Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1
Coverage timestamp: Mon Dec 5 2005 09:05:15 EST
Overview   Package   File
    FRAMES   NO FRAMES  
file stats: LOC: 105   Methods: 3
NCLOC: 52   Classes: 1
 
 Source file Conditionals Statements Methods TOTAL
MethodInvocationPrivilegeEvaluator.java 33.3% 81% 100% 73.3%
coverage coverage
 1    /* Copyright 2004, 2005 Acegi Technology Pty Limited
 2    *
 3    * Licensed under the Apache License, Version 2.0 (the "License");
 4    * you may not use this file except in compliance with the License.
 5    * You may obtain a copy of the License at
 6    *
 7    * http://www.apache.org/licenses/LICENSE-2.0
 8    *
 9    * Unless required by applicable law or agreed to in writing, software
 10    * distributed under the License is distributed on an "AS IS" BASIS,
 11    * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12    * See the License for the specific language governing permissions and
 13    * limitations under the License.
 14    */
 15   
 16    package org.acegisecurity.intercept.method;
 17   
 18    import org.acegisecurity.AccessDeniedException;
 19    import org.acegisecurity.Authentication;
 20    import org.acegisecurity.ConfigAttributeDefinition;
 21   
 22    import org.acegisecurity.intercept.AbstractSecurityInterceptor;
 23   
 24    import org.aopalliance.intercept.MethodInvocation;
 25   
 26    import org.springframework.beans.factory.InitializingBean;
 27   
 28    import org.springframework.util.Assert;
 29   
 30   
 31    /**
 32    * Allows users to determine whether they have "before invocation" privileges
 33    * for a given method invocation.
 34    *
 35    * <p>
 36    * Of course, if an {@link org.acegisecurity.AfterInvocationManager} is used to
 37    * authorize the <em>result</em> of a method invocation, this class cannot
 38    * assist determine whether or not the <code>AfterInvocationManager</code>
 39    * will enable access. Instead this class aims to allow applications to
 40    * determine whether or not the current principal would be allowed to at least
 41    * attempt to invoke the method, irrespective of the "after" invocation
 42    * handling.
 43    * </p>
 44    *
 45    * @author Ben Alex
 46    * @version $Id: MethodInvocationPrivilegeEvaluator.java,v 1.2 2005/11/25 04:56:01 benalex Exp $
 47    */
 48    public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
 49    //~ Instance fields ========================================================
 50   
 51    private AbstractSecurityInterceptor securityInterceptor;
 52   
 53    //~ Methods ================================================================
 54   
 55  2 public boolean isAllowed(MethodInvocation mi, Authentication authentication) {
 56  2 Assert.notNull(authentication, "Authentication required");
 57  2 Assert.notNull(authentication.getAuthorities(),
 58    "Authentication must provided non-null GrantedAuthority[]s");
 59  2 Assert.notNull(mi, "MethodInvocation required");
 60  2 Assert.notNull(mi.getMethod(),
 61    "MethodInvocation must provide a non-null getMethod()");
 62   
 63  2 ConfigAttributeDefinition attrs = securityInterceptor.obtainObjectDefinitionSource()
 64    .getAttributes(mi);
 65   
 66  2 if (attrs == null) {
 67  0 if (securityInterceptor.isRejectPublicInvocations()) {
 68  0 return false;
 69    }
 70   
 71  0 return true;
 72    }
 73   
 74  2 if (authentication == null) {
 75  0 return false;
 76    }
 77   
 78  2 try {
 79  2 securityInterceptor.getAccessDecisionManager().decide(authentication,
 80    mi, attrs);
 81    } catch (AccessDeniedException unauthorized) {
 82  1 unauthorized.printStackTrace();
 83   
 84  1 return false;
 85    }
 86   
 87  1 return true;
 88    }
 89   
 90  2 public void setSecurityInterceptor(
 91    AbstractSecurityInterceptor securityInterceptor) {
 92  2 Assert.notNull(securityInterceptor,
 93    "AbstractSecurityInterceptor cannot be null");
 94  2 Assert.isTrue(MethodInvocation.class.equals(
 95    securityInterceptor.getSecureObjectClass()),
 96    "AbstractSecurityInterceptor does not support MethodInvocations");
 97  2 Assert.notNull(securityInterceptor.getAccessDecisionManager(),
 98    "AbstractSecurityInterceptor must provide a non-null AccessDecisionManager");
 99  2 this.securityInterceptor = securityInterceptor;
 100    }
 101   
 102  2 public void afterPropertiesSet() throws Exception {
 103  2 Assert.notNull(securityInterceptor, "SecurityInterceptor required");
 104    }
 105    }
 
CloverReport generated by Clover v1.3.3_01
Mon Dec 5 2005 09:05:16 EST.		   Open Source License registered to the Acegi Security System for Spring Project. This license of Clover is provided to support the development of Acegi Security System for Spring only.