AbstractAccessDecisionManager xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.vote;
17  
18  import java.util.Iterator;
19  import java.util.List;
20  
21  import org.acegisecurity.AccessDecisionManager;
22  import org.acegisecurity.AccessDeniedException;
23  import org.acegisecurity.AcegiMessageSource;
24  import org.acegisecurity.ConfigAttribute;
25  import org.springframework.beans.factory.InitializingBean;
26  import org.springframework.context.MessageSource;
27  import org.springframework.context.MessageSourceAware;
28  import org.springframework.context.support.MessageSourceAccessor;
29  import org.springframework.util.Assert;
30  
31  /**
32   * Abstract implementation of {@link AccessDecisionManager}.
33   * <p/>
34   * Handles configuration of a bean context defined list of
35   * {@link AccessDecisionVoter}s and the access control behaviour if all voters
36   * abstain from voting (defaults to deny access).
37   * </p>
38   */
39  public abstract class AbstractAccessDecisionManager implements AccessDecisionManager, InitializingBean,
40          MessageSourceAware {
41      // ~ Instance fields
42      // ================================================================================================
43  
44      private List decisionVoters;
45  
46      protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
47  
48      private boolean allowIfAllAbstainDecisions = false;
49  
50      // ~ Methods
51      // ========================================================================================================
52  
53      public void afterPropertiesSet() throws Exception {
54          Assert.notEmpty(this.decisionVoters, "A list of AccessDecisionVoters is required");
55          Assert.notNull(this.messages, "A message source must be set");
56      }
57  
58      protected final void checkAllowIfAllAbstainDecisions() {
59          if (!this.isAllowIfAllAbstainDecisions()) {
60              throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
61                      "Access is denied"));
62          }
63      }
64  
65      public List getDecisionVoters() {
66          return this.decisionVoters;
67      }
68  
69      public boolean isAllowIfAllAbstainDecisions() {
70          return allowIfAllAbstainDecisions;
71      }
72  
73      public void setAllowIfAllAbstainDecisions(boolean allowIfAllAbstainDecisions) {
74          this.allowIfAllAbstainDecisions = allowIfAllAbstainDecisions;
75      }
76  
77      public void setDecisionVoters(List newList) {
78          Assert.notEmpty(newList);
79  
80          Iterator iter = newList.iterator();
81  
82          while (iter.hasNext()) {
83              Object currentObject = iter.next();
84              Assert.isInstanceOf(AccessDecisionVoter.class, currentObject, "AccessDecisionVoter " + currentObject.getClass().getName()
85                      + " must implement AccessDecisionVoter");
86          }
87  
88          this.decisionVoters = newList;
89      }
90  
91      public void setMessageSource(MessageSource messageSource) {
92          this.messages = new MessageSourceAccessor(messageSource);
93      }
94  
95      public boolean supports(ConfigAttribute attribute) {
96          Iterator iter = this.decisionVoters.iterator();
97  
98          while (iter.hasNext()) {
99              AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
100 
101             if (voter.supports(attribute)) {
102                 return true;
103             }
104         }
105 
106         return false;
107     }
108 
109     /**
110      * Iterates through all <code>AccessDecisionVoter</code>s and ensures
111      * each can support the presented class.
112      * <p/>
113      * If one or more voters cannot support the presented class,
114      * <code>false</code> is returned.
115      * </p>
116      *
117      * @param clazz DOCUMENT ME!
118      * @return DOCUMENT ME!
119      */
120     public boolean supports(Class clazz) {
121         Iterator iter = this.decisionVoters.iterator();
122 
123         while (iter.hasNext()) {
124             AccessDecisionVoter voter = (AccessDecisionVoter) iter.next();
125 
126             if (!voter.supports(clazz)) {
127                 return false;
128             }
129         }
130 
131         return true;
132     }
133 }