[Major] No more static persistence of a Privilege Certificate
Now the certificate is passed into the Service before execution. This is better than having a static reference which can always lead to weird behaviour, especially when multiple ClassLoaders come into play.
This commit is contained in:
parent
f714da28f2
commit
791e8b7416
|
@ -27,6 +27,8 @@ import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
import ch.eitchnet.privilege.model.Certificate;
|
import ch.eitchnet.privilege.model.Certificate;
|
||||||
|
import ch.eitchnet.privilege.model.PrivilegeContext;
|
||||||
|
import ch.eitchnet.utils.dbc.DBC;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||||
|
@ -37,51 +39,74 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
|
||||||
private static final long serialVersionUID = 1L;
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
private ComponentContainer container;
|
private ComponentContainer container;
|
||||||
private Certificate certificate;
|
private PrivilegeContext privilegeContext;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param container
|
* @param privilegeContext
|
||||||
* the container to set
|
* the privilegeContext to set
|
||||||
*/
|
*/
|
||||||
public void setContainer(ComponentContainer container) {
|
public final void setPrivilegeContext(PrivilegeContext privilegeContext) {
|
||||||
this.container = container;
|
DBC.PRE.assertNull("PrivilegeContext is already set!", this.privilegeContext);
|
||||||
|
this.privilegeContext = privilegeContext;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param certificate
|
* @return the privilegeContext
|
||||||
* the certificate to set
|
|
||||||
*/
|
*/
|
||||||
public void setCertificate(Certificate certificate) {
|
public final PrivilegeContext getPrivilegeContext() {
|
||||||
this.certificate = certificate;
|
return this.privilegeContext;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the certificate
|
* @return the certificate
|
||||||
*/
|
*/
|
||||||
protected Certificate getCertificate() {
|
protected final Certificate getCertificate() {
|
||||||
return this.certificate;
|
return this.privilegeContext.getCertificate();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param container
|
||||||
|
* the container to set
|
||||||
|
*/
|
||||||
|
public final void setContainer(ComponentContainer container) {
|
||||||
|
this.container = container;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the container
|
* @return the container
|
||||||
*/
|
*/
|
||||||
protected ComponentContainer getContainer() {
|
protected final ComponentContainer getContainer() {
|
||||||
return this.container;
|
return this.container;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected <V> V getComponent(Class<V> clazz) {
|
/**
|
||||||
|
* @param clazz
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
protected final <V> V getComponent(Class<V> clazz) {
|
||||||
return this.container.getComponent(clazz);
|
return this.container.getComponent(clazz);
|
||||||
}
|
}
|
||||||
|
|
||||||
protected RuntimeConfiguration getRuntimeConfiguration() {
|
/**
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
protected final RuntimeConfiguration getRuntimeConfiguration() {
|
||||||
return this.container.getAgent().getStrolchConfiguration().getRuntimeConfiguration();
|
return this.container.getAgent().getStrolchConfiguration().getRuntimeConfiguration();
|
||||||
}
|
}
|
||||||
|
|
||||||
protected StrolchRealm getRealm(String realm) {
|
/**
|
||||||
|
* @param realm
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
protected final StrolchRealm getRealm(String realm) {
|
||||||
return this.container.getRealm(realm);
|
return this.container.getRealm(realm);
|
||||||
}
|
}
|
||||||
|
|
||||||
protected StrolchTransaction openTx(String realm) {
|
/**
|
||||||
|
* @param realm
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
protected final StrolchTransaction openTx(String realm) {
|
||||||
return this.container.getRealm(realm).openTx();
|
return this.container.getRealm(realm).openTx();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -71,15 +71,10 @@ public class DefaultServiceHandler extends StrolchComponent implements ServiceHa
|
||||||
long start = System.nanoTime();
|
long start = System.nanoTime();
|
||||||
|
|
||||||
// first check that the caller may perform this service
|
// first check that the caller may perform this service
|
||||||
|
PrivilegeContext privilegeContext = null;
|
||||||
if (this.privilegeHandler != null) {
|
if (this.privilegeHandler != null) {
|
||||||
// XXX Bad bad bad: remove the need for thread locals...
|
privilegeContext = this.privilegeHandler.getPrivilegeContext(certificate);
|
||||||
try {
|
|
||||||
PrivilegeContext privilegeContext = this.privilegeHandler.getPrivilegeContext(certificate);
|
|
||||||
PrivilegeContext.set(privilegeContext);
|
|
||||||
privilegeContext.validateAction(service);
|
privilegeContext.validateAction(service);
|
||||||
} finally {
|
|
||||||
PrivilegeContext.set(null);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
@ -87,7 +82,8 @@ public class DefaultServiceHandler extends StrolchComponent implements ServiceHa
|
||||||
if (service instanceof AbstractService) {
|
if (service instanceof AbstractService) {
|
||||||
AbstractService<?, ?> abstractService = (AbstractService<?, ?>) service;
|
AbstractService<?, ?> abstractService = (AbstractService<?, ?>) service;
|
||||||
abstractService.setContainer(getContainer());
|
abstractService.setContainer(getContainer());
|
||||||
abstractService.setCertificate(certificate);
|
if (privilegeContext != null)
|
||||||
|
abstractService.setPrivilegeContext(privilegeContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
U serviceResult = service.doService(argument);
|
U serviceResult = service.doService(argument);
|
||||||
|
|
Loading…
Reference in New Issue