[New] Added UsernameFromCertificatePrivilege policy
This commit is contained in:
parent
6ccb4425cc
commit
e076ced839
|
@ -0,0 +1,57 @@
|
|||
/*
|
||||
* Copyright 2013 Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package ch.eitchnet.privilege.policy;
|
||||
|
||||
import java.text.MessageFormat;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeMessages;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.IPrivilege;
|
||||
import ch.eitchnet.privilege.model.PrivilegeContext;
|
||||
import ch.eitchnet.privilege.model.Restrictable;
|
||||
|
||||
/**
|
||||
* TODO
|
||||
*
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public class UsernameFromCertificatePrivilege implements PrivilegePolicy {
|
||||
|
||||
@Override
|
||||
public void validateAction(PrivilegeContext ctx, IPrivilege privilege, Restrictable restrictable) {
|
||||
PrivilegePolicyHelper.preValidate(privilege, restrictable);
|
||||
|
||||
// get the value on which the action is to be performed
|
||||
Object object = restrictable.getPrivilegeValue();
|
||||
|
||||
// RoleAccessPrivilege policy expects the privilege value to be a role
|
||||
if (!(object instanceof Certificate)) {
|
||||
String msg = Restrictable.class.getName()
|
||||
+ PrivilegeMessages.getString("Privilege.illegalArgument.noncertificate"); //$NON-NLS-1$
|
||||
msg = MessageFormat.format(msg, restrictable.getClass().getSimpleName());
|
||||
throw new PrivilegeException(msg);
|
||||
}
|
||||
|
||||
// if everything is allowed, then no need to carry on
|
||||
if (privilege.isAllAllowed())
|
||||
return;
|
||||
|
||||
Certificate cert = (Certificate) object;
|
||||
String privilegeValue = cert.getUsername();
|
||||
PrivilegePolicyHelper.checkByAllowDenyValues(ctx, privilege, restrictable, privilegeValue);
|
||||
}
|
||||
}
|
|
@ -1,12 +1,13 @@
|
|||
Privilege.accessdenied.noprivilege=User {0} does not have Privilege {1} needed for Restrictable {2}
|
||||
Privilege.accessdenied.noprivilege=User {0} does not have the privilege {1} needed for Restrictable {2}
|
||||
Privilege.illegalArgument.nonstring=\ {0} has returned a non-string privilege value\!
|
||||
Privilege.illegalArgument.nonrole=\ {0} did not return a Role privilege value\!
|
||||
Privilege.illegalArgument.noncertificate=\ {0} did not return a Certificate privilege value\!
|
||||
Privilege.illegalArgument.nonuser=\ {0} did not return a User privilege value\!
|
||||
Privilege.illegalArgument.privilegeNameMismatch=The passed privilege has the name {0} but the restrictable is referencing privilege {1}
|
||||
Privilege.privilegeNameEmpty=The PrivilegeName for the Restrictable is null or empty: {0}
|
||||
Privilege.privilegeNull=Privilege may not be null\!
|
||||
Privilege.restrictableNull=Restrictable may not be null\!
|
||||
Privilege.noprivilege=No Privilege exists with name {0}
|
||||
Privilege.noprivilege.user=User {0} does not have a Privilege {0}
|
||||
Privilege.noprivilege.user=User {0} does not have the privilege {1}
|
||||
Privilege.roleAccessPrivilege.unknownPrivilege=Unhandled RoleAccessPrivilege {0}
|
||||
Privilege.userAccessPrivilege.unknownPrivilege=Unhandled UserAccessPrivilege {0}
|
||||
|
|
Loading…
Reference in New Issue