org.duracloud.account.security.vote

Class BaseAccessDecisionVoter

java.lang.Object

org.duracloud.account.security.vote.BaseAccessDecisionVoter

All Implemented Interfaces:

org.springframework.security.access.AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>

Direct Known Subclasses:

AccountAccessDecisionVoter, AccountManagerAccessDecisionVoter, UserAccessDecisionVoter

public abstract class BaseAccessDecisionVoter
extends Object
implements org.springframework.security.access.AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>

Author:

Andrew Woods Date: 4/5/11

Field Summary

Fields

Modifier and Type	Field and Description
protected org.slf4j.Logger	log

Fields inherited from interface org.springframework.security.access.AccessDecisionVoter

ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED

Constructor Summary

Constructors

Constructor and Description
BaseAccessDecisionVoter(org.duracloud.account.db.repo.DuracloudRepoMgr repoMgr)

Method Summary

Modifier and Type	Method and Description
protected String	asString(int decision)
protected int	castVote(int decision, org.aopalliance.intercept.MethodInvocation invocation)
protected Set<org.duracloud.account.db.model.AccountRights>	getAllUserRightsForAcct(Long acctId)
protected org.duracloud.account.db.model.DuracloudUser	getCurrentUser(org.springframework.security.core.Authentication authentication)
protected SecuredRule	getRule(Collection<org.springframework.security.access.ConfigAttribute> atts)
protected abstract Class<?>	getTargetService() This abstract method returns the class for which this voter has interest.
protected org.duracloud.account.db.model.AccountRights	getUserRightsForAcct(Long userId, Long acctId)
protected Collection<String>	getUserRoles(org.springframework.security.core.Authentication authentication)
protected boolean	hasVote(int vote)
protected int	numUsersForAccount(Long acctId)
boolean	supports(Class<?> clazz)
boolean	supports(org.springframework.security.access.ConfigAttribute attribute)
protected boolean	supportsTarget(org.aopalliance.intercept.MethodInvocation invocation)
int	vote(org.springframework.security.core.Authentication authentication, org.aopalliance.intercept.MethodInvocation invocation, Collection<org.springframework.security.access.ConfigAttribute> attributes)
protected int	voteHasRole(String role, Collection<String> userRoles)
protected abstract int	voteImpl(org.springframework.security.core.Authentication authentication, org.aopalliance.intercept.MethodInvocation invocation, Collection<org.springframework.security.access.ConfigAttribute> attributes, Object[] methodArgs, org.duracloud.account.db.model.DuracloudUser user, SecuredRule securedRule, String role, SecuredRule.Scope scope)
protected int	voteMyUserId(org.duracloud.account.db.model.DuracloudUser user, Long userId)
protected int	voteMyUsername(org.duracloud.account.db.model.DuracloudUser user, String username)
protected int	voteRolesAreSufficientToUpdateOther(Set<org.duracloud.account.db.model.Role> roles, Set<org.duracloud.account.db.model.Role> other)
protected int	voteUserHasRoleOnAccount(org.duracloud.account.db.model.DuracloudUser user, String role, Long acctId)
protected int	voteUserHasRoleOnAcctToUpdateOthersRoles(Long userId, Long acctId, Long otherUserId, Set<org.duracloud.account.db.model.Role> otherRoles)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

protected org.slf4j.Logger log

Constructor Detail

BaseAccessDecisionVoter

public BaseAccessDecisionVoter(org.duracloud.account.db.repo.DuracloudRepoMgr repoMgr)

Method Detail

getTargetService

protected abstract Class<?> getTargetService()

This abstract method returns the class for which this voter has interest.

Returns:

class of target service interface

supports

public boolean supports(org.springframework.security.access.ConfigAttribute attribute)

Specified by:

supports in interface org.springframework.security.access.AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>

supports

public boolean supports(Class<?> clazz)

Specified by:

supports in interface org.springframework.security.access.AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>

supportsTarget

protected boolean supportsTarget(org.aopalliance.intercept.MethodInvocation invocation)

getRule

protected SecuredRule getRule(Collection<org.springframework.security.access.ConfigAttribute> atts)

getUserRoles

protected Collection<String> getUserRoles(org.springframework.security.core.Authentication authentication)

voteHasRole

protected int voteHasRole(String role,
                          Collection<String> userRoles)

voteUserHasRoleOnAccount

protected int voteUserHasRoleOnAccount(org.duracloud.account.db.model.DuracloudUser user,
                                       String role,
                                       Long acctId)

voteUserHasRoleOnAcctToUpdateOthersRoles

protected int voteUserHasRoleOnAcctToUpdateOthersRoles(Long userId,
                                                       Long acctId,
                                                       Long otherUserId,
                                                       Set<org.duracloud.account.db.model.Role> otherRoles)

voteRolesAreSufficientToUpdateOther

protected int voteRolesAreSufficientToUpdateOther(Set<org.duracloud.account.db.model.Role> roles,
                                                  Set<org.duracloud.account.db.model.Role> other)

hasVote

protected boolean hasVote(int vote)

numUsersForAccount

protected int numUsersForAccount(Long acctId)

getUserRightsForAcct

protected org.duracloud.account.db.model.AccountRights getUserRightsForAcct(Long userId,
                                                                            Long acctId)

getAllUserRightsForAcct

protected Set<org.duracloud.account.db.model.AccountRights> getAllUserRightsForAcct(Long acctId)

voteMyUserId

protected int voteMyUserId(org.duracloud.account.db.model.DuracloudUser user,
                           Long userId)

voteMyUsername

protected int voteMyUsername(org.duracloud.account.db.model.DuracloudUser user,
                             String username)

getCurrentUser

protected org.duracloud.account.db.model.DuracloudUser getCurrentUser(org.springframework.security.core.Authentication authentication)

asString

protected String asString(int decision)

vote

public final int vote(org.springframework.security.core.Authentication authentication,
                      org.aopalliance.intercept.MethodInvocation invocation,
                      Collection<org.springframework.security.access.ConfigAttribute> attributes)

Specified by:

vote in interface org.springframework.security.access.AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>

castVote

protected int castVote(int decision,
                       org.aopalliance.intercept.MethodInvocation invocation)

voteImpl

protected abstract int voteImpl(org.springframework.security.core.Authentication authentication,
                                org.aopalliance.intercept.MethodInvocation invocation,
                                Collection<org.springframework.security.access.ConfigAttribute> attributes,
                                Object[] methodArgs,
                                org.duracloud.account.db.model.DuracloudUser user,
                                SecuredRule securedRule,
                                String role,
                                SecuredRule.Scope scope)