Package org.ngrinder.security

Source Code of org.ngrinder.security.UserSwitchPermissionVoter

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/*
* Licensed under the Apache License, Version 2.0 (the "License");
*  you may not use this file except in compliance with the License.
*  You may obtain a copy of the License at
*
*      http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.ngrinder.security;

import static org.ngrinder.common.util.TypeConvertUtils.cast;

import java.util.Collection;
import java.util.List;

import org.apache.commons.lang.StringUtils;
import org.ngrinder.model.Role;
import org.ngrinder.model.User;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;
import org.springframework.stereotype.Component;

/**
* User Switch Recognized Voter for SVN.
*
* @author JunHo Yoon
* @since 3.2
*/
@Component("userSwitchPermissionVoter")
public class UserSwitchPermissionVoter implements AccessDecisionVoter<FilterInvocation> {

  @Override
  public boolean supports(ConfigAttribute attribute) {
    return true;
  }

  @Override
  public boolean supports(Class<?> clazz) {
    return clazz.isAssignableFrom(FilterInvocation.class);
  }

  @Override
  public int vote(Authentication authentication, FilterInvocation filter, Collection<ConfigAttribute> attributes) {
    if ("anonymousUser".equals(authentication.getPrincipal())) {
      return ACCESS_DENIED;
    }
    if (!(authentication.getPrincipal() instanceof SecuredUser)) {
      return ACCESS_DENIED;
    }
    SecuredUser secureUser = cast(authentication.getPrincipal());
    User user = secureUser.getUser();
    if (user.getRole() == Role.ADMIN) {
      return ACCESS_GRANTED;
    }

    String realm = StringUtils.split(filter.getHttpRequest().getPathInfo(), '/')[0];
    if (secureUser.getUsername().equals(realm)) {
      return ACCESS_GRANTED;
    } else {
      List<User> owners = user.getOwners();
      for (User each : owners) {
        if (realm.equals(each.getUserId())) {
          return ACCESS_GRANTED;
        }
      }
    }
    return ACCESS_DENIED;
  }
}
TOP

Related Classes of org.ngrinder.security.UserSwitchPermissionVoter

  • org.ngrinder.model.User
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.