Example usage for org.springframework.security.access AccessDecisionVoter vote

List of usage examples for org.springframework.security.access AccessDecisionVoter vote

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.access.*
  5. AccessDecisionVoter
  6. vote

Introduction

In this page you can find the example usage for org.springframework.security.access AccessDecisionVoter vote.

Prototype

int vote(Authentication authentication, S object, Collection<ConfigAttribute> attributes);

Source Link

Document

Indicates whether or not access is granted.

Usage

From source file:grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.java

/**
 * Allow any {@link AuthenticatedVoter} to veto. If any voter denies,
 * throw an exception; if any grant, return <code>true</code>;
 * otherwise return <code>false</code> if all abstain.
 *//*from   www .  ja v a2 s.  c o m*/
@SuppressWarnings({ "rawtypes", "unchecked" })
protected boolean checkAuthenticatedVoters(final Authentication authentication, final Object object,
        final Collection<ConfigAttribute> configAttributes) {

    boolean grant = false;
    for (AccessDecisionVoter voter : getDecisionVoters()) {
        if (voter instanceof AuthenticatedVoter) {
            int result = voter.vote(authentication, object, configAttributes);
            switch (result) {
            case AccessDecisionVoter.ACCESS_GRANTED:
                grant = true;
                break;
            case AccessDecisionVoter.ACCESS_DENIED:
                deny();
                break;
            default: // abstain
                break;
            }
        }
    }
    return grant;
}

From source file:org.codehaus.groovy.grails.plugins.springsecurity.AuthenticatedVetoableDecisionManager.java

/**
 * Allow any {@link AuthenticatedVoter} to veto. If any voter denies,
 * throw an exception; if any grant, return <code>true</code>;
 * otherwise return <code>false</code> if all abstain.
 *//*from  w  ww  .j  av a2s. co m*/
private boolean checkAuthenticatedVoters(final Authentication authentication, final Object object,
        final Collection<ConfigAttribute> configAttributes) {

    boolean grant = false;
    for (AccessDecisionVoter voter : getDecisionVoters()) {
        if (voter instanceof AuthenticatedVoter) {
            int result = voter.vote(authentication, object, configAttributes);
            switch (result) {
            case AccessDecisionVoter.ACCESS_GRANTED:
                grant = true;
                break;
            case AccessDecisionVoter.ACCESS_DENIED:
                deny();
                break;
            default: // abstain
                break;
            }
        }
    }
    return grant;
}

From source file:es.osoco.grails.plugins.otp.access.TwoFactorDecisionManager.java

/**
 * Allow the {@link TwoFactorVoter} to veto. If the voter denies,
 * throw an {@link InsufficientAuthenticationException} exception;
 * if it grants, returns <code>true</code>;
 * otherwise returns <code>false</code> if it abstains.
 *//* w ww.j a va2s.c o m*/
private boolean checkTwoFactorVoter(final Authentication authentication, final Object object,
        final Collection<ConfigAttribute> configAttributes) {

    boolean grant = false;
    AccessDecisionVoter voter = getTwoFactorDecisionVoter();
    if (voter != null) {
        int result = voter.vote(authentication, object, configAttributes);
        switch (result) {
        case AccessDecisionVoter.ACCESS_GRANTED:
            grant = true;
            break;
        case AccessDecisionVoter.ACCESS_DENIED:
            twoFactorDeny();
            break;
        default: // abstain
            break;
        }
    }

    return grant;
}

From source file:grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.java

/**
 * Check the other (non-{@link AuthenticatedVoter}) voters. If any voter grants,
 * return true. If any voter denies, throw exception. Otherwise return <code>false</code>
 * to indicate that all abstained./*  www .ja v a2  s.  c om*/
 */
@SuppressWarnings({ "rawtypes", "unchecked" })
protected boolean checkOtherVoters(Authentication authentication, Object object,
        Collection<ConfigAttribute> configAttributes) {
    int denyCount = 0;
    for (AccessDecisionVoter voter : getDecisionVoters()) {
        if (voter instanceof AuthenticatedVoter) {
            continue;
        }

        int result = voter.vote(authentication, object, configAttributes);
        switch (result) {
        case AccessDecisionVoter.ACCESS_GRANTED:
            return true;
        case AccessDecisionVoter.ACCESS_DENIED:
            denyCount++;
            break;
        default: // abstain
            break;
        }
    }

    if (denyCount > 0) {
        deny();
    }

    // all abstain
    return false;
}

From source file:org.codehaus.groovy.grails.plugins.springsecurity.AuthenticatedVetoableDecisionManager.java

/**
 * Check the other (non-{@link AuthenticatedVoter}) voters. If any voter grants,
 * return true. If any voter denies, throw exception. Otherwise return <code>false</code>
 * to indicate that all abstained.// www  .  ja  va 2 s  .c o  m
 */
private boolean checkOtherVoters(Authentication authentication, Object object,
        Collection<ConfigAttribute> configAttributes) {
    int denyCount = 0;
    for (AccessDecisionVoter voter : getDecisionVoters()) {
        if (voter instanceof AuthenticatedVoter) {
            continue;
        }

        int result = voter.vote(authentication, object, configAttributes);
        switch (result) {
        case AccessDecisionVoter.ACCESS_GRANTED:
            return true;
        case AccessDecisionVoter.ACCESS_DENIED:
            denyCount++;
            break;
        default: // abstain
            break;
        }
    }

    if (denyCount > 0) {
        deny();
    }

    // all abstain
    return false;
}

From source file:org.duracloud.account.security.vote.AccountAccessDecisionVoterTest.java

private MethodInvocation createInvocation(Long id) {
    MethodInvocation inv = EasyMock.createMock("MethodInvocation", MethodInvocation.class);

    EasyMock.expect(inv.getArguments()).andReturn(new Object[0]);
    // set up acctService
    AccountService acctService = EasyMock.createMock("AccountService", AccountService.class);
    EasyMock.expect(acctService.getAccountId()).andReturn(id);

    EasyMock.replay(acctService);/*from  ww w .  ja v  a2 s . co m*/

    // set up annotation parser
    Method method = this.getClass().getMethods()[0];
    EasyMock.expect(inv.getMethod()).andReturn(method);

    Map<String, Object[]> methodMap = EasyMock.createMock("Map", Map.class);
    EasyMock.expect(methodMap.get(EasyMock.isA(String.class)))
            .andReturn(new Object[] { securityConfig.iterator().next().getAttribute() });
    EasyMock.replay(methodMap);

    AnnotationParser annotationParser = EasyMock.createMock("AnnotationParser", AnnotationParser.class);
    EasyMock.expect(
            annotationParser.getMethodAnnotationsForClass(EasyMock.isA(Class.class), EasyMock.isA(Class.class)))
            .andReturn(methodMap);
    EasyMock.replay(annotationParser);

    // set up recursive voter
    AccessDecisionVoter<MethodInvocation> subVoter = EasyMock.createMock("AccessDecisionVoter",
            AccessDecisionVoter.class);
    EasyMock.expect(subVoter.vote(EasyMock.<Authentication>anyObject(), EasyMock.<MethodInvocation>anyObject(),
            EasyMock.<Collection<ConfigAttribute>>anyObject())).andReturn(AccessDecisionVoter.ACCESS_GRANTED);
    EasyMock.replay(subVoter);
    AccountServiceSecuredImpl serviceImpl = new AccountServiceSecuredImpl(acctService, null, subVoter,
            annotationParser);

    EasyMock.expect(inv.getThis()).andReturn(serviceImpl).times(3);

    return inv;
}