net.gplatform.sudoor.server.security.model.DefaultPermissionEvaluator.java Source code

Java tutorial

  1. HOME
  2. Java
  3. net.gplatform.sudoor.server.security.model.DefaultPermissionEvaluator.java

Introduction

Here is the source code for net.gplatform.sudoor.server.security.model.DefaultPermissionEvaluator.java

Source

package net.gplatform.sudoor.server.security.model;

/*
 * #%L
 * sudoor-server-lib
 * %%
 * Copyright (C) 2013 - 2014 Shark Xu
 * %%
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as
 * published by the Free Software Foundation, either version 2 of the
 * License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public
 * License along with this program.  If not, see
 * <http://www.gnu.org/licenses/gpl-2.0.html>.
 * #L%
 */

import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.Expression;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

/**
 * Created by Administrator on 14-1-15.
 */

@Component
@ConfigurationProperties(prefix = "sudoor.permissionevaluator.default")
public class DefaultPermissionEvaluator implements PermissionEvaluator {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultPermissionEvaluator.class);

    public static final String CONFIG_EXPRESSION_PREFIX = "expression.";

    private Properties properties;

    private ExpressionParser parser = new SpelExpressionParser();
    private EvaluationContext context = new StandardEvaluationContext();
    private Map<String, Map<Object, Expression>> expressions = new HashMap<String, Map<Object, Expression>>();

    public Properties getProperties() {
        return properties;
    }

    public void setProperties(Properties properties) {
        this.properties = properties;
    }

    /**
     * Find the expression string recursively from the config file
     * 
     * @param name
     * @param permission
     * @return
     */
    public String getExpressionString(String name, Object permission) {
        String expression = properties.getProperty(CONFIG_EXPRESSION_PREFIX + name + "." + permission);

        //Get generic permit
        if (expression == null) {
            expression = properties.getProperty(CONFIG_EXPRESSION_PREFIX + name);
        }

        //Get parent permit
        if (expression == null && StringUtils.contains(name, ".")) {
            String parent = StringUtils.substringBeforeLast(name, ".");
            expression = getExpressionString(parent, permission);
        }

        LOG.debug("Get Expression String: [{}] for name: [{}] permission: [{}]", expression, name, permission);
        return expression;
    }

    @Override
    public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
        String name = targetDomainObject.getClass().getName();
        Map<Object, Expression> m = expressions.get(name);
        if (m == null) {
            m = new HashMap<Object, Expression>();
            expressions.put(name, m);
        }

        Expression expression = m.get(permission);
        if (expression == null) {
            String expressionString = getExpressionString(name, permission);
            if (StringUtils.isNotEmpty(expressionString)) {
                expression = parser.parseExpression(expressionString);
            } else {
                expression = parser.parseExpression("false");
                LOG.warn("No Expression configed for name: [{}] permission: [{}], Default to false Expression!",
                        name, permission);
            }
            m.put(permission, expression);
        }

        context.setVariable("authentication", authentication);
        context.setVariable("target", targetDomainObject);

        boolean res = false;
        try {
            res = expression.getValue(context, Boolean.class);
            LOG.debug("Evaluate Result : [{}] for name: [{}] permission: [{}]", res, name, permission);
        } catch (Exception e) {
            LOG.error("Error parse expression", e);
        }
        return res;
    }

    @Override
    public boolean hasPermission(Authentication authentication, Serializable serializable, String s, Object o) {
        LOG.error("Not implemented!!!");
        return false;
    }
}