001 package org.trails.security;
002
003 import org.acegisecurity.GrantedAuthority;
004 import org.apache.commons.logging.Log;
005 import org.apache.commons.logging.LogFactory;
006 import org.trails.descriptor.IClassDescriptor;
007
008 public abstract class SecurityRestriction
009 {
010
011 private static final Log LOG = LogFactory.getLog(SecurityRestriction.class);
012
013 public SecurityRestriction()
014 {
015 super();
016 // TODO Auto-generated constructor stub
017 }
018
019 private String requiredRole[];
020
021 private RestrictionType restrictionType;
022
023 public String[] getRequiredRole()
024 {
025 return requiredRole;
026 }
027
028 public void setRequiredRole(String[] requiredRole)
029 {
030 if (requiredRole == null) this.requiredRole = new String[]{};
031 else this.requiredRole = requiredRole;
032 }
033
034 public RestrictionType getRestrictionType()
035 {
036 return restrictionType;
037 }
038
039 public void setRestrictionType(RestrictionType restrictionType)
040 {
041 this.restrictionType = restrictionType;
042 }
043
044 protected boolean hasRequiredRole(GrantedAuthority[] authorities)
045 {
046 for (GrantedAuthority authority : authorities)
047 for (String role : requiredRole) if (role.equals(authority.getAuthority()) ) return true;
048 return false;
049 }
050
051 protected abstract void applyRestriction(IClassDescriptor classDescriptor);
052
053 public void restrict(GrantedAuthority[] authorities, IClassDescriptor classDescriptor)
054 {
055 if (!hasRequiredRole(authorities))
056 {
057 applyRestriction(classDescriptor);
058 }
059
060 }
061 }