public IPrivilege GetPrivilege(Object entity, params ISecurityScope[] securityScopes)
{
IList <IObjRef> objRefs = ObjRefHelper.ExtractObjRefList(entity, null);
IPrivilegeResult result = GetPrivileges(objRefs, securityScopes);
return(result.GetPrivileges()[0]);
}
public IPrivilegeResult GetPrivilegesByObjRef <V>(IList <V> objRefs, params ISecurityScope[] securityScopes) where V : IObjRef
{
ISecurityContext context = SecurityContextHolder.Context;
IAuthorization authorization = context != null ? context.Authorization : null;
if (authorization == null)
{
throw new SecurityException("User must be authenticated to be able to check for privileges");
}
if (securityScopes.Length == 0)
{
throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
}
List <IObjRef> missingObjRefs = new List <IObjRef>();
lock (writeLock)
{
IPrivilegeResult result = CreateResult(objRefs, securityScopes, missingObjRefs, authorization, null);
if (missingObjRefs.Count == 0)
{
return(result);
}
}
if (PrivilegeService == null)
{
throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
+ " could be injected. Privilege functionality is deactivated. The current operation is not supported");
}
String userSID = authorization.SID;
IList <IPrivilegeOfService> privilegeResults = PrivilegeService.GetPrivileges(missingObjRefs.ToArray(), securityScopes);
lock (writeLock)
{
HashMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities = null;
for (int a = 0, size = privilegeResults.Count; a < size; a++)
{
IPrivilegeOfService privilegeResult = privilegeResults[a];
IObjRef reference = privilegeResult.Reference;
PrivilegeKey privilegeKey = new PrivilegeKey(reference.RealType, reference.IdNameIndex, reference.Id, userSID);
bool useCache = true;
if (privilegeKey.Id == null)
{
useCache = false;
privilegeKey.Id = reference;
}
privilegeKey.SecurityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);
IPrivilege privilege = CreatePrivilegeFromServiceResult(reference, privilegeResult);
if (useCache)
{
privilegeCache.Put(privilegeKey, privilege);
}
else
{
if (privilegeResultOfNewEntities == null)
{
privilegeResultOfNewEntities = new HashMap <PrivilegeKey, IPrivilege>();
}
privilegeResultOfNewEntities.Put(privilegeKey, privilege);
}
}
return(CreateResult(objRefs, securityScopes, null, authorization, privilegeResultOfNewEntities));
}
}
public IPrivilege GetPrivilegeByObjRef(IObjRef objRef, params ISecurityScope[] securityScopes)
{
IPrivilegeResult result = GetPrivilegesByObjRef(new List <IObjRef>(new IObjRef[] { objRef }), securityScopes);
return(result.GetPrivileges()[0]);
}