Coverage Report

Coverage Report - org.acegisecurity.vote.LabelBasedAclVoter

Classes in this File

80%

5.6

 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.acegisecurity.vote;
 
 import org.acegisecurity.Authentication;
 import org.acegisecurity.ConfigAttribute;
 import org.acegisecurity.ConfigAttributeDefinition;
 
 import org.aopalliance.intercept.MethodInvocation;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import org.springframework.util.Assert;
 
 import java.util.Iterator;
 import java.util.List;
 import java.util.Vector;
 import java.util.Map;
 
 
 /**
  * <p>This Acl voter will evaluate methods based on labels applied to incoming arguments. It will only check
  * methods that have been properly tagged in the MethodSecurityInterceptor with the value stored in
  * <tt>attributeIndicatingLabeledOperation</tt>. If a method has been tagged, then it examines each argument, and if the
  * argument implements {@link LabeledData}, then it will asses if the user's list of granted authorities matches.
  * </p>
  *
  * <p>By default, if none of the arguments are labeled, then the access will be granted. This can be overridden by
  * setting <tt>allowAccessIfNoAttributesAreLabeled</tt> to false in the Spring context file.</p>
  *
  * <p>In many situations, different values are linked together to define a common label, it is necessary to
  * define a map in the application context that links user-assigned label access to domain object labels. This is done
  * by setting up the <tt>labelMap</tt> in the application context.</p>
  *
  * @author Greg Turnquist
  * @version $Id: LabelBasedAclVoter.java 1962 2007-08-27 17:21:16Z luke_t $
  *
  * @see org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor
  */
 public class LabelBasedAclVoter extends AbstractAclVoter {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(LabelBasedAclVoter.class);
 
     //~ Instance fields ================================================================================================
 
     private Map labelMap = null;
     private String attributeIndicatingLabeledOperation = null;
     private boolean allowAccessIfNoAttributesAreLabeled = true;
 
     //~ Methods ========================================================================================================
 
     /**
      * Set whether or not to allow the user to run methods in which none of the incoming arguments are labeled.
      *
      * <p>Default value: <b>true, users can run such methods.</b></p>
      *
      * @param allowAccessIfNoAttributesAreLabeled boolean
      */
     public void setAllowAccessIfNoAttributesAreLabeled(boolean allowAccessIfNoAttributesAreLabeled) {
         this.allowAccessIfNoAttributesAreLabeled = allowAccessIfNoAttributesAreLabeled;
     }
 
     /**
      * Each method intended for evaluation by this voter must include this tag name in the definition of the
      * MethodSecurityInterceptor, indicating if this voter should evaluate the arguments and compare them against the
      * label map.
      *
      * @param attributeIndicatingLabeledOperation string
      */
     public void setAttributeIndicatingLabeledOperation(String attributeIndicatingLabeledOperation) {
         this.attributeIndicatingLabeledOperation = attributeIndicatingLabeledOperation;
     }
 
     /**
      * Set the map that correlate a user's assigned label against domain object values that are considered data
      * labels. An example application context configuration of a <tt>labelMap</tt>:
      *
      * <pre>
      * &lt;bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased"&gt;
      *     &lt;property name="allowIfAllAbstainDecisions"&gt;&lt;value&gt;false&lt;/value&gt;&lt;/property&gt;
      *     &lt;property name="decisionVoters"&gt;
      *       &lt;list&gt;
      *         &lt;bean class="org.acegisecurity.vote.RoleVoter"/&gt;
      *         &lt;bean class="org.acegisecurity.vote.LabelBasedAclVoter"&gt;
      *           &lt;property name="attributeIndicatingLabeledOperation"&gt;
      *             &lt;value&gt;LABELED_OPERATION&lt;/value&gt;
      *           &lt;/property&gt;
      *           &lt;property name="labelMap"&gt;
      *             &lt;map&gt;
      *               &lt;entry key="DATA_LABEL_BLUE"&gt;
      *                 &lt;list&gt;
      *                   &lt;value&gt;blue&lt;/value&gt;
      *                   &lt;value&gt;indigo&lt;/value&gt;
      *                   &lt;value&gt;purple&lt;/value&gt;
      *                 &lt;/list&gt;
      *               &lt;/entry&gt;
      *               &lt;entry key="LABEL_ORANGE"&gt;
      *                 &lt;list&gt;
      *                   &lt;value&gt;orange&lt;/value&gt;
      *                   &lt;value&gt;sunshine&lt;/value&gt;
      *                   &lt;value&gt;amber&lt;/value&gt;
      *                 &lt;/list&gt;
      *               &lt;/entry&gt;
      *               &lt;entry key="LABEL_ADMIN"&gt;
      *                 &lt;list&gt;
      *                   &lt;value&gt;blue&lt;/value&gt;
      *                   &lt;value&gt;indigo&lt;/value&gt;
      *                   &lt;value&gt;purple&lt;/value&gt;
      *                   &lt;value&gt;orange&lt;/value&gt;
      *                   &lt;value&gt;sunshine&lt;/value&gt;
      *                   &lt;value&gt;amber&lt;/value&gt;
      *                 &lt;/list&gt;
      *               &lt;/entry&gt;
      *             &lt;/map&gt;
      *           &lt;/property&gt;
      *         &lt;/bean&gt;
      *       &lt;/list&gt;
      *     &lt;/property&gt;
      *   &lt;/bean&gt;
      * </pre>
      *
      * @param labelMap a map structured as in the above example.
      *
      */
     public void setLabelMap(Map labelMap) {
         this.labelMap = labelMap;
     }
 
     /**
      * This acl voter will only evaluate labeled methods if they are marked in the security interceptor's
      * configuration with the attribute stored in attributeIndicatingLabeledOperation.
      *
      * @param attribute DOCUMENT ME!
      *
      * @return DOCUMENT ME!
      *
      * @see org.acegisecurity.vote.AbstractAclVoter
      * @see org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor
      */
     public boolean supports(ConfigAttribute attribute) {
         if (attribute.getAttribute().equals(attributeIndicatingLabeledOperation)) {
             logger.debug(attribute + " is supported.");
 
             return true;
         }
 
         if (logger.isDebugEnabled()) {
             logger.debug(attribute + " is unsupported.");
         }
 
         return false;
     }
 
     /**
      * Vote on whether or not the user has all the labels necessary to match the method argument's labeled
      * data.
      *
      * @param authentication DOCUMENT ME!
      * @param object DOCUMENT ME!
      * @param config DOCUMENT ME!
      *
      * @return ACCESS_ABSTAIN, ACCESS_GRANTED, or ACCESS_DENIED.
      */
     public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
         int result = ACCESS_ABSTAIN;
 
         if (logger.isDebugEnabled()) {
             logger.debug("==========================================================");
         }
 
         if (this.supports((ConfigAttribute) config.getConfigAttributes().next())) {
             result = ACCESS_DENIED;
 
             /* Parse out the user's labels by examining the security context, and checking
              * for matches against the label map.
              */
             List userLabels = new Vector();
 
             for (int i = 0; i < authentication.getAuthorities().length; i++) {
                 if (labelMap.containsKey(authentication.getAuthorities()[i].getAuthority())) {
                     String userLabel = authentication.getAuthorities()[i].getAuthority();
                     userLabels.add(userLabel);
                     logger.debug("Adding " + userLabel + " to <<<" + authentication.getName()
                         + "'s>>> authorized label list");
                 }
             }
 
             MethodInvocation invocation = (MethodInvocation) object;
 
             int matches = 0;
             int misses = 0;
             int labeledArguments = 0;
 
             for (int j = 0; j < invocation.getArguments().length; j++) {
                 if (invocation.getArguments()[j] instanceof LabeledData) {
                     labeledArguments++;
 
                     boolean matched = false;
 
                     String argumentDataLabel = ((LabeledData) invocation.getArguments()[j]).getLabel();
                     logger.debug("Argument[" + j + "/" + invocation.getArguments()[j].getClass().getName()
                         + "] has a data label of " + argumentDataLabel);
 
                     List validDataLabels = new Vector();
 
                     for (int i = 0; i < userLabels.size(); i++) {
                         validDataLabels.addAll((List) labelMap.get(userLabels.get(i)));
                     }
 
                     logger.debug("The valid labels for user label " + userLabels + " are " + validDataLabels);
 
                     Iterator dataLabelIter = validDataLabels.iterator();
 
                     while (dataLabelIter.hasNext()) {
                         String validDataLabel = (String) dataLabelIter.next();
 
                         if (argumentDataLabel.equals(validDataLabel)) {
                             logger.debug(userLabels + " maps to " + validDataLabel + " which matches the argument");
                             matched = true;
                         }
                     }
 
                     if (matched) {
                         logger.debug("We have a match!");
                         matches++;
                     } else {
                         logger.debug("We have a miss!");
                         misses++;
                     }
                 }
             }
             Assert.isTrue((matches + misses) == labeledArguments,
                 "The matches (" + matches + ") and misses (" + misses + " ) don't add up (" + labeledArguments + ")");
 
             logger.debug("We have " + matches + " matches and " + misses + " misses and " + labeledArguments
                 + " labeled arguments.");
 
             /* The result has already been set to ACCESS_DENIED. Only if there is a proper match of
              * labels will this be overturned. However, if none of the attributes are actually labeled,
              * the result is dependent on allowAccessIfNoAttributesAreLabeled.
              */
             if ((matches > 0) && (misses == 0)) {
                 result = ACCESS_GRANTED;
             } else if (labeledArguments == 0) {
                 if (allowAccessIfNoAttributesAreLabeled) {
                     result = ACCESS_GRANTED;
                 } else {
                     result = ACCESS_DENIED;
                 }
             }
         }
 
         if (logger.isDebugEnabled()) {
             switch (result) {
             case ACCESS_GRANTED:
 
                 if (logger.isDebugEnabled()) {
                     logger.debug("===== Access is granted =====");
                 }
 
                 break;
 
             case ACCESS_DENIED:
 
                 if (logger.isDebugEnabled()) {
                     logger.debug("===== Access is denied =====");
                 }
 
                 break;
 
             case ACCESS_ABSTAIN:
 
                 if (logger.isDebugEnabled()) {
                     logger.debug("===== Abstaining =====");
                 }
 
                 break;
             }
         }
 
         return result;
     }
 }

1		/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15		package org.acegisecurity.vote;
16
17		import org.acegisecurity.Authentication;
18		import org.acegisecurity.ConfigAttribute;
19		import org.acegisecurity.ConfigAttributeDefinition;
20
21		import org.aopalliance.intercept.MethodInvocation;
22
23		import org.apache.commons.logging.Log;
24		import org.apache.commons.logging.LogFactory;
25
26		import org.springframework.util.Assert;
27
28		import java.util.Iterator;
29		import java.util.List;
30		import java.util.Vector;
31		import java.util.Map;
32
33
34		/**
35		* <p>This Acl voter will evaluate methods based on labels applied to incoming arguments. It will only check
36		* methods that have been properly tagged in the MethodSecurityInterceptor with the value stored in
37		* <tt>attributeIndicatingLabeledOperation</tt>. If a method has been tagged, then it examines each argument, and if the
38		* argument implements {@link LabeledData}, then it will asses if the user's list of granted authorities matches.
39		* </p>
40		*
41		* <p>By default, if none of the arguments are labeled, then the access will be granted. This can be overridden by
42		* setting <tt>allowAccessIfNoAttributesAreLabeled</tt> to false in the Spring context file.</p>
43		*
44		* <p>In many situations, different values are linked together to define a common label, it is necessary to
45		* define a map in the application context that links user-assigned label access to domain object labels. This is done
46		* by setting up the <tt>labelMap</tt> in the application context.</p>
47		*
48		* @author Greg Turnquist
49		* @version $Id: LabelBasedAclVoter.java 1962 2007-08-27 17:21:16Z luke_t $
50		*
51		* @see org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor
52		*/
53	1	public class LabelBasedAclVoter extends AbstractAclVoter {
54		//~ Static fields/initializers =====================================================================================
55
56	2	private static final Log logger = LogFactory.getLog(LabelBasedAclVoter.class);
57
58		//~ Instance fields ================================================================================================
59
60	1	private Map labelMap = null;
61	1	private String attributeIndicatingLabeledOperation = null;
62	1	private boolean allowAccessIfNoAttributesAreLabeled = true;
63
64		//~ Methods ========================================================================================================
65
66		/**
67		* Set whether or not to allow the user to run methods in which none of the incoming arguments are labeled.
68		*
69		* <p>Default value: <b>true, users can run such methods.</b></p>
70		*
71		* @param allowAccessIfNoAttributesAreLabeled boolean
72		*/
73		public void setAllowAccessIfNoAttributesAreLabeled(boolean allowAccessIfNoAttributesAreLabeled) {
74	0	this.allowAccessIfNoAttributesAreLabeled = allowAccessIfNoAttributesAreLabeled;
75	0	}
76
77		/**
78		* Each method intended for evaluation by this voter must include this tag name in the definition of the
79		* MethodSecurityInterceptor, indicating if this voter should evaluate the arguments and compare them against the
80		* label map.
81		*
82		* @param attributeIndicatingLabeledOperation string
83		*/
84		public void setAttributeIndicatingLabeledOperation(String attributeIndicatingLabeledOperation) {
85	1	this.attributeIndicatingLabeledOperation = attributeIndicatingLabeledOperation;
86	1	}
87
88		/**
89		* Set the map that correlate a user's assigned label against domain object values that are considered data
90		* labels. An example application context configuration of a <tt>labelMap</tt>:
91		*
92		* <pre>
93		* <bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased">
94		* <property name="allowIfAllAbstainDecisions"><value>false</value></property>
95		* <property name="decisionVoters">
96		* <list>
97		* <bean class="org.acegisecurity.vote.RoleVoter"/>
98		* <bean class="org.acegisecurity.vote.LabelBasedAclVoter">
99		* <property name="attributeIndicatingLabeledOperation">
100		* <value>LABELED_OPERATION</value>
101		* </property>
102		* <property name="labelMap">
103		* <map>
104		* <entry key="DATA_LABEL_BLUE">
105		* <list>
106		* <value>blue</value>
107		* <value>indigo</value>
108		* <value>purple</value>
109		* </list>
110		* </entry>
111		* <entry key="LABEL_ORANGE">
112		* <list>
113		* <value>orange</value>
114		* <value>sunshine</value>
115		* <value>amber</value>
116		* </list>
117		* </entry>
118		* <entry key="LABEL_ADMIN">
119		* <list>
120		* <value>blue</value>
121		* <value>indigo</value>
122		* <value>purple</value>
123		* <value>orange</value>
124		* <value>sunshine</value>
125		* <value>amber</value>
126		* </list>
127		* </entry>
128		* </map>
129		* </property>
130		* </bean>
131		* </list>
132		* </property>
133		* </bean>
134		* </pre>
135		*
136		* @param labelMap a map structured as in the above example.
137		*
138		*/
139		public void setLabelMap(Map labelMap) {
140	1	this.labelMap = labelMap;
141	1	}
142
143		/**
144		* This acl voter will only evaluate labeled methods if they are marked in the security interceptor's
145		* configuration with the attribute stored in attributeIndicatingLabeledOperation.
146		*
147		* @param attribute DOCUMENT ME!
148		*
149		* @return DOCUMENT ME!
150		*
151		* @see org.acegisecurity.vote.AbstractAclVoter
152		* @see org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor
153		*/
154		public boolean supports(ConfigAttribute attribute) {
155	44	if (attribute.getAttribute().equals(attributeIndicatingLabeledOperation)) {
156	20	logger.debug(attribute + " is supported.");
157
158	20	return true;
159		}
160
161	24	if (logger.isDebugEnabled()) {
162	0	logger.debug(attribute + " is unsupported.");
163		}
164
165	24	return false;
166		}
167
168		/**
169		* Vote on whether or not the user has all the labels necessary to match the method argument's labeled
170		* data.
171		*
172		* @param authentication DOCUMENT ME!
173		* @param object DOCUMENT ME!
174		* @param config DOCUMENT ME!
175		*
176		* @return ACCESS_ABSTAIN, ACCESS_GRANTED, or ACCESS_DENIED.
177		*/
178		public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
179	44	int result = ACCESS_ABSTAIN;
180
181	44	if (logger.isDebugEnabled()) {
182	0	logger.debug("==========================================================");
183		}
184
185	44	if (this.supports((ConfigAttribute) config.getConfigAttributes().next())) {
186	20	result = ACCESS_DENIED;
187
188		/* Parse out the user's labels by examining the security context, and checking
189		* for matches against the label map.
190		*/
191	20	List userLabels = new Vector();
192
193	65	for (int i = 0; i < authentication.getAuthorities().length; i++) {
194	45	if (labelMap.containsKey(authentication.getAuthorities()[i].getAuthority())) {
195	25	String userLabel = authentication.getAuthorities()[i].getAuthority();
196	25	userLabels.add(userLabel);
197	25	logger.debug("Adding " + userLabel + " to <<<" + authentication.getName()
198		+ "'s>>> authorized label list");
199		}
200		}
201
202	20	MethodInvocation invocation = (MethodInvocation) object;
203
204	20	int matches = 0;
205	20	int misses = 0;
206	20	int labeledArguments = 0;
207
208	60	for (int j = 0; j < invocation.getArguments().length; j++) {
209	40	if (invocation.getArguments()[j] instanceof LabeledData) {
210	40	labeledArguments++;
211
212	40	boolean matched = false;
213
214	40	String argumentDataLabel = ((LabeledData) invocation.getArguments()[j]).getLabel();
215	40	logger.debug("Argument[" + j + "/" + invocation.getArguments()[j].getClass().getName()
216		+ "] has a data label of " + argumentDataLabel);
217
218	40	List validDataLabels = new Vector();
219
220	90	for (int i = 0; i < userLabels.size(); i++) {
221	50	validDataLabels.addAll((List) labelMap.get(userLabels.get(i)));
222		}
223
224	40	logger.debug("The valid labels for user label " + userLabels + " are " + validDataLabels);
225
226	40	Iterator dataLabelIter = validDataLabels.iterator();
227
228	150	while (dataLabelIter.hasNext()) {
229	110	String validDataLabel = (String) dataLabelIter.next();
230
231	110	if (argumentDataLabel.equals(validDataLabel)) {
232	34	logger.debug(userLabels + " maps to " + validDataLabel + " which matches the argument");
233	34	matched = true;
234		}
235	110	}
236
237	40	if (matched) {
238	32	logger.debug("We have a match!");
239	32	matches++;
240		} else {
241	8	logger.debug("We have a miss!");
242	8	misses++;
243		}
244		}
245		}
246	20	Assert.isTrue((matches + misses) == labeledArguments,
247		"The matches (" + matches + ") and misses (" + misses + " ) don't add up (" + labeledArguments + ")");
248
249	20	logger.debug("We have " + matches + " matches and " + misses + " misses and " + labeledArguments
250		+ " labeled arguments.");
251
252		/* The result has already been set to ACCESS_DENIED. Only if there is a proper match of
253		* labels will this be overturned. However, if none of the attributes are actually labeled,
254		* the result is dependent on allowAccessIfNoAttributesAreLabeled.
255		*/
256	20	if ((matches > 0) && (misses == 0)) {
257	14	result = ACCESS_GRANTED;
258	6	} else if (labeledArguments == 0) {
259	0	if (allowAccessIfNoAttributesAreLabeled) {
260	0	result = ACCESS_GRANTED;
261		} else {
262	0	result = ACCESS_DENIED;
263		}
264		}
265		}
266
267	44	if (logger.isDebugEnabled()) {
268	0	switch (result) {
269		case ACCESS_GRANTED:
270
271	0	if (logger.isDebugEnabled()) {
272	0	logger.debug("===== Access is granted =====");
273		}
274
275		break;
276
277		case ACCESS_DENIED:
278
279	0	if (logger.isDebugEnabled()) {
280	0	logger.debug("===== Access is denied =====");
281		}
282
283		break;
284
285		case ACCESS_ABSTAIN:
286
287	0	if (logger.isDebugEnabled()) {
288	0	logger.debug("===== Abstaining =====");
289		}
290
291		break;
292		}
293		}
294
295	44	return result;
296		}
297		}