EMMA Coverage Report

EMMA Coverage Report (generated Tue Feb 12 22:23:49 ICT 2008)
[all classes][net.sourceforge.hivelock]

COVERAGE SUMMARY FOR SOURCE FILE [AuthorizationInterceptorFactory.java]

name	class, %	method, %	block, %	line, %
AuthorizationInterceptorFactory.java	0% (0/2)	0% (0/10)	0% (0/241)	0% (0/41)

COVERAGE BREAKDOWN BY CLASS AND METHOD

name	class, %	method, %	block, %	line, %

class AuthorizationInterceptorFactory	0% (0/1)	0% (0/6)	0% (0/44)	0% (0/8)
<static initializer>		0% (0/1)	0% (0/4)	0% (0/1)
AuthorizationInterceptorFactory (SecurityService, PrincipalHelperService): void		0% (0/1)	0% (0/9)	0% (0/4)
access$000 (): String []		0% (0/1)	0% (0/2)	0% (0/1)
access$100 (AuthorizationInterceptorFactory): SecurityService		0% (0/1)	0% (0/3)	0% (0/1)
access$200 (AuthorizationInterceptorFactory): PrincipalHelperService		0% (0/1)	0% (0/3)	0% (0/1)
createInterceptor (InterceptorStack, Module, List): void		0% (0/1)	0% (0/23)	0% (0/2)

class AuthorizationInterceptorFactory$Interceptor	0% (0/1)	0% (0/4)	0% (0/197)	0% (0/33)
AuthorizationInterceptorFactory$Interceptor (AuthorizationInterceptorFactory,...		0% (0/1)	0% (0/45)	0% (0/13)
checkAuthorization (Method): void		0% (0/1)	0% (0/125)	0% (0/15)
getMethodName (Method): String		0% (0/1)	0% (0/14)	0% (0/1)
invoke (Object, Method, Object []): Object		0% (0/1)	0% (0/13)	0% (0/4)

1	// Copyright 2004-2007 Jean-Francois Poilpret
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14
15	package net.sourceforge.hivelock;
16
17	import java.lang.reflect.InvocationHandler;
18	import java.lang.reflect.InvocationTargetException;
19	import java.lang.reflect.Method;
20	import java.lang.reflect.Proxy;
21	import java.security.Principal;
22	import java.util.Iterator;
23	import java.util.List;
24
25	import org.apache.commons.logging.Log;
26
27	import org.apache.hivemind.InterceptorStack;
28	import org.apache.hivemind.ServiceInterceptorFactory;
29	import org.apache.hivemind.internal.Module;
30	import org.apache.hivemind.methodmatch.MethodMatcher;
31	import org.apache.hivemind.service.MethodSignature;
32
33	import net.sourceforge.hiveutils.collections.SetOperations;
34
35	public class AuthorizationInterceptorFactory implements ServiceInterceptorFactory
36	{
37	public AuthorizationInterceptorFactory( SecurityService security,
38	PrincipalHelperService helper)
39	{
40	_security = security;
41	_helper = helper;
42	}
43
44	public void createInterceptor( InterceptorStack stack,
45	Module invokingMod,
46	List parameters)
47	{
48	stack.push(Proxy.newProxyInstance(
49	invokingMod.getClassResolver().getClassLoader(),
50	new Class[] {stack.getServiceInterface()},
51	new Interceptor(stack.getServiceLog(),
52	stack.peek(),
53	parameters)));
54	}
55
56	private class Interceptor implements InvocationHandler
57	{
58	public Interceptor(Log logger, Object target, List parameters)
59	{
60	_logger = logger;
61	_target = target;
62	// Create method matcher for finding roles that can call a method
63	_methodMatcher = new MethodMatcher();
64	AuthorizationContribution authorization;
65	Iterator i = parameters.iterator();
66	while (i.hasNext())
67	{
68	Object next = i.next();
69	if (next instanceof AuthorizationContribution)
70	{
71	authorization = (AuthorizationContribution) next;
72	_methodMatcher.put( authorization.getPattern(),
73	authorization.getRoles());
74	}
75	}
76	// Add default behavior: no role at all can access the method!
77	_methodMatcher.put( "*", EMPTY_ROLES);
78	}
79
80	//CSOFF: IllegalThrowsCheck
81	public Object invoke(Object proxy, Method method, Object[] args)
82	throws Throwable
83	{
84	// Check user's credentials
85	checkAuthorization(method);
86
87	try
88	{
89	return method.invoke(_target, args);
90	}
91	catch (InvocationTargetException e)
92	{
93	throw e.getTargetException();
94	}
95	}
96	//CSON: IllegalThrowsCheck
97
98	private void checkAuthorization(Method method)
99	{
100	MethodSignature signature = new MethodSignature(method);
101	String[] roles = (String[]) _methodMatcher.get(signature);
102
103	// roles == null means everybody is allowed
104	if (roles == null)
105	{
106	return;
107	}
108	if (roles.length == 0)
109	{
110	_logger.warn("Method " + getMethodName(method) + " is forbidden for anybody");
111	throw new SecurityException("Method " + getMethodName(method) +
112	" is forbidden for anybody");
113	}
114	Principal principal = _security.getCurrentUser();
115	// Check if both sets of roles intersect
116	if (principal == null)
117	{
118	_logger.warn("Unregistered user cannot access method " + getMethodName(method));
119	throw new SecurityException("Unregistered user cannot access method " +
120	getMethodName(method));
121	}
122	if (!SetOperations.intersects(roles, _helper.getRoles(principal)))
123	{
124	_logger.warn( principal.getName() +
125	" is not assigned role to access method " +
126	getMethodName(method));
127	throw new SecurityException(principal.getName() +
128	" is not assigned role to access method " +
129	getMethodName(method));
130	}
131	}
132
133	private String getMethodName(Method method)
134	{
135	return method.getDeclaringClass().getName() + "." + method.getName();
136	}
137
138	private final Log _logger;
139	private final Object _target;
140	private final MethodMatcher _methodMatcher;
141	}
142
143	private final SecurityService _security;
144	private final PrincipalHelperService _helper;
145	static private final String[] EMPTY_ROLES = {};
146	}

[all classes][net.sourceforge.hivelock]

EMMA 2.0.5312 (C) Vladimir Roubtsov