001 /* 002 @license.text@ 003 */ 004 package biz.hammurapi.authorization; 005 006 import java.security.AccessControlException; 007 008 /** 009 * "Hub" class for authorization checks. 010 * @author Pavel Vlasov 011 * @revision $Revision$ 012 */ 013 public class AuthorizationManager { 014 015 public static boolean hasClassPermission(Class clazz, String action) { 016 AuthorizationProvider provider = (AuthorizationProvider) threadProvider.get(); 017 return provider==null ? true : provider.hasClassPermission(clazz, action); 018 } 019 020 public static void checkClassPermission(Class clazz, String action) throws AccessControlException { 021 AuthorizationProvider provider = (AuthorizationProvider) threadProvider.get(); 022 if (provider!=null) { 023 provider.checkClassPermission(clazz, action); 024 } 025 } 026 027 /** 028 * Authorization provider determines permission type from subject type 029 * @param instance 030 * @param action 031 * @return 032 */ 033 public static boolean hasObjectPermission(Object instance, String action) { 034 AuthorizationProvider provider = (AuthorizationProvider) threadProvider.get(); 035 return provider==null ? true : provider.hasInstancePermission(instance, action); 036 } 037 038 /** 039 * Authorization provider determines permission type from subject. 040 * @param instance 041 * @param action 042 * @return 043 */ 044 public static void checkInstancePermission(Object instance, String action) throws AccessControlException { 045 AuthorizationProvider provider = (AuthorizationProvider) threadProvider.get(); 046 if (provider!=null) { 047 provider.checkInstancePermission(instance, action); 048 } 049 } 050 051 /** 052 * Authorization provider determines permission type from className. 053 * This method is to be used from XSL stylesheets. 054 * @param subject 055 * @param action 056 * @return 057 */ 058 public static boolean hasClassPermission(String className, String action) { 059 AuthorizationProvider provider = (AuthorizationProvider) threadProvider.get(); 060 return provider==null ? true : provider.hasClassPermission(className, action); 061 } 062 063 064 private static InheritableThreadLocal threadProvider=new InheritableThreadLocal(); 065 066 public static void setThreadProvider(AuthorizationProvider provider) { 067 threadProvider.set(provider); 068 } 069 070 }