GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-1012: Extra fixes to dependent modules following changes to Acl APIs.

3.0.x
Luke Taylor 17 years ago
parent
14c50a9c96
commit
0d7002e322
5 changed files with 15 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
  2. 2
      samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
  3. 4
      samples/dms/src/main/java/sample/dms/secured/SecureDataSourcePopulator.java
  4. 2
      samples/dms/src/main/java/sample/dms/secured/SecureDocumentDaoImpl.java
  5. 12
      taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java

8
samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
Unescape View File

@ -68,7 +68,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport implements C
acl = mutableAclService.createAcl(oid); acl = mutableAclService.createAcl(oid);
} }
acl.insertAce(acl.getEntries().length, permission, recipient, true); acl.insertAce(acl.getEntries().size(), permission, recipient, true);
mutableAclService.updateAcl(acl); mutableAclService.updateAcl(acl);
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
@ -111,10 +111,10 @@ public class ContactManagerBackend extends ApplicationObjectSupport implements C
MutableAcl acl = (MutableAcl) mutableAclService.readAclById(oid); MutableAcl acl = (MutableAcl) mutableAclService.readAclById(oid);
// Remove all permissions associated with this particular recipient (string equality to KISS) // Remove all permissions associated with this particular recipient (string equality to KISS)
AccessControlEntry[] entries = acl.getEntries(); List<AccessControlEntry> entries = acl.getEntries();
for (int i = 0; i < entries.length; i++) { for (int i = 0; i < entries.size(); i++) {
if (entries[i].getSid().equals(recipient) && entries[i].getPermission().equals(permission)) { if (entries.get(i).getSid().equals(recipient) && entries.get(i).getPermission().equals(permission)) {
acl.deleteAce(i); acl.deleteAce(i);
} }
} }

2
samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
Unescape View File

@ -243,7 +243,7 @@ public class DataSourcePopulator implements InitializingBean {
private void grantPermissions(int contactNumber, String recipientUsername, Permission permission) { private void grantPermissions(int contactNumber, String recipientUsername, Permission permission) {
AclImpl acl = (AclImpl) mutableAclService.readAclById(new ObjectIdentityImpl(Contact.class, AclImpl acl = (AclImpl) mutableAclService.readAclById(new ObjectIdentityImpl(Contact.class,
new Long(contactNumber))); new Long(contactNumber)));
acl.insertAce(acl.getEntries().length, permission, new PrincipalSid(recipientUsername), true); acl.insertAce(acl.getEntries().size(), permission, new PrincipalSid(recipientUsername), true);
updateAclInTransaction(acl); updateAclInTransaction(acl);
} }

4
samples/dms/src/main/java/sample/dms/secured/SecureDataSourcePopulator.java
Unescape View File

@ -76,9 +76,9 @@ public class SecureDataSourcePopulator extends DataSourcePopulator {
// Now we have an ACL, add another ACE to it // Now we have an ACL, add another ACE to it
if (level == LEVEL_NEGATE_READ) { if (level == LEVEL_NEGATE_READ) {
acl.insertAce(acl.getEntries().length, permission, sid, false); // not granting acl.insertAce(acl.getEntries().size(), permission, sid, false); // not granting
} else { } else {
acl.insertAce(acl.getEntries().length, permission, sid, true); // granting acl.insertAce(acl.getEntries().size(), permission, sid, true); // granting
} }
// Finally, persist the modified ACL // Finally, persist the modified ACL

2
samples/dms/src/main/java/sample/dms/secured/SecureDocumentDaoImpl.java
Unescape View File

@ -54,7 +54,7 @@ public class SecureDocumentDaoImpl extends DocumentDaoImpl implements SecureDocu
MutableAcl aclParent = (MutableAcl) mutableAclService.readAclById(parentIdentity); MutableAcl aclParent = (MutableAcl) mutableAclService.readAclById(parentIdentity);
acl.setParent(aclParent); acl.setParent(aclParent);
} }
acl.insertAce(acl.getEntries().length, BasePermission.ADMINISTRATION, new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()), true); acl.insertAce(acl.getEntries().size(), BasePermission.ADMINISTRATION, new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()), true);
mutableAclService.updateAcl(acl); mutableAclService.updateAcl(acl);
} }

12
taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java
Unescape View File

@ -36,7 +36,9 @@ import org.springframework.context.ApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils; import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.util.ExpressionEvaluationUtils; import org.springframework.web.util.ExpressionEvaluationUtils;
import java.util.ArrayList;
import java.util.HashSet; import java.util.HashSet;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.StringTokenizer; import java.util.StringTokenizer;
@ -93,7 +95,7 @@ public class AccessControlListTag extends TagSupport {
final String evaledPermissionsString = ExpressionEvaluationUtils.evaluateString("hasPermission", hasPermission, final String evaledPermissionsString = ExpressionEvaluationUtils.evaluateString("hasPermission", hasPermission,
pageContext); pageContext);
Permission[] requiredPermissions = null; List<Permission> requiredPermissions = null;
try { try {
requiredPermissions = parsePermissionsString(evaledPermissionsString); requiredPermissions = parsePermissionsString(evaledPermissionsString);
@ -128,7 +130,7 @@ public class AccessControlListTag extends TagSupport {
return Tag.SKIP_BODY; return Tag.SKIP_BODY;
} }
Sid[] sids = sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication()); List<Sid> sids = sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication());
ObjectIdentity oid = objectIdentityRetrievalStrategy.getObjectIdentity(resolvedDomainObject); ObjectIdentity oid = objectIdentityRetrievalStrategy.getObjectIdentity(resolvedDomainObject);
// Obtain aclEntrys applying to the current Authentication object // Obtain aclEntrys applying to the current Authentication object
@ -212,9 +214,9 @@ public class AccessControlListTag extends TagSupport {
} }
} }
private Permission[] parsePermissionsString(String integersString) private List<Permission> parsePermissionsString(String integersString)
throws NumberFormatException { throws NumberFormatException {
final Set permissions = new HashSet(); final Set<Permission> permissions = new HashSet<Permission>();
final StringTokenizer tokenizer; final StringTokenizer tokenizer;
tokenizer = new StringTokenizer(integersString, ",", false); tokenizer = new StringTokenizer(integersString, ",", false);
@ -223,7 +225,7 @@ public class AccessControlListTag extends TagSupport {
permissions.add(BasePermission.buildFromMask(new Integer(integer).intValue())); permissions.add(BasePermission.buildFromMask(new Integer(integer).intValue()));
} }
return (Permission[]) permissions.toArray(new Permission[permissions.size()]); return new ArrayList<Permission>(permissions);
} }
public void setDomainObject(Object domainObject) { public void setDomainObject(Object domainObject) {

Write Preview
Loading…
Cancel
Save