/*
* Copyright 2010 Diego Maia da Silva http://dev.diegomaia.net
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package net.diegomaia.vraptor.saci.component.checker;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.List;
import net.diegomaia.vraptor.saci.annotation.AccessLevel;
import net.diegomaia.vraptor.saci.annotation.InheritRestrictions;
import net.diegomaia.vraptor.saci.annotation.LoggedIn;
import net.diegomaia.vraptor.saci.annotation.OnAccessDenial;
import net.diegomaia.vraptor.saci.annotation.Roles;
import net.diegomaia.vraptor.saci.interfaces.Profile;
import net.diegomaia.vraptor.saci.interfaces.Restriction;
import net.diegomaia.vraptor.saci.restriction.AccessLevelRestriction;
import net.diegomaia.vraptor.saci.restriction.LoggedInRestriction;
import net.diegomaia.vraptor.saci.restriction.RestrictionResult;
import net.diegomaia.vraptor.saci.restriction.RestrictionsWrapper;
import net.diegomaia.vraptor.saci.restriction.Role;
import net.diegomaia.vraptor.saci.restriction.RolesRestriction;
import br.com.caelum.vraptor.ioc.Component;
/**
* @author Diego Maia da Silva a.k.a. Bronx
*/
@Component
public class Restrictor {
private RestrictionValidator restrictionValidator;
public Restrictor(RestrictionValidator restrictionValidator) {
this.restrictionValidator = restrictionValidator;
}
public RestrictionResult checkRestriction(Method method, Profile profile) {
RestrictionResult restrictionResult;
RestrictionsWrapper resourceRestrictions = this.getResourceRestriction(method.getDeclaringClass());
RestrictionsWrapper methodRestrictions = this.getMethodRestrictions(method);
restrictionResult = this.restrictionValidator.validateRestrictions(resourceRestrictions, methodRestrictions, profile);
return restrictionResult;
}
private RestrictionsWrapper getResourceRestriction(Class<?> clazz) {
List<Restriction> restrictions = new ArrayList<Restriction>();
if (clazz.isAnnotationPresent(LoggedIn.class)){
Restriction loggedInRestriction = new LoggedInRestriction();
restrictions.add(loggedInRestriction);
}
if (clazz.isAnnotationPresent(AccessLevel.class)){
AccessLevel accessLevel = clazz.getAnnotation(AccessLevel.class);
AccessLevelRestriction accessLevelRestriction = new AccessLevelRestriction();
accessLevelRestriction.setMinimumAccessLevel(accessLevel.minimumAccessLevel());
accessLevelRestriction.setMaximumAccessLevel(accessLevel.maximumAccessLevel());
restrictions.add(accessLevelRestriction);
}
if (clazz.isAnnotationPresent(Roles.class)){
Roles roles = clazz.getAnnotation(Roles.class);
RolesRestriction rolesRestriction = new RolesRestriction();
rolesRestriction.setRoles(this.getRoles(roles));
rolesRestriction.setPolicy(roles.policy());
restrictions.add(rolesRestriction);
}
return new RestrictionsWrapper(clazz.getAnnotation(InheritRestrictions.class), clazz.getAnnotation(OnAccessDenial.class), restrictions);
}
private List<Role> getRoles(Roles rolesList) {
String[] rolesNames = rolesList.roles();
List<Role> roles = new ArrayList<Role>();
for (String roleName : rolesNames){
if (!roleName.isEmpty()) {
Role role = new Role();
role.setRole(roleName);
roles.add(role);
}
}
return roles;
}
private RestrictionsWrapper getMethodRestrictions(Method method) {
List<Restriction> restrictions = new ArrayList<Restriction>();
if (method.isAnnotationPresent(LoggedIn.class)){
Restriction loggedInRestriction = new LoggedInRestriction();
restrictions.add(loggedInRestriction);
}
if (method.isAnnotationPresent(AccessLevel.class)){
AccessLevel accessLevel = method.getAnnotation(AccessLevel.class);
AccessLevelRestriction accessLevelRestriction = new AccessLevelRestriction();
accessLevelRestriction.setMinimumAccessLevel(accessLevel.minimumAccessLevel());
accessLevelRestriction.setMaximumAccessLevel(accessLevel.maximumAccessLevel());
restrictions.add(accessLevelRestriction);
}
if (method.isAnnotationPresent(Roles.class)){
Roles roles = method.getAnnotation(Roles.class);
RolesRestriction rolesRestriction = new RolesRestriction();
rolesRestriction.setRoles(getRoles(roles));
rolesRestriction.setPolicy(roles.policy());
restrictions.add(rolesRestriction);
}
return new RestrictionsWrapper(method.getAnnotation(InheritRestrictions.class), method.getAnnotation(OnAccessDenial.class), restrictions);
}
}