Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.authz.aop;
020
021import org.apache.shiro.aop.AnnotationResolver;
022
023/**
024 * Checks to see if a @{@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotation is declared,
025 * and if so, performs a permission check to see if the calling <code>Subject</code> is allowed to call the method.
026 *
027 * @since 0.9
028 */
029public class PermissionAnnotationMethodInterceptor extends AuthorizingAnnotationMethodInterceptor {
030
031    /*
032     * The character to look for that closes a permission definition.
033     **/
034    //private static final char ARRAY_CLOSE_CHAR = ']';
035
036    /**
037     * Default no-argument constructor that ensures this interceptor looks for
038     * {@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotations in a method declaration.
039     */
040    public PermissionAnnotationMethodInterceptor() {
041        super(new PermissionAnnotationHandler());
042    }
043
044    /**
045     * @param resolver
046     * @since 1.1
047     */
048    public PermissionAnnotationMethodInterceptor(AnnotationResolver resolver) {
049        super(new PermissionAnnotationHandler(), resolver);
050    }
051
052    /*
053     * Infers the permission from the specified name path in the annotation.
054     * @param methodArgs the <code>MethodInvocation</code> method arguments.
055     * @param namePath the Annotation 'name' value, which is a string-based permission definition.
056     * @return the String permission representation.
057     * @throws Exception if there is an error inferring the target.
058     *
059    protected String inferTargetFromPath(Object[] methodArgs, String namePath) throws Exception {
060        int propertyStartIndex = -1;
061
062        char[] chars = namePath.toCharArray();
063        StringBuilder buf = new StringBuilder();
064        //init iteration at index 1 (instead of 0).  This is because the first
065        //character must be the ARRAY_OPEN_CHAR (eliminates unnecessary iteration)
066        for (int i = 1; i < chars.length; i++) {
067            if (chars[i] == ARRAY_CLOSE_CHAR) {
068                // skip the delimiting period after the ARRAY_CLOSE_CHAR.  The resulting
069                // index is the init of the property path that we'll use with
070                // BeanUtils.getProperty:
071                propertyStartIndex = i + 2;
072                break;
073            } else {
074                buf.append(chars[i]);
075            }
076        }
077
078        Integer methodArgIndex = Integer.parseInt(buf.toString());
079        String beanUtilsPath = new String(chars, propertyStartIndex,
080                chars.length - propertyStartIndex);
081        Object targetValue = PropertyUtils.getProperty(methodArgs[methodArgIndex], beanUtilsPath);
082        return targetValue.toString();
083    }
084
085    /*
086     * Returns the <code>MethodInvocation</code>'s arguments, or <code>null</code> if there were none.
087     * @param invocation the methodInvocation to inspect.
088     * @return the method invocation's method arguments, or <code>null</code> if there were none.
089     *
090    protected Object[] getMethodArguments(MethodInvocation invocation) {
091        if (invocation != null) {
092            return invocation.getArguments();
093        } else {
094            return null;
095        }
096    }
097
098    /*
099     * Returns the annotation {@link RequiresPermissions#value value}, from which the Permission will be constructed.
100     *
101     * @param invocation the method being invoked.
102     * @return the method annotation's <code>value</code>, from which the Permission will be constructed.
103     *
104    protected String getAnnotationValue(MethodInvocation invocation) {
105        RequiresPermissions prAnnotation = (RequiresPermissions) getAnnotation(invocation);
106        return prAnnotation.value();
107    } */
108}