001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
003 * agreements. See the NOTICE file distributed with this work for additional information regarding
004 * copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0
005 * (the "License"); you may not use this file except in compliance with the License. You may obtain
006 * a copy of the License at
007 *
008 * http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software distributed under the License
011 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
012 * or implied. See the License for the specific language governing permissions and limitations
013 * under the License.
014 */
015 package org.tynamo.security.services.impl;
016
017 import org.apache.shiro.SecurityUtils;
018 import org.apache.shiro.subject.Subject;
019 import org.tynamo.security.services.SecurityService;
020
021
022 /**
023 * DOCUMENT ME!
024 *
025 * @see SecurityService
026 */
027 public class SecurityServiceImpl implements SecurityService
028 {
029
030 //~ Static fields/initializers -----------------------------------------------------------------
031
032 /**
033 * Delimeter that separates role names in tag attribute
034 */
035 private static final String ROLE_NAMES_DELIMETER = ",";
036
037 /**
038 * Delimiter used for permissions, i.e. a |
039 */
040 private static final String PERMISSIONS_DELIMETER = "\\|";
041
042 /**
043 * Delimited used for roles that allows , or |
044 */
045 private static final String PERMISSIONS_OR_ROLES_DELIMETER = "(,|\\|)";
046
047 //~ Methods ------------------------------------------------------------------------------------
048
049 @Override
050 public Subject getSubject()
051 {
052 return SecurityUtils.getSubject();
053 }
054
055 @Override
056 public boolean isAuthenticated()
057 {
058 Subject subject = getSubject();
059
060 return (subject != null) && subject.isAuthenticated();
061 }
062
063 @Override
064 public boolean isNotAuthenticated()
065 {
066 Subject subject = getSubject();
067
068 return (subject == null) || !subject.isAuthenticated();
069 }
070
071 @Override
072 public boolean isUser()
073 {
074 Subject subject = getSubject();
075
076 return (subject != null) && (subject.getPrincipal() != null);
077 }
078
079 @Override
080 public boolean isGuest()
081 {
082 Subject subject = getSubject();
083
084 return (subject == null) || (subject.getPrincipal() == null);
085 }
086
087 @Override
088 public boolean hasAnyRoles(String roles)
089 {
090 boolean hasAnyRole = false;
091
092 Subject subject = getSubject();
093
094 if (subject != null)
095 {
096
097 // Iterate through roles and check to see if the user has one of the roles
098 for (String role : roles.split(PERMISSIONS_OR_ROLES_DELIMETER))
099 {
100
101 if (subject.hasRole(role.trim()))
102 {
103 hasAnyRole = true;
104
105 break;
106 }
107 }
108 }
109
110 return hasAnyRole;
111 }
112
113 @Override
114 public boolean hasAllRoles(String roles)
115 {
116 boolean hasAllRole = false; // no subject is false
117
118 Subject subject = getSubject();
119
120 if (subject != null)
121 {
122
123 hasAllRole = true; // but no roles is true
124
125 // Iterate through roles and check to see if the user has one of the roles
126 for (String role : roles.split(PERMISSIONS_OR_ROLES_DELIMETER))
127 {
128
129 if (!subject.hasRole(role.trim()))
130 {
131 hasAllRole = false;
132
133 break;
134 }
135 }
136 }
137
138 return hasAllRole;
139 }
140
141 @Override
142 public boolean hasAllPermissions(String permissions)
143 {
144 boolean hasAllPermissions = false; // no subject is false
145
146 Subject subject = getSubject();
147
148 if (subject != null)
149 {
150
151 return subject.isPermittedAll(permissions.split(PERMISSIONS_DELIMETER));
152 }
153
154 return hasAllPermissions;
155 }
156
157 @Override
158 public boolean hasAnyPermissions(String permissions)
159 {
160 boolean hasAnyPermissions = false;
161
162 Subject subject = getSubject();
163
164 if (subject != null)
165 {
166
167 // Iterate through roles and check to see if the user has one of the roles
168 for (String role : permissions.split(PERMISSIONS_DELIMETER))
169 {
170
171 if (subject.isPermitted(role.trim()))
172 {
173 hasAnyPermissions = true;
174
175 break;
176 }
177 }
178 }
179
180 return hasAnyPermissions;
181 }
182
183
184 @Override
185 public boolean hasPermission(String permission)
186 {
187 Subject subject = getSubject();
188
189 return (subject != null) && subject.isPermitted(permission);
190 }
191
192 @Override
193 public boolean hasRole(String role)
194 {
195 Subject subject = getSubject();
196
197 return (subject != null) && subject.hasRole(role);
198 }
199
200 @Override
201 public boolean isLacksPermission(String permission)
202 {
203 return !hasPermission(permission);
204 }
205
206 @Override
207 public boolean isLacksRole(String role)
208 {
209 return !hasRole(role);
210 }
211
212 } // end class SecurityServiceImpl