001    package org.trails.security.annotation;
002    
003    import java.lang.reflect.AnnotatedElement;
004    import java.util.ArrayList;
005    import java.util.List;
006    
007    import org.trails.descriptor.annotation.AbstractAnnotationHandler;
008    import org.trails.security.ClassSecurityRestriction;
009    import org.trails.security.PropertySecurityRestriction;
010    import org.trails.security.RestrictionType;
011    
012    public class SecurityAnnotationHandler extends AbstractAnnotationHandler
013    {
014    
015            public SecurityAnnotationHandler()
016            {
017                    super();
018                    // TODO Auto-generated constructor stub
019            }
020    
021            public List buildClassRestrictions(Class type)
022            {
023                    // TODO refactor the build methods with better reusability
024                    ArrayList<ClassSecurityRestriction> classRestrictions = new ArrayList<ClassSecurityRestriction>();
025                    
026                    if (type.getAnnotation(ViewRequiresRole.class) != null) {
027                            ClassSecurityRestriction classRestriction = new ClassSecurityRestriction();
028                            classRestriction.setRequiredRole( ((ViewRequiresRole)type.getAnnotation(ViewRequiresRole.class)).value()) ;
029                            classRestriction.setRestrictionType(RestrictionType.VIEW);
030                            classRestrictions.add(classRestriction);
031                    }
032                    if (type.getAnnotation(UpdateRequiresRole.class) != null) {
033                            ClassSecurityRestriction classRestriction = new ClassSecurityRestriction();
034                            classRestriction.setRequiredRole( ((UpdateRequiresRole)type.getAnnotation(UpdateRequiresRole.class)).value()) ;
035                            classRestriction.setRestrictionType(RestrictionType.UPDATE);
036                            classRestrictions.add(classRestriction);
037                    }
038                    if (type.getAnnotation(RemoveRequiresRole.class) != null) {
039                            ClassSecurityRestriction classRestriction = new ClassSecurityRestriction();
040                            classRestriction.setRequiredRole( ((RemoveRequiresRole)type.getAnnotation(RemoveRequiresRole.class)).value()) ;
041                            classRestriction.setRestrictionType(RestrictionType.REMOVE );
042                            classRestrictions.add(classRestriction);
043                    }
044                    
045                    /*
046                    for (int i = 0; i < restrictionsLength; i++)
047                    {
048                            ClassSecurityRestriction classRestriction = new ClassSecurityRestriction();
049                            setPropertiesFromAnnotation(securityAnnotation.restrictions()[i], classRestriction);
050                            classRestrictions.add(classRestriction);
051                    }
052                    */
053                    
054                    
055                    return classRestrictions;
056            }
057    
058            public List<PropertySecurityRestriction> buildPropertyRestrictions(AnnotatedElement annotatedElement, String propertyName)
059            {
060                    ArrayList<PropertySecurityRestriction> propertyRestrictions = new ArrayList<PropertySecurityRestriction>();
061                    if (annotatedElement.getAnnotation(ViewRequiresRole.class) != null) {
062                            PropertySecurityRestriction propertyRestriction = new PropertySecurityRestriction();
063                            propertyRestriction.setPropertyName(propertyName);
064                            propertyRestriction.setRestrictionType(RestrictionType.VIEW);
065                            propertyRestriction.setRequiredRole(annotatedElement.getAnnotation(ViewRequiresRole.class).value());
066                            propertyRestrictions.add(propertyRestriction);
067                    }
068                    if (annotatedElement.getAnnotation(UpdateRequiresRole.class) != null) {
069                            PropertySecurityRestriction propertyRestriction = new PropertySecurityRestriction();
070                            propertyRestriction.setPropertyName(propertyName);
071                            propertyRestriction.setRestrictionType(RestrictionType.UPDATE);
072                            propertyRestriction.setRequiredRole(annotatedElement.getAnnotation(UpdateRequiresRole.class).value());
073                            propertyRestrictions.add(propertyRestriction);
074                    }
075                    if (annotatedElement.getAnnotation(RemoveRequiresRole.class) != null) {
076                            PropertySecurityRestriction propertyRestriction = new PropertySecurityRestriction();
077                            propertyRestriction.setPropertyName(propertyName);
078                            propertyRestriction.setRestrictionType(RestrictionType.REMOVE);
079                            propertyRestriction.setRequiredRole(annotatedElement.getAnnotation(RemoveRequiresRole.class).value());
080                            propertyRestrictions.add(propertyRestriction);
081                    }
082                    
083                    /* The old way is clearly shorter, but the new is easier for the user
084                    for (int i = 0; i < securityAnnotation.restrictions().length; i++)
085                    {
086                            PropertySecurityRestriction propertyRestriction = new PropertySecurityRestriction();
087                            propertyRestriction.setPropertyName(propertyName);
088                            setPropertiesFromAnnotation(securityAnnotation.restrictions()[i], propertyRestriction);
089                            propertyRestrictions.add(propertyRestriction);
090                    }
091                    */
092                    return propertyRestrictions;
093            }
094    
095    }