databasedrivenmethoddefinitionsourcew.java

动态实现基于角色的权限管理Acegi+hibernate

package sample.auth;

import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

import org.acegisecurity.ConfigAttributeDefinition;
import org.acegisecurity.ConfigAttributeEditor;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.intercept.method.AbstractMethodDefinitionSource;
import org.springframework.util.Assert;

import sample.auth.cache.AuthorityBasedFunctionCache;
import sample.auth.cache.info.FunctionByNameCache;
import sample.dao.IBaseDao;
import sample.mappings.function.Function;
import sample.mappings.role.Role;

public class DatabaseDrivenMethodDefinitionSourcew extends
		AbstractMethodDefinitionSource {
	
	private IBaseDao baseDao;
	private AuthorityBasedFunctionCache cache;
	private FunctionByNameCache functionCache;

	public FunctionByNameCache getFunctionCache() {
		return functionCache;
	}

	public void setFunctionCache(FunctionByNameCache functionCache) {
		this.functionCache = functionCache;
	}

	protected ConfigAttributeDefinition lookupAttributes(Method mi) {
	
		Assert.notNull(mi,"lookupAttrubutes in the DatabaseDrivenMethodDefinitionSourcew is null");
		String secureObjectName=mi.getDeclaringClass().getName() +"."+ mi.getName();
		Function secureObject=functionCache.getFunctionByCache(secureObjectName);
		
		
		
		if(secureObject==null)//if secure object not exist in database
		{
			secureObject=(Function)baseDao.loadByKey(Function.class, "protectfunction", secureObjectName);
			functionCache.putFunctionInCache(secureObject);
		}
		    
		if(secureObject==null)
			Assert.notNull(secureObject,"secureObject(Function) not found in db");
		//retrieving roles associated with this secure object
		
		Collection roles = null;
		GrantedAuthority[] grantedAuthoritys = cache.getAuthorityFromCache(secureObject.getName());
		
		if(grantedAuthoritys == null){
			Set rolesSet = secureObject.getRoles();
			Iterator it = rolesSet.iterator();
			List list = new ArrayList();
			while(it.hasNext()){
				
				Role role = (Role)it.next();
				GrantedAuthority g = new  GrantedAuthorityImpl(role.getName());
				list.add(g);	
			}
			grantedAuthoritys = (GrantedAuthority[])list.toArray(new GrantedAuthority[0]);
			cache.putAuthorityInCache(secureObject.getName(),grantedAuthoritys);
			roles = Arrays.asList(grantedAuthoritys);
		}else{
			
			roles = Arrays.asList(grantedAuthoritys);
		}
		
		if(!roles.isEmpty()){
			ConfigAttributeEditor configAttrEditor=new ConfigAttributeEditor();
			StringBuffer rolesStr=new StringBuffer();
			for(Iterator it = roles.iterator();it.hasNext();){
				GrantedAuthority role=(GrantedAuthority)it.next();
				rolesStr.append(role.getAuthority()).append(",");
			}

			configAttrEditor.setAsText( rolesStr.toString().substring(0,rolesStr.length()-1) );
			ConfigAttributeDefinition configAttrDef=(ConfigAttributeDefinition)configAttrEditor.getValue();
			return configAttrDef;
		}

		Assert.notEmpty(roles,"collection of roles is null or empty");
		return null;
		

	}

	public Iterator getConfigAttributeDefinitions() {
		
		return null;
	}


	public IBaseDao getBaseDao() {
		return baseDao;
	}


	public void setBaseDao(IBaseDao baseDao) {
		this.baseDao = baseDao;
	}

	public AuthorityBasedFunctionCache getCache() {
		return cache;
	}

	public void setCache(AuthorityBasedFunctionCache cache) {
		this.cache = cache;
	}

	

}