Coverage Report

Coverage Report - org.acegisecurity.vote.AffirmativeBased

Classes in this File

100%

 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.acegisecurity.vote;
 
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.ConfigAttributeDefinition;
 
 import java.util.Iterator;
 
 
 /**
  * Simple concrete implementation of  {@link org.acegisecurity.AccessDecisionManager} that grants access if any
  * <code>AccessDecisionVoter</code> returns an affirmative response.
  */
 public class AffirmativeBased extends AbstractAccessDecisionManager {
     //~ Methods ========================================================================================================
 
     /**
      * This concrete implementation simply polls all configured  {@link AccessDecisionVoter}s and grants access
      * if any <code>AccessDecisionVoter</code> voted affirmatively. Denies access only if there was a deny vote AND no
      * affirmative votes.<p>If every <code>AccessDecisionVoter</code> abstained from voting, the decision will
      * be based on the {@link #isAllowIfAllAbstainDecisions()} property (defaults to false).</p>
      *
      * @param authentication the caller invoking the method
      * @param object the secured object
      * @param config the configuration attributes associated with the method being invoked
      *
      * @throws AccessDeniedException if access is denied
      */
     public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config)
         throws AccessDeniedException {
         Iterator iter = this.getDecisionVoters().iterator();
         int deny = 0;
 
         while (iter.hasNext()) {
             AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
             int result = voter.vote(authentication, object, config);
 
             switch (result) {
             case AccessDecisionVoter.ACCESS_GRANTED:
                 return;
 
             case AccessDecisionVoter.ACCESS_DENIED:
                 deny++;
 
                 break;
 
             default:
                 break;
             }
         }
 
         if (deny > 0) {
             throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                     "Access is denied"));
         }
 
         // To get this far, every AccessDecisionVoter abstained
         checkAllowIfAllAbstainDecisions();
     }
 }

1		/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.vote;
17
18		import org.acegisecurity.AccessDeniedException;
19		import org.acegisecurity.Authentication;
20		import org.acegisecurity.ConfigAttributeDefinition;
21
22		import java.util.Iterator;
23
24
25		/**
26		* Simple concrete implementation of {@link org.acegisecurity.AccessDecisionManager} that grants access if any
27		* <code>AccessDecisionVoter</code> returns an affirmative response.
28		*/
29	6	public class AffirmativeBased extends AbstractAccessDecisionManager {
30		//~ Methods ========================================================================================================
31
32		/**
33		* This concrete implementation simply polls all configured {@link AccessDecisionVoter}s and grants access
34		* if any <code>AccessDecisionVoter</code> voted affirmatively. Denies access only if there was a deny vote AND no
35		* affirmative votes.<p>If every <code>AccessDecisionVoter</code> abstained from voting, the decision will
36		* be based on the {@link #isAllowIfAllAbstainDecisions()} property (defaults to false).</p>
37		*
38		* @param authentication the caller invoking the method
39		* @param object the secured object
40		* @param config the configuration attributes associated with the method being invoked
41		*
42		* @throws AccessDeniedException if access is denied
43		*/
44		public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config)
45		throws AccessDeniedException {
46	6	Iterator iter = this.getDecisionVoters().iterator();
47	6	int deny = 0;
48
49	15	while (iter.hasNext()) {
50	12	AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
51	12	int result = voter.vote(authentication, object, config);
52
53	12	switch (result) {
54		case AccessDecisionVoter.ACCESS_GRANTED:
55	3	return;
56
57		case AccessDecisionVoter.ACCESS_DENIED:
58	1	deny++;
59
60	1	break;
61
62		default:
63		break;
64		}
65	9	}
66
67	3	if (deny > 0) {
68	1	throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
69		"Access is denied"));
70		}
71
72		// To get this far, every AccessDecisionVoter abstained
73	2	checkAllowIfAllAbstainDecisions();
74	1	}
75		}