protected IPrivilege CreatePrivilegeFromServiceResult(IObjRef objRef, IPrivilegeOfService privilegeOfService)
{
IPropertyPrivilegeOfService[] propertyPrivilegesOfService = privilegeOfService.PropertyPrivileges;
if (propertyPrivilegesOfService == null || propertyPrivilegesOfService.Length == 0)
{
return(SimplePrivilegeImpl.CreateFrom(privilegeOfService));
}
String[] propertyPrivilegeNames = privilegeOfService.PropertyPrivilegeNames;
IEntityMetaData metaData = EntityMetaDataProvider.GetMetaData(objRef.RealType);
IPropertyPrivilege[] primitivePropertyPrivileges = new IPropertyPrivilege[metaData.PrimitiveMembers.Length];
IPropertyPrivilege[] relationPropertyPrivileges = new IPropertyPrivilege[metaData.RelationMembers.Length];
IPropertyPrivilege defaultPropertyPrivilege = PropertyPrivilegeImpl.CreateFrom(privilegeOfService);
Arrays.Fill(primitivePropertyPrivileges, defaultPropertyPrivilege);
Arrays.Fill(relationPropertyPrivileges, defaultPropertyPrivilege);
for (int b = propertyPrivilegesOfService.Length; b-- > 0;)
{
IPropertyPrivilegeOfService propertyPrivilegeOfService = propertyPrivilegesOfService[b];
String propertyName = InterningFeature.Intern(propertyPrivilegeNames[b]);
IPropertyPrivilege propertyPrivilege = PropertyPrivilegeImpl.Create(propertyPrivilegeOfService.CreateAllowed,
propertyPrivilegeOfService.ReadAllowed, propertyPrivilegeOfService.UpdateAllowed, propertyPrivilegeOfService.DeleteAllowed);
if (metaData.IsRelationMember(propertyName))
{
relationPropertyPrivileges[metaData.GetIndexByRelationName(propertyName)] = propertyPrivilege;
}
if (metaData.IsPrimitiveMember(propertyName))
{
primitivePropertyPrivileges[metaData.GetIndexByPrimitiveName(propertyName)] = propertyPrivilege;
}
}
return(EntityPrivilegeFactoryProvider.GetEntityPrivilegeFactory(metaData.EntityType, privilegeOfService.CreateAllowed,
privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed,
privilegeOfService.ExecuteAllowed).CreatePrivilege(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed,
privilegeOfService.UpdateAllowed, privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed, primitivePropertyPrivileges,
relationPropertyPrivileges));
}
public static IPrivilege CreateFrom(IPrivilegeOfService privilegeOfService)
{
return(Create(privilegeOfService.CreateAllowed, privilegeOfService.ReadAllowed, privilegeOfService.UpdateAllowed,
privilegeOfService.DeleteAllowed, privilegeOfService.ExecuteAllowed));
}
public IPrivilegeResult GetPrivilegesByObjRef <V>(IList <V> objRefs, params ISecurityScope[] securityScopes) where V : IObjRef
{
ISecurityContext context = SecurityContextHolder.Context;
IAuthorization authorization = context != null ? context.Authorization : null;
if (authorization == null)
{
throw new SecurityException("User must be authenticated to be able to check for privileges");
}
if (securityScopes.Length == 0)
{
throw new ArgumentException("No " + typeof(ISecurityScope).Name + " provided to check privileges against");
}
List <IObjRef> missingObjRefs = new List <IObjRef>();
lock (writeLock)
{
IPrivilegeResult result = CreateResult(objRefs, securityScopes, missingObjRefs, authorization, null);
if (missingObjRefs.Count == 0)
{
return(result);
}
}
if (PrivilegeService == null)
{
throw new SecurityException("No bean of type " + typeof(IPrivilegeService).FullName
+ " could be injected. Privilege functionality is deactivated. The current operation is not supported");
}
String userSID = authorization.SID;
IList <IPrivilegeOfService> privilegeResults = PrivilegeService.GetPrivileges(missingObjRefs.ToArray(), securityScopes);
lock (writeLock)
{
HashMap <PrivilegeKey, IPrivilege> privilegeResultOfNewEntities = null;
for (int a = 0, size = privilegeResults.Count; a < size; a++)
{
IPrivilegeOfService privilegeResult = privilegeResults[a];
IObjRef reference = privilegeResult.Reference;
PrivilegeKey privilegeKey = new PrivilegeKey(reference.RealType, reference.IdNameIndex, reference.Id, userSID);
bool useCache = true;
if (privilegeKey.Id == null)
{
useCache = false;
privilegeKey.Id = reference;
}
privilegeKey.SecurityScope = InterningFeature.Intern(privilegeResult.SecurityScope.Name);
IPrivilege privilege = CreatePrivilegeFromServiceResult(reference, privilegeResult);
if (useCache)
{
privilegeCache.Put(privilegeKey, privilege);
}
else
{
if (privilegeResultOfNewEntities == null)
{
privilegeResultOfNewEntities = new HashMap <PrivilegeKey, IPrivilege>();
}
privilegeResultOfNewEntities.Put(privilegeKey, privilege);
}
}
return(CreateResult(objRefs, securityScopes, null, authorization, privilegeResultOfNewEntities));
}
}
