protected ITypePrivilege CreateTypePrivilegeFromServiceResult(Type entityType, ITypePrivilegeOfService privilegeOfService)
{
ITypePropertyPrivilegeOfService[] propertyPrivilegesOfService = privilegeOfService.PropertyPrivileges;
ITypePropertyPrivilege defaultPropertyPrivilege = TypePropertyPrivilegeImpl.CreateFrom(privilegeOfService);
if (propertyPrivilegesOfService == null || propertyPrivilegesOfService.Length == 0)
{
return(new SimpleTypePrivilegeImpl(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed,
privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, defaultPropertyPrivilege));
}
String[] propertyPrivilegeNames = privilegeOfService.PropertyPrivilegeNames;
IEntityMetaData metaData = EntityMetaDataProvider.GetMetaData(entityType);
ITypePropertyPrivilege[] primitivePropertyPrivileges = new ITypePropertyPrivilege[metaData.PrimitiveMembers.Length];
ITypePropertyPrivilege[] relationPropertyPrivileges = new ITypePropertyPrivilege[metaData.RelationMembers.Length];
for (int a = primitivePropertyPrivileges.Length; a-- > 0;)
{
primitivePropertyPrivileges[a] = defaultPropertyPrivilege;
}
for (int a = relationPropertyPrivileges.Length; a-- > 0;)
{
relationPropertyPrivileges[a] = defaultPropertyPrivilege;
}
for (int b = propertyPrivilegesOfService.Length; b-- > 0;)
{
ITypePropertyPrivilegeOfService propertyPrivilegeOfService = propertyPrivilegesOfService[b];
String propertyName = InterningFeature.Intern(propertyPrivilegeNames[b]);
ITypePropertyPrivilege propertyPrivilege;
if (propertyPrivilegeOfService != null)
{
propertyPrivilege = TypePropertyPrivilegeImpl.Create(propertyPrivilegeOfService.CreateAllowed, propertyPrivilegeOfService.ReadAllowed,
propertyPrivilegeOfService.UpdateAllowed, propertyPrivilegeOfService.DeleteAllowed);
}
else
{
propertyPrivilege = TypePropertyPrivilegeImpl.Create(null, null, null, null);
}
if (metaData.IsRelationMember(propertyName))
{
relationPropertyPrivileges[metaData.GetIndexByRelationName(propertyName)] = propertyPrivilege;
}
if (metaData.IsPrimitiveMember(propertyName))
{
primitivePropertyPrivileges[metaData.GetIndexByPrimitiveName(propertyName)] = propertyPrivilege;
}
}
return(EntityTypePrivilegeFactoryProvider.GetEntityTypePrivilegeFactory(metaData.EntityType, privilegeOfService.CreateAllowed,
privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed,
privilegeOfService.ExecuteAllowed).CreatePrivilege(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed,
privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, primitivePropertyPrivileges,
relationPropertyPrivileges));
}
public ITypePrivilegeResult GetPrivilegesByType(IList <Type> entityTypes, params ISecurityScope[] securityScopes)
{
ISecurityContext context = SecurityContextHolder.Context;
IAuthorization authorization = context != null ? context.Authorization : null;
if (authorization == null)
{
throw new SecurityException("User must be authorized to be able to check for privileges");
}
if (securityScopes.Length == 0)
{
throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
}
List <Type> missingEntityTypes = new List <Type>();
Object writeLock = this.writeLock;
lock (writeLock)
{
ITypePrivilegeResult result = CreateResultByType(entityTypes, securityScopes, missingEntityTypes, authorization);
if (missingEntityTypes.Count == 0)
{
return(result);
}
}
if (PrivilegeService == null)
{
throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
+ " could be injected. Privilege functionality is deactivated. The current operation is not supported");
}
String userSID = authorization.SID;
IList <ITypePrivilegeOfService> privilegeResults = PrivilegeService.GetPrivilegesOfTypes(missingEntityTypes.ToArray(), securityScopes);
lock (writeLock)
{
for (int a = 0, size = privilegeResults.Count; a < size; a++)
{
ITypePrivilegeOfService privilegeResult = privilegeResults[a];
Type entityType = privilegeResult.EntityType;
String securityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);
ITypePrivilege pi = CreateTypePrivilegeFromServiceResult(entityType, privilegeResult);
entityTypePrivilegeCache.Put(entityType, securityScope, userSID, pi);
}
return(CreateResultByType(entityTypes, securityScopes, null, authorization));
}
}
protected void InternPrimitiveMember(IEntityMetaData metaData, Object[] primitives, Member member)
{
if (member == null)
{
return;
}
int index = metaData.GetIndexByPrimitiveName(member.Name);
Object value = primitives[index];
if (value is String)
{
Object internValue = InterningFeature.Intern(value);
if (!Object.ReferenceEquals(value, internValue))
{
primitives[index] = internValue;
}
}
}
protected IPrivilege CreatePrivilegeFromServiceResult(IObjRef objRef, IPrivilegeOfService privilegeOfService)
{
IPropertyPrivilegeOfService[] propertyPrivilegesOfService = privilegeOfService.PropertyPrivileges;
if (propertyPrivilegesOfService == null || propertyPrivilegesOfService.Length == 0)
{
return(SimplePrivilegeImpl.CreateFrom(privilegeOfService));
}
String[] propertyPrivilegeNames = privilegeOfService.PropertyPrivilegeNames;
IEntityMetaData metaData = EntityMetaDataProvider.GetMetaData(objRef.RealType);
IPropertyPrivilege[] primitivePropertyPrivileges = new IPropertyPrivilege[metaData.PrimitiveMembers.Length];
IPropertyPrivilege[] relationPropertyPrivileges = new IPropertyPrivilege[metaData.RelationMembers.Length];
IPropertyPrivilege defaultPropertyPrivilege = PropertyPrivilegeImpl.CreateFrom(privilegeOfService);
Arrays.Fill(primitivePropertyPrivileges, defaultPropertyPrivilege);
Arrays.Fill(relationPropertyPrivileges, defaultPropertyPrivilege);
for (int b = propertyPrivilegesOfService.Length; b-- > 0;)
{
IPropertyPrivilegeOfService propertyPrivilegeOfService = propertyPrivilegesOfService[b];
String propertyName = InterningFeature.Intern(propertyPrivilegeNames[b]);
IPropertyPrivilege propertyPrivilege = PropertyPrivilegeImpl.Create(propertyPrivilegeOfService.CreateAllowed,
propertyPrivilegeOfService.ReadAllowed, propertyPrivilegeOfService.UpdateAllowed, propertyPrivilegeOfService.DeleteAllowed);
if (metaData.IsRelationMember(propertyName))
{
relationPropertyPrivileges[metaData.GetIndexByRelationName(propertyName)] = propertyPrivilege;
}
if (metaData.IsPrimitiveMember(propertyName))
{
primitivePropertyPrivileges[metaData.GetIndexByPrimitiveName(propertyName)] = propertyPrivilege;
}
}
return(EntityPrivilegeFactoryProvider.GetEntityPrivilegeFactory(metaData.EntityType, privilegeOfService.CreateAllowed,
privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed,
privilegeOfService.ExecuteAllowed).CreatePrivilege(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed,
privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, primitivePropertyPrivileges,
relationPropertyPrivileges));
}
public IPrivilegeResult GetPrivilegesByObjRef <V>(IList <V> objRefs, params ISecurityScope[] securityScopes) where V : IObjRef
{
ISecurityContext context = SecurityContextHolder.Context;
IAuthorization authorization = context != null ? context.Authorization : null;
if (authorization == null)
{
throw new SecurityException("User must be authenticated to be able to check for privileges");
}
if (securityScopes.Length == 0)
{
throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
}
List <IObjRef> missingObjRefs = new List <IObjRef>();
lock (writeLock)
{
IPrivilegeResult result = CreateResult(objRefs, securityScopes, missingObjRefs, authorization, null);
if (missingObjRefs.Count == 0)
{
return(result);
}
}
if (PrivilegeService == null)
{
throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
+ " could be injected. Privilege functionality is deactivated. The current operation is not supported");
}
String userSID = authorization.SID;
IList <IPrivilegeOfService> privilegeResults = PrivilegeService.GetPrivileges(missingObjRefs.ToArray(), securityScopes);
lock (writeLock)
{
HashMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities = null;
for (int a = 0, size = privilegeResults.Count; a < size; a++)
{
IPrivilegeOfService privilegeResult = privilegeResults[a];
IObjRef reference = privilegeResult.Reference;
PrivilegeKey privilegeKey = new PrivilegeKey(reference.RealType, reference.IdNameIndex, reference.Id, userSID);
bool useCache = true;
if (privilegeKey.Id == null)
{
useCache = false;
privilegeKey.Id = reference;
}
privilegeKey.SecurityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);
IPrivilege privilege = CreatePrivilegeFromServiceResult(reference, privilegeResult);
if (useCache)
{
privilegeCache.Put(privilegeKey, privilege);
}
else
{
if (privilegeResultOfNewEntities == null)
{
privilegeResultOfNewEntities = new HashMap <PrivilegeKey, IPrivilege>();
}
privilegeResultOfNewEntities.Put(privilegeKey, privilege);
}
}
return(CreateResult(objRefs, securityScopes, null, authorization, privilegeResultOfNewEntities));
}
}