001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
003 * agreements. See the NOTICE file distributed with this work for additional information regarding
004 * copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0
005 * (the "License"); you may not use this file except in compliance with the License. You may obtain
006 * a copy of the License at
007 *
008 * http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software distributed under the License
011 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
012 * or implied. See the License for the specific language governing permissions and limitations
013 * under the License.
014 */
015 package org.tynamo.security.services.impl;
016
017 import org.apache.shiro.SecurityUtils;
018 import org.apache.shiro.subject.Subject;
019 import org.tynamo.security.services.SecurityService;
020
021
022 /**
023 * DOCUMENT ME!
024 *
025 * @see SecurityService
026 */
027 public class SecurityServiceImpl implements SecurityService
028 {
029
030 //~ Static fields/initializers -----------------------------------------------------------------
031
032 /**
033 * Delimeter that separates role names in tag attribute
034 */
035 @SuppressWarnings("unused")
036 private static final String ROLE_NAMES_DELIMETER = ",";
037
038 /**
039 * Delimiter used for permissions, i.e. a |
040 */
041 private static final String PERMISSIONS_DELIMETER = "\\|";
042
043 /**
044 * Delimited used for roles that allows , or |
045 */
046 private static final String PERMISSIONS_OR_ROLES_DELIMETER = "(,|\\|)";
047
048 //~ Methods ------------------------------------------------------------------------------------
049
050 @Override
051 public Subject getSubject()
052 {
053 return SecurityUtils.getSubject();
054 }
055
056 @Override
057 public boolean isAuthenticated()
058 {
059 Subject subject = getSubject();
060
061 return (subject != null) && subject.isAuthenticated();
062 }
063
064 @Override
065 public boolean isNotAuthenticated()
066 {
067 Subject subject = getSubject();
068
069 return (subject == null) || !subject.isAuthenticated();
070 }
071
072 @Override
073 public boolean isUser()
074 {
075 Subject subject = getSubject();
076
077 return (subject != null) && (subject.getPrincipal() != null);
078 }
079
080 @Override
081 public boolean isGuest()
082 {
083 Subject subject = getSubject();
084
085 return (subject == null) || (subject.getPrincipal() == null);
086 }
087
088 @Override
089 public boolean hasAnyRoles(String roles)
090 {
091 boolean hasAnyRole = false;
092
093 Subject subject = getSubject();
094
095 if (subject != null)
096 {
097
098 // Iterate through roles and check to see if the user has one of the roles
099 for (String role : roles.split(PERMISSIONS_OR_ROLES_DELIMETER))
100 {
101
102 if (subject.hasRole(role.trim()))
103 {
104 hasAnyRole = true;
105
106 break;
107 }
108 }
109 }
110
111 return hasAnyRole;
112 }
113
114 @Override
115 public boolean hasAllRoles(String roles)
116 {
117 boolean hasAllRole = false; // no subject is false
118
119 Subject subject = getSubject();
120
121 if (subject != null)
122 {
123
124 hasAllRole = true; // but no roles is true
125
126 // Iterate through roles and check to see if the user has one of the roles
127 for (String role : roles.split(PERMISSIONS_OR_ROLES_DELIMETER))
128 {
129
130 if (!subject.hasRole(role.trim()))
131 {
132 hasAllRole = false;
133
134 break;
135 }
136 }
137 }
138
139 return hasAllRole;
140 }
141
142 @Override
143 public boolean hasAllPermissions(String permissions)
144 {
145 boolean hasAllPermissions = false; // no subject is false
146
147 Subject subject = getSubject();
148
149 if (subject != null)
150 {
151
152 return subject.isPermittedAll(permissions.split(PERMISSIONS_DELIMETER));
153 }
154
155 return hasAllPermissions;
156 }
157
158 @Override
159 public boolean hasAnyPermissions(String permissions)
160 {
161 boolean hasAnyPermissions = false;
162
163 Subject subject = getSubject();
164
165 if (subject != null)
166 {
167
168 // Iterate through roles and check to see if the user has one of the roles
169 for (String role : permissions.split(PERMISSIONS_DELIMETER))
170 {
171
172 if (subject.isPermitted(role.trim()))
173 {
174 hasAnyPermissions = true;
175
176 break;
177 }
178 }
179 }
180
181 return hasAnyPermissions;
182 }
183
184
185 @Override
186 public boolean hasPermission(String permission)
187 {
188 Subject subject = getSubject();
189
190 return (subject != null) && subject.isPermitted(permission);
191 }
192
193 @Override
194 public boolean hasRole(String role)
195 {
196 Subject subject = getSubject();
197
198 return (subject != null) && subject.hasRole(role);
199 }
200
201 @Override
202 public boolean isLacksPermission(String permission)
203 {
204 return !hasPermission(permission);
205 }
206
207 @Override
208 public boolean isLacksRole(String role)
209 {
210 return !hasRole(role);
211 }
212
213 } // end class SecurityServiceImpl