strong typing to access right checking

Juho Juopperi
Commit 05514018 authored Mar 21, 2010 by Juho Juopperi
Showing with 17 additions and 5 deletions
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccessRightFacade.java
--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java
@@ -9,7 +9,9 @@ import javax.ejb.Stateless;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import fi.insomnia.bortal.facade.AccessRightFacade;
 import fi.insomnia.bortal.facade.UserFacade;
+import fi.insomnia.bortal.model.AccessRight;
 import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.RoleRight;
 import fi.insomnia.bortal.model.User;
@@ -20,9 +22,11 @@ import fi.insomnia.bortal.model.User;
 @Stateless
 public class SessionHandlerBean implements SessionHandlerBeanLocal {

+    private static final Logger logger = LoggerFactory.getLogger(SessionHandlerBean.class);
    @EJB
    private UserFacade userfacade;
-    private static final Logger logger = LoggerFactory.getLogger(SessionHandlerBean.class);
+    @EJB
+    private AccessRightFacade accessRightFacade;

    /**
     * Default constructor.
@@ -33,10 +37,13 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {

    @Override
    public boolean hasPermission(String target, User user, RolePermission permission) {
+
+        AccessRight expectedRight = accessRightFacade.findOrCreateByName(target);
+
        User dbusr = userfacade.find(user.getId());
        Set<Role> checkedRoles = new HashSet<Role>();
        for (Role r : dbusr.getRoles()) {
-            if (getRights(r, target, permission, checkedRoles)) {
+            if (getRights(r, expectedRight, permission, checkedRoles)) {
                return true;
            }

@@ -45,14 +52,14 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
        return false;
    }

-    private static boolean getRights(Role role, String target, RolePermission permission, Set<Role> checkedRoles) {
+    private static boolean getRights(Role role, AccessRight expectedRight, RolePermission permission, Set<Role> checkedRoles) {

        if (checkedRoles.contains(role)) {
            return false;
        }

        for (RoleRight rr : role.getRoleRights()) {
-            if (rr.getAccessRight().getAccessRight().equals(target)) {
+            if (rr.getAccessRight().equals(expectedRight)) {
                switch (permission) {
                case READ:
                    if (rr.getRead()) {
@@ -74,7 +81,7 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
        checkedRoles.add(role);

        for (Role r : role.getParents()) {
-            if (getRights(r, target, permission, checkedRoles)) {
+            if (getRights(r, expectedRight, permission, checkedRoles)) {
                return true;
            }


--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccessRightFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccessRightFacade.java
@@ -21,4 +21,9 @@ public class AccessRightFacade extends GenericFacade<AccessRight> {
        return em;
    }

+    public AccessRight findOrCreateByName(String target) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
 }