1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 package org.apache.shiro.authz.aop; 20 21 import org.apache.shiro.aop.AnnotationResolver; 22 23 /** 24 * Checks to see if a @{@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotation is declared, and if so, performs 25 * a permission check to see if the calling <code>Subject</code> is allowed to call the method. 26 * @since 0.9 27 */ 28 public class PermissionAnnotationMethodInterceptor extends AuthorizingAnnotationMethodInterceptor { 29 30 /* 31 * The character to look for that closes a permission definition. 32 **/ 33 //private static final char ARRAY_CLOSE_CHAR = ']'; 34 35 /** 36 * Default no-argument constructor that ensures this interceptor looks for 37 * {@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotations in a method declaration. 38 */ 39 public PermissionAnnotationMethodInterceptor() { 40 super( new PermissionAnnotationHandler() ); 41 } 42 43 /** 44 * @param resolver 45 * @since 1.1 46 */ 47 public PermissionAnnotationMethodInterceptor(AnnotationResolver resolver) { 48 super( new PermissionAnnotationHandler(), resolver); 49 } 50 51 /* 52 * Infers the permission from the specified name path in the annotation. 53 * @param methodArgs the <code>MethodInvocation</code> method arguments. 54 * @param namePath the Annotation 'name' value, which is a string-based permission definition. 55 * @return the String permission representation. 56 * @throws Exception if there is an error infering the target. 57 * 58 protected String inferTargetFromPath(Object[] methodArgs, String namePath) throws Exception { 59 int propertyStartIndex = -1; 60 61 char[] chars = namePath.toCharArray(); 62 StringBuilder buf = new StringBuilder(); 63 //init iteration at index 1 (instead of 0). This is because the first 64 //character must be the ARRAY_OPEN_CHAR (eliminates unnecessary iteration) 65 for (int i = 1; i < chars.length; i++) { 66 if (chars[i] == ARRAY_CLOSE_CHAR) { 67 // skip the delimiting period after the ARRAY_CLOSE_CHAR. The resulting 68 // index is the init of the property path that we'll use with 69 // BeanUtils.getProperty: 70 propertyStartIndex = i + 2; 71 break; 72 } else { 73 buf.append(chars[i]); 74 } 75 } 76 77 Integer methodArgIndex = Integer.parseInt(buf.toString()); 78 String beanUtilsPath = new String(chars, propertyStartIndex, 79 chars.length - propertyStartIndex); 80 Object targetValue = PropertyUtils.getProperty(methodArgs[methodArgIndex], beanUtilsPath); 81 return targetValue.toString(); 82 } 83 84 /* 85 * Returns the <code>MethodInvocation</code>'s arguments, or <code>null</code> if there were none. 86 * @param invocation the methodInvocation to inspect. 87 * @return the method invocation's method arguments, or <code>null</code> if there were none. 88 * 89 protected Object[] getMethodArguments(MethodInvocation invocation) { 90 if (invocation != null) { 91 return invocation.getArguments(); 92 } else { 93 return null; 94 } 95 } 96 97 /* 98 * Returns the annotation {@link RequiresPermissions#value value}, from which the Permission will be constructed. 99 * 100 * @param invocation the method being invoked. 101 * @return the method annotation's <code>value</code>, from which the Permission will be constructed. 102 * 103 protected String getAnnotationValue(MethodInvocation invocation) { 104 RequiresPermissions prAnnotation = (RequiresPermissions) getAnnotation(invocation); 105 return prAnnotation.value(); 106 } */ 107 }