@Override public Object invoke(MethodInvocation invocation) throws Throwable { Method method = invocation.getMethod(); Account account = checkRequireToken(method); checkRequirePermissions(account, method); checkRequireRoles(account, method); checkRequireAdministrator(account, method); checkRequireAuthenticated(account, method); checkRequireGuest(account, method); return invocation.proceed(); }
private static Collection<String> collectPermissions(RequirePermissions requirePermissions) { if (requirePermissions == null) { return Collections.emptyList(); } List<String> permissions = new ArrayList<>(); for (RequirePermission permission : requirePermissions.value()) { permissions.add(permission.value()); } return permissions; }
@Override protected void setup() { bind(BasicAuthenticationHandler.class); bind(FormAuthenticationHandler.class); Matcher<Class> controllers = subclassesOf(Controller.class); Matcher<Class> notControllers = not(controllers); /* * The grand ControllerInterceptor. */ ControllerInterceptor controllerInterceptor = new ControllerInterceptor(getProvider(SecurityManager.class)); bindInterceptor(controllers, any(), controllerInterceptor); /* * Individual method interceptors for annotating non-controllers. */ RequireTokenInterceptor tokenInterceptor = new RequireTokenInterceptor(getProvider(SecurityManager.class)); bindInterceptor(notControllers, annotatedWith(RequireToken.class), tokenInterceptor); RequireAuthenticatedInterceptor authenticatedInterceptor = new RequireAuthenticatedInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAuthenticated.class), authenticatedInterceptor); RequireAdministratorInterceptor administratorInterceptor = new RequireAdministratorInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAdministrator.class), administratorInterceptor); RequireRoleInterceptor roleInterceptor = new RequireRoleInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRole.class), roleInterceptor); RequirePermissionInterceptor permissionInterceptor = new RequirePermissionInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermission.class), permissionInterceptor); RequireRolesInterceptor rolesInterceptor = new RequireRolesInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRoles.class), rolesInterceptor); RequirePermissionsInterceptor permissionsInterceptor = new RequirePermissionsInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermissions.class), permissionsInterceptor); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> permissions = SecurityUtil.collectPermissions(invocation.getMethod()); Account account = getAccount(); account.checkPermissions(permissions); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> permissions = SecurityUtil.collectPermissions(invocation.getMethod()); Account account = getAccount(); account.checkPermissions(permissions); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> roles = SecurityUtil.collectRoles(invocation.getMethod()); Account account = getAccount(); account.checkRoles(roles); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> roles = SecurityUtil.collectRoles(invocation.getMethod()); Account account = getAccount(); account.checkRoles(roles); return invocation.proceed(); }
public static Collection<String> collectRoles(Method method) { List<String> roles = new ArrayList<>(); roles.addAll(collectRoles(method.getAnnotation(RequireRoles.class))); if (method.isAnnotationPresent(RequireRole.class)) { roles.add(method.getAnnotation(RequireRole.class).value()); } roles.addAll(collectRoles(method.getDeclaringClass().getAnnotation(RequireRoles.class))); if (method.getDeclaringClass().isAnnotationPresent(RequireRole.class)) { roles.add(method.getDeclaringClass().getAnnotation(RequireRole.class).value()); } return roles; }
public static Collection<String> collectPermissions(Method method) { List<String> permissions = new ArrayList<>(); permissions.addAll(collectPermissions(method.getAnnotation(RequirePermissions.class))); if (method.isAnnotationPresent(RequirePermission.class)) { permissions.add(method.getAnnotation(RequirePermission.class).value()); } permissions.addAll(collectPermissions(method.getDeclaringClass().getAnnotation(RequirePermissions.class))); if (method.getDeclaringClass().isAnnotationPresent(RequirePermission.class)) { permissions.add(method.getDeclaringClass().getAnnotation(RequirePermission.class).value()); } return permissions; }
protected void checkRequirePermissions(Account account, Method method) { Collection<String> permissions = SecurityUtil.collectPermissions(method); if (!permissions.isEmpty()) { account.checkPermissions(permissions); } }
@Override protected void setup() { bind(BasicAuthenticationHandler.class); bind(FormAuthenticationHandler.class); Matcher<Class> controllers = subclassesOf(Controller.class); Matcher<Class> notControllers = not(controllers); /* * The grand ControllerInterceptor. */ ControllerInterceptor controllerInterceptor = new ControllerInterceptor(getProvider(SecurityManager.class)); bindInterceptor(controllers, any(), controllerInterceptor); /* * Individual method interceptors for annotating non-controllers. */ RequireTokenInterceptor tokenInterceptor = new RequireTokenInterceptor(getProvider(SecurityManager.class)); bindInterceptor(notControllers, annotatedWith(RequireToken.class), tokenInterceptor); RequireAuthenticatedInterceptor authenticatedInterceptor = new RequireAuthenticatedInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAuthenticated.class), authenticatedInterceptor); RequireAdministratorInterceptor administratorInterceptor = new RequireAdministratorInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireAdministrator.class), administratorInterceptor); RequireRoleInterceptor roleInterceptor = new RequireRoleInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRole.class), roleInterceptor); RequirePermissionInterceptor permissionInterceptor = new RequirePermissionInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermission.class), permissionInterceptor); RequireRolesInterceptor rolesInterceptor = new RequireRolesInterceptor(); bindInterceptor(notControllers, annotatedWith(RequireRoles.class), rolesInterceptor); RequirePermissionsInterceptor permissionsInterceptor = new RequirePermissionsInterceptor(); bindInterceptor(notControllers, annotatedWith(RequirePermissions.class), permissionsInterceptor); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Method method = invocation.getMethod(); Account account = checkRequireToken(method); checkRequirePermissions(account, method); checkRequireRoles(account, method); checkRequireAdministrator(account, method); checkRequireAuthenticated(account, method); checkRequireGuest(account, method); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> permissions = SecurityUtil.collectPermissions(invocation.getMethod()); Account account = getAccount(); account.checkPermissions(permissions); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> permissions = SecurityUtil.collectPermissions(invocation.getMethod()); Account account = getAccount(); account.checkPermissions(permissions); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> roles = SecurityUtil.collectRoles(invocation.getMethod()); Account account = getAccount(); account.checkRoles(roles); return invocation.proceed(); }
@Override public Object invoke(MethodInvocation invocation) throws Throwable { Collection<String> roles = SecurityUtil.collectRoles(invocation.getMethod()); Account account = getAccount(); account.checkRoles(roles); return invocation.proceed(); }
private static Collection<String> collectPermissions(RequirePermissions requirePermissions) { if (requirePermissions == null) { return Collections.emptyList(); } List<String> permissions = new ArrayList<>(); for (RequirePermission permission : requirePermissions.value()) { permissions.add(permission.value()); } return permissions; }
public static Collection<String> collectRoles(Method method) { List<String> roles = new ArrayList<>(); roles.addAll(collectRoles(method.getAnnotation(RequireRoles.class))); if (method.isAnnotationPresent(RequireRole.class)) { roles.add(method.getAnnotation(RequireRole.class).value()); } roles.addAll(collectRoles(method.getDeclaringClass().getAnnotation(RequireRoles.class))); if (method.getDeclaringClass().isAnnotationPresent(RequireRole.class)) { roles.add(method.getDeclaringClass().getAnnotation(RequireRole.class).value()); } return roles; }