wms-spring-security-3.1.4

16:54:32.147 INFO  jd.cli.Main - Decompiling wms-spring-security-3.1.4.jar
package org.springframework.security.access;

import java.util.Collection;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;

public abstract interface AccessDecisionManager
{
  public abstract void decide(Authentication paramAuthentication, Object paramObject, Collection<ConfigAttribute> paramCollection)
    throws AccessDeniedException, InsufficientAuthenticationException;
  
  public abstract boolean supports(ConfigAttribute paramConfigAttribute);
  
  public abstract boolean supports(Class<?> paramClass);
}

/* Location:
 * Qualified Name:     org.springframework.security.access.AccessDecisionManager
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access;

import java.util.Collection;
import org.springframework.security.core.Authentication;

public abstract interface AccessDecisionVoter<S>
{
  public static final int ACCESS_GRANTED = 1;
  public static final int ACCESS_ABSTAIN = 0;
  public static final int ACCESS_DENIED = -1;
  
  public abstract boolean supports(ConfigAttribute paramConfigAttribute);
  
  public abstract boolean supports(Class<?> paramClass);
  
  public abstract int vote(Authentication paramAuthentication, S paramS, Collection<ConfigAttribute> paramCollection);
}

/* Location:
 * Qualified Name:     org.springframework.security.access.AccessDecisionVoter
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access;

public class AccessDeniedException
  extends RuntimeException
{
  public AccessDeniedException(String msg)
  {
    super(msg);
  }
  
  public AccessDeniedException(String msg, Throwable t)
  {
    super(msg, t);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.AccessDeniedException
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access;

import java.util.Collection;
import org.springframework.security.core.Authentication;

public abstract interface AfterInvocationProvider
{
  public abstract Object decide(Authentication paramAuthentication, Object paramObject1, Collection<ConfigAttribute> paramCollection, Object paramObject2)
    throws AccessDeniedException;
  
  public abstract boolean supports(ConfigAttribute paramConfigAttribute);
  
  public abstract boolean supports(Class<?> paramClass);
}

/* Location:
 * Qualified Name:     org.springframework.security.access.AfterInvocationProvider
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import java.lang.annotation.Annotation;
import java.util.Collection;
import org.springframework.security.access.ConfigAttribute;

public abstract interface AnnotationMetadataExtractor<A extends Annotation>
{
  public abstract Collection<? extends ConfigAttribute> extractAttributes(A paramA);
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.AnnotationMetadataExtractor
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource;

public class Jsr250MethodSecurityMetadataSource
  extends AbstractFallbackMethodSecurityMetadataSource
{
  protected Collection<ConfigAttribute> findAttributes(Class<?> clazz)
  {
    return processAnnotations(clazz.getAnnotations());
  }
  
  protected Collection<ConfigAttribute> findAttributes(Method method, Class<?> targetClass)
  {
    return processAnnotations(AnnotationUtils.getAnnotations(method));
  }
  
  public Collection<ConfigAttribute> getAllConfigAttributes()
  {
    return null;
  }
  
  private List<ConfigAttribute> processAnnotations(Annotation[] annotations)
  {
    if ((annotations == null) || (annotations.length == 0)) {
      return null;
    }
    List<ConfigAttribute> attributes = new ArrayList();
    for (Annotation a : annotations)
    {
      if ((a instanceof DenyAll))
      {
        attributes.add(Jsr250SecurityConfig.DENY_ALL_ATTRIBUTE);
        return attributes;
      }
      if ((a instanceof PermitAll))
      {
        attributes.add(Jsr250SecurityConfig.PERMIT_ALL_ATTRIBUTE);
        return attributes;
      }
      if ((a instanceof RolesAllowed))
      {
        RolesAllowed ra = (RolesAllowed)a;
        for (String allowed : ra.value()) {
          attributes.add(new Jsr250SecurityConfig(allowed));
        }
        return attributes;
      }
    }
    return null;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import org.springframework.security.access.SecurityConfig;

public class Jsr250SecurityConfig
  extends SecurityConfig
{
  public static final Jsr250SecurityConfig PERMIT_ALL_ATTRIBUTE = new Jsr250SecurityConfig(PermitAll.class.getName());
  public static final Jsr250SecurityConfig DENY_ALL_ATTRIBUTE = new Jsr250SecurityConfig(DenyAll.class.getName());
  
  public Jsr250SecurityConfig(String role)
  {
    super(role);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.Jsr250SecurityConfig
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import java.util.Collection;
import java.util.Iterator;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;

public class Jsr250Voter
  implements AccessDecisionVoter<Object>
{
  public boolean supports(ConfigAttribute configAttribute)
  {
    return configAttribute instanceof Jsr250SecurityConfig;
  }
  
  public boolean supports(Class<?> clazz)
  {
    return true;
  }
  
  public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> definition)
  {
    boolean jsr250AttributeFound = false;
    for (Iterator i$ = definition.iterator(); i$.hasNext();)
    {
      attribute = (ConfigAttribute)i$.next();
      if (Jsr250SecurityConfig.PERMIT_ALL_ATTRIBUTE.equals(attribute)) {
        return 1;
      }
      if (Jsr250SecurityConfig.DENY_ALL_ATTRIBUTE.equals(attribute)) {
        return -1;
      }
      if (supports(attribute))
      {
        jsr250AttributeFound = true;
        for (GrantedAuthority authority : authentication.getAuthorities()) {
          if (attribute.getAttribute().equals(authority.getAuthority())) {
            return 1;
          }
        }
      }
    }
    ConfigAttribute attribute;
    return jsr250AttributeFound ? -1 : 0;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.Jsr250Voter
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import java.lang.annotation.Annotation;
import java.lang.annotation.Documented;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

@Target({java.lang.annotation.ElementType.METHOD, java.lang.annotation.ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface Secured
{
  String[] value();
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.Secured
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;

class SecuredAnnotationMetadataExtractor
  implements AnnotationMetadataExtractor<Secured>
{
  public Collection<ConfigAttribute> extractAttributes(Secured secured)
  {
    String[] attributeTokens = secured.value();
    List<ConfigAttribute> attributes = new ArrayList(attributeTokens.length);
    for (String token : attributeTokens) {
      attributes.add(new SecurityConfig(token));
    }
    return attributes;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.SecuredAnnotationMetadataExtractor
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.annotation;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.Collection;
import org.springframework.core.GenericTypeResolver;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.method.AbstractFallbackMethodSecurityMetadataSource;
import org.springframework.util.Assert;

public class SecuredAnnotationSecurityMetadataSource
  extends AbstractFallbackMethodSecurityMetadataSource
{
  private AnnotationMetadataExtractor annotationExtractor;
  private Class<? extends Annotation> annotationType;
  
  public SecuredAnnotationSecurityMetadataSource()
  {
    this(new SecuredAnnotationMetadataExtractor());
  }
  
  public SecuredAnnotationSecurityMetadataSource(AnnotationMetadataExtractor annotationMetadataExtractor)
  {
    Assert.notNull(annotationMetadataExtractor);
    annotationExtractor = annotationMetadataExtractor;
    annotationType = GenericTypeResolver.resolveTypeArgument(annotationExtractor.getClass(), AnnotationMetadataExtractor.class);
    
    Assert.notNull(annotationType, annotationExtractor.getClass().getName() + " must supply a generic parameter for AnnotationMetadataExtractor");
  }
  
  protected Collection<ConfigAttribute> findAttributes(Class<?> clazz)
  {
    return processAnnotation(AnnotationUtils.findAnnotation(clazz, annotationType));
  }
  
  protected Collection<ConfigAttribute> findAttributes(Method method, Class<?> targetClass)
  {
    return processAnnotation(AnnotationUtils.findAnnotation(method, annotationType));
  }
  
  public Collection<ConfigAttribute> getAllConfigAttributes()
  {
    return null;
  }
  
  private Collection<ConfigAttribute> processAnnotation(Annotation a)
  {
    if (a == null) {
      return null;
    }
    return annotationExtractor.extractAttributes(a);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access;

public class AuthorizationServiceException
  extends AccessDeniedException
{
  public AuthorizationServiceException(String msg)
  {
    super(msg);
  }
  
  public AuthorizationServiceException(String msg, Throwable t)
  {
    super(msg, t);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.AuthorizationServiceException
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access;

import java.io.Serializable;

public abstract interface ConfigAttribute
  extends Serializable
{
  public abstract String getAttribute();
}

/* Location:
 * Qualified Name:     org.springframework.security.access.ConfigAttribute
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access;

import java.beans.PropertyEditorSupport;
import org.springframework.util.StringUtils;

/**
 * @deprecated
 */
public class ConfigAttributeEditor
  extends PropertyEditorSupport
{
  public void setAsText(String s)
    throws IllegalArgumentException
  {
    if (StringUtils.hasText(s)) {
      setValue(SecurityConfig.createList(StringUtils.commaDelimitedListToStringArray(s)));
    } else {
      setValue(null);
    }
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.ConfigAttributeEditor
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.event;

import org.springframework.context.ApplicationEvent;

public abstract class AbstractAuthorizationEvent
  extends ApplicationEvent
{
  public AbstractAuthorizationEvent(Object secureObject)
  {
    super(secureObject);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.event.AbstractAuthorizationEvent
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.event;

import java.util.Collection;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;

public class AuthenticationCredentialsNotFoundEvent
  extends AbstractAuthorizationEvent
{
  private AuthenticationCredentialsNotFoundException credentialsNotFoundException;
  private Collection<ConfigAttribute> configAttribs;
  
  public AuthenticationCredentialsNotFoundEvent(Object secureObject, Collection<ConfigAttribute> attributes, AuthenticationCredentialsNotFoundException credentialsNotFoundException)
  {
    super(secureObject);
    if ((attributes == null) || (credentialsNotFoundException == null)) {
      throw new IllegalArgumentException("All parameters are required and cannot be null");
    }
    configAttribs = attributes;
    this.credentialsNotFoundException = credentialsNotFoundException;
  }
  
  public Collection<ConfigAttribute> getConfigAttributes()
  {
    return configAttribs;
  }
  
  public AuthenticationCredentialsNotFoundException getCredentialsNotFoundException()
  {
    return credentialsNotFoundException;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.event;

import java.util.Collection;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;

public class AuthorizationFailureEvent
  extends AbstractAuthorizationEvent
{
  private AccessDeniedException accessDeniedException;
  private Authentication authentication;
  private Collection<ConfigAttribute> configAttributes;
  
  public AuthorizationFailureEvent(Object secureObject, Collection<ConfigAttribute> attributes, Authentication authentication, AccessDeniedException accessDeniedException)
  {
    super(secureObject);
    if ((attributes == null) || (authentication == null) || (accessDeniedException == null)) {
      throw new IllegalArgumentException("All parameters are required and cannot be null");
    }
    configAttributes = attributes;
    this.authentication = authentication;
    this.accessDeniedException = accessDeniedException;
  }
  
  public AccessDeniedException getAccessDeniedException()
  {
    return accessDeniedException;
  }
  
  public Authentication getAuthentication()
  {
    return authentication;
  }
  
  public Collection<ConfigAttribute> getConfigAttributes()
  {
    return configAttributes;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.event.AuthorizationFailureEvent
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.event;

import java.util.Collection;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;

public class AuthorizedEvent
  extends AbstractAuthorizationEvent
{
  private Authentication authentication;
  private Collection<ConfigAttribute> configAttributes;
  
  public AuthorizedEvent(Object secureObject, Collection<ConfigAttribute> attributes, Authentication authentication)
  {
    super(secureObject);
    if ((attributes == null) || (authentication == null)) {
      throw new IllegalArgumentException("All parameters are required and cannot be null");
    }
    configAttributes = attributes;
    this.authentication = authentication;
  }
  
  public Authentication getAuthentication()
  {
    return authentication;
  }
  
  public Collection<ConfigAttribute> getConfigAttributes()
  {
    return configAttributes;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.event.AuthorizedEvent
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.event;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationListener;

public class LoggerListener
  implements ApplicationListener<AbstractAuthorizationEvent>
{
  private static final Log logger = LogFactory.getLog(LoggerListener.class);
  
  public void onApplicationEvent(AbstractAuthorizationEvent event)
  {
    if ((event instanceof AuthenticationCredentialsNotFoundEvent))
    {
      AuthenticationCredentialsNotFoundEvent authEvent = (AuthenticationCredentialsNotFoundEvent)event;
      if (logger.isWarnEnabled()) {
        logger.warn("Security interception failed due to: " + authEvent.getCredentialsNotFoundException() + "; secure object: " + authEvent.getSource() + "; configuration attributes: " + authEvent.getConfigAttributes());
      }
    }
    if ((event instanceof AuthorizationFailureEvent))
    {
      AuthorizationFailureEvent authEvent = (AuthorizationFailureEvent)event;
      if (logger.isWarnEnabled()) {
        logger.warn("Security authorization failed due to: " + authEvent.getAccessDeniedException() + "; authenticated principal: " + authEvent.getAuthentication() + "; secure object: " + authEvent.getSource() + "; configuration attributes: " + authEvent.getConfigAttributes());
      }
    }
    if ((event instanceof AuthorizedEvent))
    {
      AuthorizedEvent authEvent = (AuthorizedEvent)event;
      if (logger.isInfoEnabled()) {
        logger.info("Security authorized for authenticated principal: " + authEvent.getAuthentication() + "; secure object: " + authEvent.getSource() + "; configuration attributes: " + authEvent.getConfigAttributes());
      }
    }
    if ((event instanceof PublicInvocationEvent))
    {
      PublicInvocationEvent authEvent = (PublicInvocationEvent)event;
      if (logger.isInfoEnabled()) {
        logger.info("Security interception not required for public secure object: " + authEvent.getSource());
      }
    }
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.event.LoggerListener
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.event;

public class PublicInvocationEvent
  extends AbstractAuthorizationEvent
{
  public PublicInvocationEvent(Object secureObject)
  {
    super(secureObject);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.event.PublicInvocationEvent
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression;

import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.expression.BeanFactoryResolver;
import org.springframework.expression.BeanResolver;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;

public abstract class AbstractSecurityExpressionHandler<T>
  implements SecurityExpressionHandler<T>, ApplicationContextAware
{
  private ExpressionParser expressionParser = new SpelExpressionParser();
  private BeanResolver br;
  private RoleHierarchy roleHierarchy;
  private PermissionEvaluator permissionEvaluator = new DenyAllPermissionEvaluator();
  
  public final ExpressionParser getExpressionParser()
  {
    return expressionParser;
  }
  
  public final void setExpressionParser(ExpressionParser expressionParser)
  {
    Assert.notNull(expressionParser, "expressionParser cannot be null");
    this.expressionParser = expressionParser;
  }
  
  public final EvaluationContext createEvaluationContext(Authentication authentication, T invocation)
  {
    SecurityExpressionOperations root = createSecurityExpressionRoot(authentication, invocation);
    StandardEvaluationContext ctx = createEvaluationContextInternal(authentication, invocation);
    ctx.setBeanResolver(br);
    ctx.setRootObject(root);
    
    return ctx;
  }
  
  protected StandardEvaluationContext createEvaluationContextInternal(Authentication authentication, T invocation)
  {
    return new StandardEvaluationContext();
  }
  
  protected abstract SecurityExpressionOperations createSecurityExpressionRoot(Authentication paramAuthentication, T paramT);
  
  protected RoleHierarchy getRoleHierarchy()
  {
    return roleHierarchy;
  }
  
  public void setRoleHierarchy(RoleHierarchy roleHierarchy)
  {
    this.roleHierarchy = roleHierarchy;
  }
  
  protected PermissionEvaluator getPermissionEvaluator()
  {
    return permissionEvaluator;
  }
  
  public void setPermissionEvaluator(PermissionEvaluator permissionEvaluator)
  {
    this.permissionEvaluator = permissionEvaluator;
  }
  
  public void setApplicationContext(ApplicationContext applicationContext)
  {
    br = new BeanFactoryResolver(applicationContext);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.AbstractSecurityExpressionHandler
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression;

import java.io.Serializable;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;

public class DenyAllPermissionEvaluator
  implements PermissionEvaluator
{
  private final Log logger = LogFactory.getLog(getClass());
  
  public boolean hasPermission(Authentication authentication, Object target, Object permission)
  {
    logger.warn("Denying user " + authentication.getName() + " permission '" + permission + "' on object " + target);
    return false;
  }
  
  public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission)
  {
    logger.warn("Denying user " + authentication.getName() + " permission '" + permission + "' on object with Id '" + targetId);
    
    return false;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.DenyAllPermissionEvaluator
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression;

import org.springframework.expression.EvaluationContext;
import org.springframework.expression.EvaluationException;
import org.springframework.expression.Expression;

public final class ExpressionUtils
{
  public static boolean evaluateAsBoolean(Expression expr, EvaluationContext ctx)
  {
    try
    {
      return ((Boolean)expr.getValue(ctx, Boolean.class)).booleanValue();
    }
    catch (EvaluationException e)
    {
      throw new IllegalArgumentException("Failed to evaluate expression '" + expr.getExpressionString() + "'", e);
    }
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.ExpressionUtils
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression.method;

import org.springframework.expression.Expression;
import org.springframework.expression.ParseException;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.util.Assert;

abstract class AbstractExpressionBasedMethodConfigAttribute
  implements ConfigAttribute
{
  private final Expression filterExpression;
  private final Expression authorizeExpression;
  
  AbstractExpressionBasedMethodConfigAttribute(String filterExpression, String authorizeExpression)
    throws ParseException
  {
    Assert.isTrue((filterExpression != null) || (authorizeExpression != null), "Filter and authorization Expressions cannot both be null");
    SpelExpressionParser parser = new SpelExpressionParser();
    this.filterExpression = (filterExpression == null ? null : parser.parseExpression(filterExpression));
    this.authorizeExpression = (authorizeExpression == null ? null : parser.parseExpression(authorizeExpression));
  }
  
  AbstractExpressionBasedMethodConfigAttribute(Expression filterExpression, Expression authorizeExpression)
    throws ParseException
  {
    Assert.isTrue((filterExpression != null) || (authorizeExpression != null), "Filter and authorization Expressions cannot both be null");
    this.filterExpression = (filterExpression == null ? null : filterExpression);
    this.authorizeExpression = (authorizeExpression == null ? null : authorizeExpression);
  }
  
  Expression getFilterExpression()
  {
    return filterExpression;
  }
  
  Expression getAuthorizeExpression()
  {
    return authorizeExpression;
  }
  
  public String getAttribute()
  {
    return null;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.method.AbstractExpressionBasedMethodConfigAttribute
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression.method;

import java.lang.reflect.Array;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
import org.springframework.core.ParameterNameDiscoverer;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.Expression;
import org.springframework.expression.TypedValue;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.PermissionCacheOptimizer;
import org.springframework.security.access.expression.AbstractSecurityExpressionHandler;
import org.springframework.security.access.expression.ExpressionUtils;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;

public class DefaultMethodSecurityExpressionHandler
  extends AbstractSecurityExpressionHandler<MethodInvocation>
  implements MethodSecurityExpressionHandler
{
  protected final Log logger = LogFactory.getLog(getClass());
  private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
  private ParameterNameDiscoverer parameterNameDiscoverer = new LocalVariableTableParameterNameDiscoverer();
  private PermissionCacheOptimizer permissionCacheOptimizer = null;
  
  public StandardEvaluationContext createEvaluationContextInternal(Authentication auth, MethodInvocation mi)
  {
    return new MethodSecurityEvaluationContext(auth, mi, parameterNameDiscoverer);
  }
  
  protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, MethodInvocation invocation)
  {
    MethodSecurityExpressionRoot root = new MethodSecurityExpressionRoot(authentication);
    root.setThis(invocation.getThis());
    root.setPermissionEvaluator(getPermissionEvaluator());
    root.setTrustResolver(trustResolver);
    root.setRoleHierarchy(getRoleHierarchy());
    
    return root;
  }
  
  public Object filter(Object filterTarget, Expression filterExpression, EvaluationContext ctx)
  {
    MethodSecurityExpressionOperations rootObject = (MethodSecurityExpressionOperations)ctx.getRootObject().getValue();
    boolean debug = logger.isDebugEnabled();
    if (debug) {
      logger.debug("Filtering with expression: " + filterExpression.getExpressionString());
    }
    if ((filterTarget instanceof Collection))
    {
      Collection collection = (Collection)filterTarget;
      List retainList = new ArrayList(collection.size());
      if (debug) {
        logger.debug("Filtering collection with " + collection.size() + " elements");
      }
      if (permissionCacheOptimizer != null) {
        permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), collection);
      }
      for (Object filterObject : (Collection)filterTarget)
      {
        rootObject.setFilterObject(filterObject);
        if (ExpressionUtils.evaluateAsBoolean(filterExpression, ctx)) {
          retainList.add(filterObject);
        }
      }
      if (debug) {
        logger.debug("Retaining elements: " + retainList);
      }
      collection.clear();
      collection.addAll(retainList);
      
      return filterTarget;
    }
    if (filterTarget.getClass().isArray())
    {
      Object[] array = (Object[])filterTarget;
      List retainList = new ArrayList(array.length);
      if (debug) {
        logger.debug("Filtering array with " + array.length + " elements");
      }
      if (permissionCacheOptimizer != null) {
        permissionCacheOptimizer.cachePermissionsFor(rootObject.getAuthentication(), Arrays.asList(array));
      }
      for (Object o : array)
      {
        rootObject.setFilterObject(o);
        if (ExpressionUtils.evaluateAsBoolean(filterExpression, ctx)) {
          retainList.add(o);
        }
      }
      if (debug) {
        logger.debug("Retaining elements: " + retainList);
      }
      Object[] filtered = (Object[])Array.newInstance(filterTarget.getClass().getComponentType(), retainList.size());
      for (int i = 0; i < retainList.size(); i++) {
        filtered[i] = retainList.get(i);
      }
      return filtered;
    }
    throw new IllegalArgumentException("Filter target must be a collection or array type, but was " + filterTarget);
  }
  
  public void setParameterNameDiscoverer(ParameterNameDiscoverer parameterNameDiscoverer)
  {
    this.parameterNameDiscoverer = parameterNameDiscoverer;
  }
  
  public void setPermissionCacheOptimizer(PermissionCacheOptimizer permissionCacheOptimizer)
  {
    this.permissionCacheOptimizer = permissionCacheOptimizer;
  }
  
  public void setReturnObject(Object returnObject, EvaluationContext ctx)
  {
    ((MethodSecurityExpressionRoot)ctx.getRootObject().getValue()).setReturnObject(returnObject);
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression.method;

import org.springframework.expression.Expression;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.ParseException;
import org.springframework.security.access.prepost.PostInvocationAttribute;
import org.springframework.security.access.prepost.PreInvocationAttribute;
import org.springframework.security.access.prepost.PrePostInvocationAttributeFactory;

public class ExpressionBasedAnnotationAttributeFactory
  implements PrePostInvocationAttributeFactory
{
  private final ExpressionParser parser;
  
  public ExpressionBasedAnnotationAttributeFactory(MethodSecurityExpressionHandler handler)
  {
    parser = handler.getExpressionParser();
  }
  
  public PreInvocationAttribute createPreInvocationAttribute(String preFilterAttribute, String filterObject, String preAuthorizeAttribute)
  {
    try
    {
      Expression preAuthorizeExpression = preAuthorizeAttribute == null ? parser.parseExpression("permitAll") : parser.parseExpression(preAuthorizeAttribute);
      Expression preFilterExpression = preFilterAttribute == null ? null : parser.parseExpression(preFilterAttribute);
      return new PreInvocationExpressionAttribute(preFilterExpression, filterObject, preAuthorizeExpression);
    }
    catch (ParseException e)
    {
      throw new IllegalArgumentException("Failed to parse expression '" + e.getExpressionString() + "'", e);
    }
  }
  
  public PostInvocationAttribute createPostInvocationAttribute(String postFilterAttribute, String postAuthorizeAttribute)
  {
    try
    {
      Expression postAuthorizeExpression = postAuthorizeAttribute == null ? null : parser.parseExpression(postAuthorizeAttribute);
      Expression postFilterExpression = postFilterAttribute == null ? null : parser.parseExpression(postFilterAttribute);
      if ((postFilterExpression != null) || (postAuthorizeExpression != null)) {
        return new PostInvocationExpressionAttribute(postFilterExpression, postAuthorizeExpression);
      }
    }
    catch (ParseException e)
    {
      throw new IllegalArgumentException("Failed to parse expression '" + e.getExpressionString() + "'", e);
    }
    return null;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression.method;

import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.Expression;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.expression.ExpressionUtils;
import org.springframework.security.access.prepost.PostInvocationAttribute;
import org.springframework.security.access.prepost.PostInvocationAuthorizationAdvice;
import org.springframework.security.core.Authentication;

public class ExpressionBasedPostInvocationAdvice
  implements PostInvocationAuthorizationAdvice
{
  protected final Log logger = LogFactory.getLog(getClass());
  private final MethodSecurityExpressionHandler expressionHandler;
  
  public ExpressionBasedPostInvocationAdvice(MethodSecurityExpressionHandler expressionHandler)
  {
    this.expressionHandler = expressionHandler;
  }
  
  public Object after(Authentication authentication, MethodInvocation mi, PostInvocationAttribute postAttr, Object returnedObject)
    throws AccessDeniedException
  {
    PostInvocationExpressionAttribute pia = (PostInvocationExpressionAttribute)postAttr;
    EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, mi);
    Expression postFilter = pia.getFilterExpression();
    Expression postAuthorize = pia.getAuthorizeExpression();
    if (postFilter != null)
    {
      if (logger.isDebugEnabled()) {
        logger.debug("Applying PostFilter expression " + postFilter);
      }
      if (returnedObject != null) {
        returnedObject = expressionHandler.filter(returnedObject, postFilter, ctx);
      } else if (logger.isDebugEnabled()) {
        logger.debug("Return object is null, filtering will be skipped");
      }
    }
    expressionHandler.setReturnObject(returnedObject, ctx);
    if ((postAuthorize != null) && (!ExpressionUtils.evaluateAsBoolean(postAuthorize, ctx)))
    {
      if (logger.isDebugEnabled()) {
        logger.debug("PostAuthorize expression rejected access");
      }
      throw new AccessDeniedException("Access is denied");
    }
    return returnedObject;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression.method;

import java.util.Collection;
import org.aopalliance.intercept.MethodInvocation;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.Expression;
import org.springframework.security.access.expression.ExpressionUtils;
import org.springframework.security.access.prepost.PreInvocationAttribute;
import org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice;
import org.springframework.security.core.Authentication;

public class ExpressionBasedPreInvocationAdvice
  implements PreInvocationAuthorizationAdvice
{
  private MethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
  
  public boolean before(Authentication authentication, MethodInvocation mi, PreInvocationAttribute attr)
  {
    PreInvocationExpressionAttribute preAttr = (PreInvocationExpressionAttribute)attr;
    EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, mi);
    Expression preFilter = preAttr.getFilterExpression();
    Expression preAuthorize = preAttr.getAuthorizeExpression();
    if (preFilter != null)
    {
      Object filterTarget = findFilterTarget(preAttr.getFilterTarget(), ctx, mi);
      
      expressionHandler.filter(filterTarget, preFilter, ctx);
    }
    if (preAuthorize == null) {
      return true;
    }
    return ExpressionUtils.evaluateAsBoolean(preAuthorize, ctx);
  }
  
  private Object findFilterTarget(String filterTargetName, EvaluationContext ctx, MethodInvocation mi)
  {
    Object filterTarget = null;
    if (filterTargetName.length() > 0)
    {
      filterTarget = ctx.lookupVariable(filterTargetName);
      if (filterTarget == null) {
        throw new IllegalArgumentException("Filter target was null, or no argument with name " + filterTargetName + " found in method");
      }
    }
    else if (mi.getArguments().length == 1)
    {
      Object arg = mi.getArguments()[0];
      if ((arg.getClass().isArray()) || ((arg instanceof Collection))) {
        filterTarget = arg;
      }
      if (filterTarget == null) {
        throw new IllegalArgumentException("A PreFilter expression was set but the method argument type" + arg.getClass() + " is not filterable");
      }
    }
    if (filterTarget.getClass().isArray()) {
      throw new IllegalArgumentException("Pre-filtering on array types is not supported. Using a Collection will solve this problem");
    }
    return filterTarget;
  }
  
  public void setExpressionHandler(MethodSecurityExpressionHandler expressionHandler)
  {
    this.expressionHandler = expressionHandler;
  }
}

/* Location:
 * Qualified Name:     org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice
 * Java Class Version: 5 (49.0)
 * JD-Core Version:    0.7.1
 */
package org.springframework.security.access.expression.method;

import java.lang.reflect.Method;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.aop.framework.AopProxyUtils;
import org.springframework.aop.support.AopUtils;
import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
import org.springframework.core.ParameterNameD
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2019. Infinite Loop Ltd