Java Code Examples for javax.annotation.security.RolesAllowed#value()

The following examples show how to use javax.annotation.security.RolesAllowed#value() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SecurityInvocationHandler.java    From development with Apache License 2.0 6 votes vote down vote up
SecurityInvocationHandler(SessionContext sessionContext, Method beanMethod) {
    this.sessionContext = sessionContext;
    RolesAllowed rolesAllowed = beanMethod
            .getAnnotation(RolesAllowed.class);

    // a somewhat nasty scenario: a bean is spied using Mockito, so the
    // roles allowed annotations have to be retrieved from the superclass...
    Class<?> declaringClass = beanMethod.getDeclaringClass();
    Class<?> superclass = declaringClass.getSuperclass();
    if (declaringClass.getName().contains("Mockito")
            && !superclass.equals(Object.class)) {
        try {
            Method method = superclass.getMethod(beanMethod.getName(),
                    beanMethod.getParameterTypes());
            rolesAllowed = method.getAnnotation(RolesAllowed.class);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    if (rolesAllowed == null) {
        this.rolesAllowed = new String[0];
    } else {
        this.rolesAllowed = rolesAllowed.value();
    }
}
 
Example 2
Source File: RolesAllowedInterceptor.java    From jweb-cms with GNU Affero General Public License v3.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
    RolesAllowed rolesAllowed = resourceInfo.getResourceMethod().getDeclaredAnnotation(RolesAllowed.class);
    if (rolesAllowed == null || rolesAllowed.value().length == 0) {
        return;
    }
    SecurityContext securityContext = requestContext.getSecurityContext();
    for (String role : rolesAllowed.value()) {
        if (!securityContext.isUserInRole(role)) {
            throw new ForbiddenException("invalid permission");
        }
    }
}
 
Example 3
Source File: RolesAllowedAdminInterceptor.java    From jweb-cms with GNU Affero General Public License v3.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
    RolesAllowed rolesAllowed = resourceInfo.getResourceMethod().getDeclaredAnnotation(RolesAllowed.class);
    if (rolesAllowed == null || rolesAllowed.value().length == 0) {
        return;
    }
    SecurityContext securityContext = requestContext.getSecurityContext();
    for (String role : rolesAllowed.value()) {
        if (!securityContext.isUserInRole(role)) {
            throw new AdminForbiddenException("invalid permission");
        }
    }
}
 
Example 4
Source File: AccountServiceBeanPermissionTest.java    From development with Apache License 2.0 5 votes vote down vote up
private boolean isRoleAllowed(Method method, UserRoleType roleType) {
    RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
    if (rolesAllowed == null) {
        return true;
    }

    for (String role : rolesAllowed.value()) {
        if (role.equals(roleType.name())) {
            return true;
        }
    }

    return false;
}
 
Example 5
Source File: IdentityServiceBeanPermissionTest.java    From development with Apache License 2.0 5 votes vote down vote up
private boolean isRoleAllowed(Method method, UserRoleType roleType) {
    RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
    if (rolesAllowed == null) {
        return true;
    }

    for (String role : rolesAllowed.value()) {
        if (role.equals(roleType.name())) {
            return true;
        }
    }

    return false;
}
 
Example 6
Source File: SubscriptionServiceBeanPermissionTest.java    From development with Apache License 2.0 5 votes vote down vote up
private boolean isRoleAllowed(Method method, UserRoleType roleType) {
    RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
    if (rolesAllowed == null) {
        return true;
    }

    for (String role : rolesAllowed.value()) {
        if (role.equals(roleType.name())) {
            return true;
        }
    }

    return false;
}
 
Example 7
Source File: SessionServiceBeanPermissionTest.java    From development with Apache License 2.0 5 votes vote down vote up
private boolean isRoleAllowed(Method method, UserRoleType roleType) {
    RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
    if (rolesAllowed == null) {
        return true;
    }

    for (String role : rolesAllowed.value()) {
        if (role.equals(roleType.name())) {
            return true;
        }
    }

    return false;
}
 
Example 8
Source File: VaadinConnectAccessChecker.java    From flow with Apache License 2.0 5 votes vote down vote up
private boolean roleAllowed(RolesAllowed rolesAllowed,
        HttpServletRequest request) {
    if (rolesAllowed == null) {
        return true;
    }

    for (String role : rolesAllowed.value()) {
        if (request.isUserInRole(role)) {
            return true;
        }
    }

    return false;
}