Example usage for org.springframework.security.acls.afterinvocation CollectionFilterer CollectionFilterer

List of usage examples for org.springframework.security.acls.afterinvocation CollectionFilterer CollectionFilterer

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.acls.afterinvocation.*
  5. CollectionFilterer
  6. CollectionFilterer

Introduction

In this page you can find the example usage for org.springframework.security.acls.afterinvocation CollectionFilterer CollectionFilterer.

Prototype

CollectionFilterer(Collection<T> collection)

Source Link

Usage

From source file:org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider.java

@SuppressWarnings("unchecked")
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config,
        Object returnedObject) throws AccessDeniedException {

    if (returnedObject == null) {
        logger.debug("Return object is null, skipping");

        return null;
    }/*from   w  w w  .jav  a 2  s.c om*/

    for (ConfigAttribute attr : config) {
        if (!this.supports(attr)) {
            continue;
        }

        // Need to process the Collection for this invocation
        Filterer filterer;

        if (returnedObject instanceof Collection) {
            filterer = new CollectionFilterer((Collection) returnedObject);
        } else if (returnedObject.getClass().isArray()) {
            filterer = new ArrayFilterer((Object[]) returnedObject);
        } else {
            throw new AuthorizationServiceException("A Collection or an array (or null) was required as the "
                    + "returnedObject, but the returnedObject was: " + returnedObject);
        }

        // Locate unauthorised Collection elements
        for (Object domainObject : filterer) {
            // Ignore nulls or entries which aren't instances of the configured domain
            // object class
            if (domainObject == null
                    || !getProcessDomainObjectClass().isAssignableFrom(domainObject.getClass())) {
                continue;
            }

            if (!hasPermission(authentication, domainObject)) {
                filterer.remove(domainObject);

                if (logger.isDebugEnabled()) {
                    logger.debug("Principal is NOT authorised for element: " + domainObject);
                }
            }
        }

        return filterer.getFilteredObject();
    }

    return returnedObject;
}