View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.shiro.authz.aop;
20  
21  import org.apache.shiro.aop.AnnotationResolver;
22  
23  /**
24   * Checks to see if a @{@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotation is declared, and if so, performs
25   * a permission check to see if the calling <code>Subject</code> is allowed to call the method.
26   * @since 0.9
27   */
28  public class PermissionAnnotationMethodInterceptor extends AuthorizingAnnotationMethodInterceptor {
29  
30      /*
31       * The character to look for that closes a permission definition.
32       **/
33      //private static final char ARRAY_CLOSE_CHAR = ']';
34  
35      /**
36       * Default no-argument constructor that ensures this interceptor looks for
37       * {@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotations in a method declaration.
38       */
39      public PermissionAnnotationMethodInterceptor() {
40          super( new PermissionAnnotationHandler() );
41      }
42  
43      /**
44       * @param resolver
45       * @since 1.1
46       */
47      public PermissionAnnotationMethodInterceptor(AnnotationResolver resolver) {
48          super( new PermissionAnnotationHandler(), resolver);
49      }
50  
51      /*
52       * Infers the permission from the specified name path in the annotation.
53       * @param methodArgs the <code>MethodInvocation</code> method arguments.
54       * @param namePath the Annotation 'name' value, which is a string-based permission definition.
55       * @return the String permission representation.
56       * @throws Exception if there is an error infering the target.
57       *
58      protected String inferTargetFromPath(Object[] methodArgs, String namePath) throws Exception {
59          int propertyStartIndex = -1;
60  
61          char[] chars = namePath.toCharArray();
62          StringBuilder buf = new StringBuilder();
63          //init iteration at index 1 (instead of 0).  This is because the first
64          //character must be the ARRAY_OPEN_CHAR (eliminates unnecessary iteration)
65          for (int i = 1; i < chars.length; i++) {
66              if (chars[i] == ARRAY_CLOSE_CHAR) {
67                  // skip the delimiting period after the ARRAY_CLOSE_CHAR.  The resulting
68                  // index is the init of the property path that we'll use with
69                  // BeanUtils.getProperty:
70                  propertyStartIndex = i + 2;
71                  break;
72              } else {
73                  buf.append(chars[i]);
74              }
75          }
76  
77          Integer methodArgIndex = Integer.parseInt(buf.toString());
78          String beanUtilsPath = new String(chars, propertyStartIndex,
79                  chars.length - propertyStartIndex);
80          Object targetValue = PropertyUtils.getProperty(methodArgs[methodArgIndex], beanUtilsPath);
81          return targetValue.toString();
82      }
83  
84      /*
85       * Returns the <code>MethodInvocation</code>'s arguments, or <code>null</code> if there were none.
86       * @param invocation the methodInvocation to inspect.
87       * @return the method invocation's method arguments, or <code>null</code> if there were none.
88       *
89      protected Object[] getMethodArguments(MethodInvocation invocation) {
90          if (invocation != null) {
91              return invocation.getArguments();
92          } else {
93              return null;
94          }
95      }
96  
97      /*
98       * Returns the annotation {@link RequiresPermissions#value value}, from which the Permission will be constructed.
99       *
100      * @param invocation the method being invoked.
101      * @return the method annotation's <code>value</code>, from which the Permission will be constructed.
102      *
103     protected String getAnnotationValue(MethodInvocation invocation) {
104         RequiresPermissions prAnnotation = (RequiresPermissions) getAnnotation(invocation);
105         return prAnnotation.value();
106     } */
107 }