Example #1
0
        protected ITypePrivilege CreateTypePrivilegeFromServiceResult(Type entityType, ITypePrivilegeOfService privilegeOfService)
        {
            ITypePropertyPrivilegeOfService[] propertyPrivilegesOfService = privilegeOfService.PropertyPrivileges;

            ITypePropertyPrivilege defaultPropertyPrivilege = TypePropertyPrivilegeImpl.CreateFrom(privilegeOfService);

            if (propertyPrivilegesOfService == null || propertyPrivilegesOfService.Length == 0)
            {
                return(new SimpleTypePrivilegeImpl(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed,
                                                   privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, defaultPropertyPrivilege));
            }
            String[]        propertyPrivilegeNames = privilegeOfService.PropertyPrivilegeNames;
            IEntityMetaData metaData = EntityMetaDataProvider.GetMetaData(entityType);

            ITypePropertyPrivilege[] primitivePropertyPrivileges = new ITypePropertyPrivilege[metaData.PrimitiveMembers.Length];
            ITypePropertyPrivilege[] relationPropertyPrivileges  = new ITypePropertyPrivilege[metaData.RelationMembers.Length];
            for (int a = primitivePropertyPrivileges.Length; a-- > 0;)
            {
                primitivePropertyPrivileges[a] = defaultPropertyPrivilege;
            }
            for (int a = relationPropertyPrivileges.Length; a-- > 0;)
            {
                relationPropertyPrivileges[a] = defaultPropertyPrivilege;
            }
            for (int b = propertyPrivilegesOfService.Length; b-- > 0;)
            {
                ITypePropertyPrivilegeOfService propertyPrivilegeOfService = propertyPrivilegesOfService[b];
                String propertyName = InterningFeature.Intern(propertyPrivilegeNames[b]);
                ITypePropertyPrivilege propertyPrivilege;
                if (propertyPrivilegeOfService != null)
                {
                    propertyPrivilege = TypePropertyPrivilegeImpl.Create(propertyPrivilegeOfService.CreateAllowed, propertyPrivilegeOfService.ReadAllowed,
                                                                         propertyPrivilegeOfService.UpdateAllowed, propertyPrivilegeOfService.DeleteAllowed);
                }
                else
                {
                    propertyPrivilege = TypePropertyPrivilegeImpl.Create(null, null, null, null);
                }
                if (metaData.IsRelationMember(propertyName))
                {
                    relationPropertyPrivileges[metaData.GetIndexByRelationName(propertyName)] = propertyPrivilege;
                }
                if (metaData.IsPrimitiveMember(propertyName))
                {
                    primitivePropertyPrivileges[metaData.GetIndexByPrimitiveName(propertyName)] = propertyPrivilege;
                }
            }
            return(EntityTypePrivilegeFactoryProvider.GetEntityTypePrivilegeFactory(metaData.EntityType, privilegeOfService.CreateAllowed,
                                                                                    privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed,
                                                                                    privilegeOfService.ExecuteAllowed).CreatePrivilege(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed,
                                                                                                                                       privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, primitivePropertyPrivileges,
                                                                                                                                       relationPropertyPrivileges));
        }
Example #2
0
        public ITypePrivilegeResult GetPrivilegesByType(IList <Type> entityTypes, params ISecurityScope[] securityScopes)
        {
            ISecurityContext context       = SecurityContextHolder.Context;
            IAuthorization   authorization = context != null ? context.Authorization : null;

            if (authorization == null)
            {
                throw new SecurityException("User must be authorized to be able to check for privileges");
            }
            if (securityScopes.Length == 0)
            {
                throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
            }
            List <Type> missingEntityTypes = new List <Type>();
            Object      writeLock          = this.writeLock;

            lock (writeLock)
            {
                ITypePrivilegeResult result = CreateResultByType(entityTypes, securityScopes, missingEntityTypes, authorization);
                if (missingEntityTypes.Count == 0)
                {
                    return(result);
                }
            }
            if (PrivilegeService == null)
            {
                throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
                                            + " could be injected. Privilege functionality is deactivated. The current operation is not supported");
            }
            String userSID = authorization.SID;
            IList <ITypePrivilegeOfService> privilegeResults = PrivilegeService.GetPrivilegesOfTypes(missingEntityTypes.ToArray(), securityScopes);

            lock (writeLock)
            {
                for (int a = 0, size = privilegeResults.Count; a < size; a++)
                {
                    ITypePrivilegeOfService privilegeResult = privilegeResults[a];
                    Type entityType = privilegeResult.EntityType;

                    String securityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);

                    ITypePrivilege pi = CreateTypePrivilegeFromServiceResult(entityType, privilegeResult);
                    entityTypePrivilegeCache.Put(entityType, securityScope, userSID, pi);
                }
                return(CreateResultByType(entityTypes, securityScopes, null, authorization));
            }
        }
Example #3
0
        protected void InternPrimitiveMember(IEntityMetaData metaData, Object[] primitives, Member member)
        {
            if (member == null)
            {
                return;
            }
            int    index = metaData.GetIndexByPrimitiveName(member.Name);
            Object value = primitives[index];

            if (value is String)
            {
                Object internValue = InterningFeature.Intern(value);
                if (!Object.ReferenceEquals(value, internValue))
                {
                    primitives[index] = internValue;
                }
            }
        }
Example #4
0
        protected IPrivilege CreatePrivilegeFromServiceResult(IObjRef objRef, IPrivilegeOfService privilegeOfService)
        {
            IPropertyPrivilegeOfService[] propertyPrivilegesOfService = privilegeOfService.PropertyPrivileges;

            if (propertyPrivilegesOfService == null || propertyPrivilegesOfService.Length == 0)
            {
                return(SimplePrivilegeImpl.CreateFrom(privilegeOfService));
            }
            String[]        propertyPrivilegeNames = privilegeOfService.PropertyPrivilegeNames;
            IEntityMetaData metaData = EntityMetaDataProvider.GetMetaData(objRef.RealType);

            IPropertyPrivilege[] primitivePropertyPrivileges = new IPropertyPrivilege[metaData.PrimitiveMembers.Length];
            IPropertyPrivilege[] relationPropertyPrivileges  = new IPropertyPrivilege[metaData.RelationMembers.Length];
            IPropertyPrivilege   defaultPropertyPrivilege    = PropertyPrivilegeImpl.CreateFrom(privilegeOfService);

            Arrays.Fill(primitivePropertyPrivileges, defaultPropertyPrivilege);
            Arrays.Fill(relationPropertyPrivileges, defaultPropertyPrivilege);
            for (int b = propertyPrivilegesOfService.Length; b-- > 0;)
            {
                IPropertyPrivilegeOfService propertyPrivilegeOfService = propertyPrivilegesOfService[b];
                String             propertyName      = InterningFeature.Intern(propertyPrivilegeNames[b]);
                IPropertyPrivilege propertyPrivilege = PropertyPrivilegeImpl.Create(propertyPrivilegeOfService.CreateAllowed,
                                                                                    propertyPrivilegeOfService.ReadAllowed, propertyPrivilegeOfService.UpdateAllowed, propertyPrivilegeOfService.DeleteAllowed);
                if (metaData.IsRelationMember(propertyName))
                {
                    relationPropertyPrivileges[metaData.GetIndexByRelationName(propertyName)] = propertyPrivilege;
                }
                if (metaData.IsPrimitiveMember(propertyName))
                {
                    primitivePropertyPrivileges[metaData.GetIndexByPrimitiveName(propertyName)] = propertyPrivilege;
                }
            }
            return(EntityPrivilegeFactoryProvider.GetEntityPrivilegeFactory(metaData.EntityType, privilegeOfService.CreateAllowed,
                                                                            privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed,
                                                                            privilegeOfService.ExecuteAllowed).CreatePrivilege(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed,
                                                                                                                               privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, primitivePropertyPrivileges,
                                                                                                                               relationPropertyPrivileges));
        }
Example #5
0
        public IPrivilegeResult GetPrivilegesByObjRef <V>(IList <V> objRefs, params ISecurityScope[] securityScopes) where V : IObjRef
        {
            ISecurityContext context       = SecurityContextHolder.Context;
            IAuthorization   authorization = context != null ? context.Authorization : null;

            if (authorization == null)
            {
                throw new SecurityException("User must be authenticated to be able to check for privileges");
            }
            if (securityScopes.Length == 0)
            {
                throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
            }
            List <IObjRef> missingObjRefs = new List <IObjRef>();

            lock (writeLock)
            {
                IPrivilegeResult result = CreateResult(objRefs, securityScopes, missingObjRefs, authorization, null);
                if (missingObjRefs.Count == 0)
                {
                    return(result);
                }
            }
            if (PrivilegeService == null)
            {
                throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
                                            + " could be injected. Privilege functionality is deactivated. The current operation is not supported");
            }
            String userSID = authorization.SID;
            IList <IPrivilegeOfService> privilegeResults = PrivilegeService.GetPrivileges(missingObjRefs.ToArray(), securityScopes);

            lock (writeLock)
            {
                HashMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities = null;
                for (int a = 0, size = privilegeResults.Count; a < size; a++)
                {
                    IPrivilegeOfService privilegeResult = privilegeResults[a];
                    IObjRef             reference       = privilegeResult.Reference;

                    PrivilegeKey privilegeKey = new PrivilegeKey(reference.RealType, reference.IdNameIndex, reference.Id, userSID);
                    bool         useCache     = true;
                    if (privilegeKey.Id == null)
                    {
                        useCache        = false;
                        privilegeKey.Id = reference;
                    }
                    privilegeKey.SecurityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);

                    IPrivilege privilege = CreatePrivilegeFromServiceResult(reference, privilegeResult);
                    if (useCache)
                    {
                        privilegeCache.Put(privilegeKey, privilege);
                    }
                    else
                    {
                        if (privilegeResultOfNewEntities == null)
                        {
                            privilegeResultOfNewEntities = new HashMap <PrivilegeKey, IPrivilege>();
                        }
                        privilegeResultOfNewEntities.Put(privilegeKey, privilege);
                    }
                }
                return(CreateResult(objRefs, securityScopes, null, authorization, privilegeResultOfNewEntities));
            }
        }