org.jboss.seam.security.permission
Class JpaPermissionStore

java.lang.Object
  org.jboss.seam.security.permission.JpaPermissionStore

All Implemented Interfaces:

Serializable, PermissionStore

@ApplicationScoped
public class JpaPermissionStore
extends Object
implements PermissionStore, Serializable

A permission store implementation that uses JPA as its persistence mechanism.

Author:

Shane Bryzak

See Also:

Serialized Form

Constructor Summary

JpaPermissionStore()

Method Summary

void	clearPermissions(Object resource)
protected Query	createPermissionQuery(Object target, Set<?> targets, org.picketlink.idm.spi.model.IdentityObject identity) Creates a Query that returns a list of permission records for the specified parameters.
Class<?>	getIdentityPermissionClass()
boolean	grantPermission(Permission permission)
boolean	grantPermissions(List<Permission> permissions)
void	init()
protected void	initProperties()
boolean	isEnabled()
List<String>	listAvailableActions(Object target)
List<Permission>	listPermissions(Object target)
protected List<Permission>	listPermissions(Object resource, Set<Object> targets, String action)
List<Permission>	listPermissions(Object target, String action) Returns a list of all user and role permissions for a specific permission target and action.
List<Permission>	listPermissions(Set<Object> targets, String action) Returns a list of all user and role permissions for the specified action for all specified target objects
protected Object	resolveIdentityEntity(org.picketlink.idm.spi.model.IdentityObject identity)
boolean	revokePermission(Permission permission)
boolean	revokePermissions(List<Permission> permissions)
void	setIdentityPermissionClass(Class<?> identityPermissionClass)
protected boolean	updatePermissionActions(Object resource, org.picketlink.idm.spi.model.IdentityObject identity, String[] actions, boolean set) This is where the bulk of the actual work happens.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JpaPermissionStore

public JpaPermissionStore()

Method Detail

init

@Inject
public void init()

initProperties

protected void initProperties()

createPermissionQuery

protected Query createPermissionQuery(Object target,
                                      Set<?> targets,
                                      org.picketlink.idm.spi.model.IdentityObject identity)

Creates a Query that returns a list of permission records for the specified parameters.

Parameters:

target - The target of the permission, may be null

targets - A set of permission targets, may be null

recipient - The permission recipient, may be null

discrimination - A discrimination (either user, role or both), required

Returns:

Query The query generated for the provided parameters

grantPermission

public boolean grantPermission(Permission permission)

Specified by:

grantPermission in interface PermissionStore

revokePermission

public boolean revokePermission(Permission permission)

Specified by:

revokePermission in interface PermissionStore

updatePermissionActions

protected boolean updatePermissionActions(Object resource,
                                          org.picketlink.idm.spi.model.IdentityObject identity,
                                          String[] actions,
                                          boolean set)

This is where the bulk of the actual work happens.

Parameters:

target - The target object to update permissions for

recipient - The recipient to update permissions for

actions - The actions that will be updated

set - true if the specified actions are to be granted, false if they are to be revoked

Returns:

true if the operation is successful

grantPermissions

public boolean grantPermissions(List<Permission> permissions)

Specified by:

grantPermissions in interface PermissionStore

revokePermissions

public boolean revokePermissions(List<Permission> permissions)

Specified by:

revokePermissions in interface PermissionStore

resolveIdentityEntity

protected Object resolveIdentityEntity(org.picketlink.idm.spi.model.IdentityObject identity)

Parameters:

recipient -

Returns:

The entity or name representing the permission recipient

listPermissions

public List<Permission> listPermissions(Set<Object> targets,
                                        String action)

Returns a list of all user and role permissions for the specified action for all specified target objects

Specified by:

listPermissions in interface PermissionStore

listPermissions

public List<Permission> listPermissions(Object target,
                                        String action)

Returns a list of all user and role permissions for a specific permission target and action.

Specified by:

listPermissions in interface PermissionStore

listPermissions

protected List<Permission> listPermissions(Object resource,
                                           Set<Object> targets,
                                           String action)

listPermissions

public List<Permission> listPermissions(Object target)

Specified by:

listPermissions in interface PermissionStore

listAvailableActions

public List<String> listAvailableActions(Object target)

Specified by:

listAvailableActions in interface PermissionStore

getIdentityPermissionClass

public Class<?> getIdentityPermissionClass()

setIdentityPermissionClass

public void setIdentityPermissionClass(Class<?> identityPermissionClass)

clearPermissions

public void clearPermissions(Object resource)

Specified by:

clearPermissions in interface PermissionStore

isEnabled

public boolean isEnabled()

Specified by:

isEnabled in interface PermissionStore