This repository has been archived by the owner on Nov 9, 2017. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 57
/
SmartEntitySecurityListener.java
79 lines (71 loc) · 2.42 KB
/
SmartEntitySecurityListener.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package org.zanata.security;
import java.util.Arrays;
import java.util.List;
import javax.persistence.PostLoad;
import javax.persistence.PrePersist;
import javax.persistence.PreRemove;
import javax.persistence.PreUpdate;
import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.security.EntityAction;
import org.jboss.seam.security.EntitySecurityListener;
import org.jboss.seam.security.Identity;
import org.zanata.annotation.EntityRestrict;
/**
* Overrides EntitySecurityListener to avoid calling
* EntityPermissionChecker.instance() when security is disabled, which leads to
* problems if there is no active Seam application context (in tests).
*
* @author Sean Flanigan <a
* href="mailto:sflaniga@redhat.com">sflaniga@redhat.com</a>
*
*/
public class SmartEntitySecurityListener extends EntitySecurityListener {
@PostLoad
public void postLoad(Object entity) {
if (Identity.isSecurityEnabled()) {
if (isEntityRestricted(entity, EntityAction.READ)) {
super.postLoad(entity);
}
}
}
@PrePersist
public void prePersist(Object entity) {
if (Identity.isSecurityEnabled()) {
if (isEntityRestricted(entity, EntityAction.INSERT)) {
super.prePersist(entity);
}
}
}
@PreUpdate
public void preUpdate(Object entity) {
if (Identity.isSecurityEnabled()) {
if (isEntityRestricted(entity, EntityAction.UPDATE)) {
super.preUpdate(entity);
}
}
}
@PreRemove
public void preRemove(Object entity) {
if (Identity.isSecurityEnabled()) {
if (isEntityRestricted(entity, EntityAction.DELETE)) {
super.preRemove(entity);
}
}
}
private static boolean
isEntityRestricted(Object entity, EntityAction action) {
EntityRestrict entityRestrict =
entity.getClass().getAnnotation(EntityRestrict.class);
if (entityRestrict != null) {
List<EntityAction> restrictedActions = Arrays.asList(
entityRestrict.value());
if (restrictedActions.isEmpty() || restrictedActions.contains(action)) {
return true; // restricted
} else {
return false; // not restricted
}
} else {
return false; // restricted, just not specifically
}
}
}