Acegi Security System for Spring

Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1

Coverage timestamp: Mon Dec 5 2005 09:05:15 EST

FRAMES NO FRAMES

file stats:	LOC:	144		Methods:	5
	NCLOC:	69		Classes:	1

Source file

Conditionals

Statements

Methods

TOTAL

AuthenticatedVoter.java

88.9%

95.7%

100%

93.5%

1		/* Copyright 2004, 2005 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.vote;
17
18		import org.acegisecurity.Authentication;
19		import org.acegisecurity.AuthenticationTrustResolver;
20		import org.acegisecurity.AuthenticationTrustResolverImpl;
21		import org.acegisecurity.ConfigAttribute;
22		import org.acegisecurity.ConfigAttributeDefinition;
23
24		import org.springframework.util.Assert;
25
26		import java.util.Iterator;
27
28
29		/**
30		* <p>
31		* Votes if a {@link ConfigAttribute#getAttribute()} of
32		* <code>IS_AUTHENTICATED_FULLY</code> or
33		* <code>IS_AUTHENTICATED_REMEMBERED</code> or
34		* <code>IS_AUTHENTICATED_ANONYMOUSLY</code> is present. This list is in order
35		* of most strict checking to least strict checking.
36		* </p>
37		*
38		* <p>
39		* The current <code>Authentication</code> will be inspected to determine if
40		* the principal has a particular level of authentication. The "FULLY"
41		* authenticated option means the user is authenticated fully (ie {@link
42		* org.acegisecurity.AuthenticationTrustResolver#isAnonymous(Authentication)}
43		* is false and {@link
44		* org.acegisecurity.AuthenticationTrustResolver#isRememberMe(Authentication)}
45		* is false. The "REMEMBERED" will grant access if the principal was either
46		* authenticated via remember-me OR is fully authenticated. The "ANONYMOUSLY"
47		* will grant access if the principal was authenticated via remember-me, OR
48		* anonymously, OR via full authentication.
49		* </p>
50		*
51		* <p>
52		* All comparisons and prefixes are case sensitive.
53		* </p>
54		*
55		* @author Ben Alex
56		* @version $Id: AuthenticatedVoter.java,v 1.2 2005/11/17 00:55:47 benalex Exp $
57		*/
58		public class AuthenticatedVoter implements AccessDecisionVoter {
59		//~ Static fields/initializers =============================================
60
61		public static final String IS_AUTHENTICATED_FULLY = "IS_AUTHENTICATED_FULLY";
62		public static final String IS_AUTHENTICATED_REMEMBERED = "IS_AUTHENTICATED_REMEMBERED";
63		public static final String IS_AUTHENTICATED_ANONYMOUSLY = "IS_AUTHENTICATED_ANONYMOUSLY";
64
65		//~ Instance fields ========================================================
66
67		private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
68
69		//~ Methods ================================================================
70
71	1	public void setAuthenticationTrustResolver(
72		AuthenticationTrustResolver authenticationTrustResolver) {
73	1	Assert.notNull(authenticationTrustResolver,
74		"AuthenticationTrustResolver cannot be set to null");
75	0	this.authenticationTrustResolver = authenticationTrustResolver;
76		}
77
78	13	public boolean supports(ConfigAttribute attribute) {
79	13	if ((attribute.getAttribute() != null)
80		&& (IS_AUTHENTICATED_FULLY.equals(attribute.getAttribute())
81		\|\| IS_AUTHENTICATED_REMEMBERED.equals(attribute.getAttribute())
82		\|\| IS_AUTHENTICATED_ANONYMOUSLY.equals(attribute.getAttribute()))) {
83	12	return true;
84		} else {
85	1	return false;
86		}
87		}
88
89		/**
90		* This implementation supports any type of class, because it does not
91		* query the presented secure object.
92		*
93		* @param clazz the secure object
94		*
95		* @return always <code>true</code>
96		*/
97	1	public boolean supports(Class clazz) {
98	1	return true;
99		}
100
101	9	public int vote(Authentication authentication, Object object,
102		ConfigAttributeDefinition config) {
103	9	int result = ACCESS_ABSTAIN;
104	9	Iterator iter = config.getConfigAttributes();
105
106	9	while (iter.hasNext()) {
107	9	ConfigAttribute attribute = (ConfigAttribute) iter.next();
108
109	9	if (this.supports(attribute)) {
110	9	result = ACCESS_DENIED;
111
112	9	if (IS_AUTHENTICATED_FULLY.equals(attribute.getAttribute())) {
113	3	if (isFullyAuthenticated(authentication)) {
114	1	return ACCESS_GRANTED;
115		}
116		}
117
118	8	if (IS_AUTHENTICATED_REMEMBERED.equals(attribute.getAttribute())) {
119	3	if (authenticationTrustResolver.isRememberMe(authentication)
120		\|\| isFullyAuthenticated(authentication)) {
121	2	return ACCESS_GRANTED;
122		}
123		}
124
125	6	if (IS_AUTHENTICATED_ANONYMOUSLY.equals(
126		attribute.getAttribute())) {
127	3	if (authenticationTrustResolver.isAnonymous(authentication)
128		\|\| isFullyAuthenticated(authentication)
129		\|\| authenticationTrustResolver.isRememberMe(
130		authentication)) {
131	3	return ACCESS_GRANTED;
132		}
133		}
134		}
135		}
136
137	3	return result;
138		}
139
140	7	private boolean isFullyAuthenticated(Authentication authentication) {
141	7	return (!authenticationTrustResolver.isAnonymous(authentication)
142		&& !authenticationTrustResolver.isRememberMe(authentication));
143		}
144		}