
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.exadel.easyabac.demo;
 
 import com.exadel.easyabac.aspect.AbacConfiguration;

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/configuration/SecurityConfig.java

@@ -1,3 +1,19 @@
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.exadel.easyabac.demo.configuration;
 
 import org.springframework.context.annotation.Configuration;
@@ -19,7 +35,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
-                .antMatchers("/*", "/welcome", "/login-as-user", "/login-as-administrator").permitAll()
+                .antMatchers("/*", "/welcome", "/login-as-admin", "/login-as-ba", "/login-as-dev").permitAll()
                 .anyRequest()
                 .authenticated();
     }

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/controller/ProjectController.java

@@ -1,19 +1,32 @@
-package com.exadel.easyabac.demo.controller;
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 
-import static com.exadel.easyabac.demo.security.model.project.ProjectAction.DELETE;
-import static com.exadel.easyabac.demo.security.model.project.ProjectAction.UPDATE;
-import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
+package com.exadel.easyabac.demo.controller;
 
 import com.exadel.easyabac.demo.security.model.project.ProjectAccess;
 import com.exadel.easyabac.demo.security.model.project.ProjectId;
 import com.exadel.easyabac.model.annotation.ProtectedResource;
 import com.exadel.easyabac.model.annotation.PublicResource;
-
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import static com.exadel.easyabac.demo.security.model.project.ProjectAction.*;
+
 /**
  * Sample controller for Project entity.
  *
@@ -29,24 +42,28 @@ public class ProjectController {
     @ProjectAccess(VIEW)
     @RequestMapping
     public ResponseEntity get(@ProjectId @PathVariable("projectId") Long projectId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId);
     }
 
     @ProjectAccess(UPDATE)
     @RequestMapping("/update")
     public ResponseEntity update(@ProjectId @PathVariable("projectId") Long projectId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId);
     }
 
     @ProjectAccess(DELETE)
     @RequestMapping("/delete")
     public ResponseEntity delete(@ProjectId @PathVariable("projectId") Long projectId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId);
     }
 
     @PublicResource
     @RequestMapping("/public-info")
     public ResponseEntity getPublicInfo() {
         return ResponseEntity.ok().build();
     }
+
+    private ResponseEntity getResponse(Long projectId) {
+        return ResponseEntity.ok(String.format("Project[id=%s]", projectId));
+    }
 }

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/controller/StoryController.java

@@ -1,19 +1,34 @@
-package com.exadel.easyabac.demo.controller;
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 
-import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
+package com.exadel.easyabac.demo.controller;
 
 import com.exadel.easyabac.demo.security.model.project.ProjectAccess;
 import com.exadel.easyabac.demo.security.model.project.ProjectId;
 import com.exadel.easyabac.demo.security.model.story.StoryAccess;
 import com.exadel.easyabac.demo.security.model.story.StoryAction;
 import com.exadel.easyabac.demo.security.model.story.StoryId;
 import com.exadel.easyabac.model.annotation.ProtectedResource;
-
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
+
 /**
  * Sample controller for Story entity.
  *
@@ -31,14 +46,18 @@ public class StoryController {
     public ResponseEntity get(
             @ProjectId @PathVariable("projectId") Long projectId,
             @StoryId @PathVariable("storyId") Long storyId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId, storyId);
     }
 
     @StoryAccess(StoryAction.UPDATE)
     @RequestMapping("/update")
     public ResponseEntity update(
             @ProjectId @PathVariable("projectId") Long projectId,
             @StoryId @PathVariable("storyId") Long storyId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId, storyId);
+    }
+
+    private ResponseEntity getResponse(Long projectId, Long storyId) {
+        return ResponseEntity.ok(String.format("Project[id=%s], Story[id=%s]", projectId, storyId));
     }
 }

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/controller/TaskController.java

@@ -1,6 +1,20 @@
-package com.exadel.easyabac.demo.controller;
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 
-import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
+package com.exadel.easyabac.demo.controller;
 
 import com.exadel.easyabac.demo.security.model.project.ProjectAccess;
 import com.exadel.easyabac.demo.security.model.project.ProjectId;
@@ -11,12 +25,13 @@
 import com.exadel.easyabac.demo.security.model.task.TaskAction;
 import com.exadel.easyabac.demo.security.model.task.TaskId;
 import com.exadel.easyabac.model.annotation.ProtectedResource;
-
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import static com.exadel.easyabac.demo.security.model.project.ProjectAction.VIEW;
+
 /**
  * Sample controller for Task entity.
  *
@@ -36,7 +51,7 @@ public ResponseEntity get(
             @ProjectId @PathVariable("projectId") Long projectId,
             @StoryId @PathVariable("storyId") Long storyId,
             @TaskId @PathVariable("taskId") Long taskId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId, storyId, taskId);
     }
 
     @TaskAccess(TaskAction.UPDATE)
@@ -45,6 +60,10 @@ public ResponseEntity update(
             @ProjectId @PathVariable("projectId") Long projectId,
             @StoryId @PathVariable("storyId") Long storyId,
             @TaskId @PathVariable("taskId") Long taskId) {
-        return ResponseEntity.ok().build();
+        return getResponse(projectId, storyId, taskId);
+    }
+
+    private ResponseEntity getResponse(Long projectId, Long storyId, Long taskId) {
+        return ResponseEntity.ok(String.format("Project[id=%s], Story[id=%s], Task[id=%s]", projectId, storyId, taskId));
     }
 }

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/controller/WelcomeController.java

@@ -1,3 +1,19 @@
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.exadel.easyabac.demo.controller;
 
 import com.exadel.easyabac.demo.security.authorization.DemoAuthorization;

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/exception/AccessException.java

@@ -1,3 +1,19 @@
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.exadel.easyabac.demo.exception;
 
 import com.exadel.easyabac.demo.security.model.AccessResponse;

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/handler/RestExceptionHandler.java

@@ -1,3 +1,19 @@
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.exadel.easyabac.demo.handler;
 
 import com.exadel.easyabac.demo.exception.AccessException;

easy-abac-demo/src/main/java/com/exadel/easyabac/demo/security/action/ActionProvider.java

@@ -0,0 +1,53 @@
+/*
+ * Copyright 2019-2020 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *       https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.exadel.easyabac.demo.security.action;
+
+import com.exadel.easyabac.model.core.Action;
+
+import java.lang.reflect.ParameterizedType;
+import java.util.Set;
+
+/**
+ * Example of entity action provider.
+ *
+ * @param <T> the type parameter
+ * @author Gleb Bondarchuk
+ * @author Igor Sych
+ * @since 1.0-RC1
+ */
+public interface ActionProvider<T extends Action> {
+
+    /**
+     * Example of generic method to fetch actions by particular type.
+     *
+     * @param entityId the entity identifier
+     * @return the available actions for entity
+     */
+    Set<T> getAvailableActions(Long entityId);
+
+    /**
+     * Check whether provider accepts action type.
+     *
+     * @param actionType the action type
+     * @return true if accepts, false otherwise
+     */
+    @SuppressWarnings("unchecked")
+    default boolean accepts(Class<?> actionType) {
+        Class<T> type = (Class<T>) ((ParameterizedType) getClass().getGenericInterfaces()[0]).getActualTypeArguments()[0];
+        return actionType.equals(type);
+    }
+}