Index: topia-service/src/java/org/codelutin/topia/taas/event/TaasEntityVetoable.java diff -u topia-service/src/java/org/codelutin/topia/taas/event/TaasEntityVetoable.java:1.2 topia-service/src/java/org/codelutin/topia/taas/event/TaasEntityVetoable.java:1.3 --- topia-service/src/java/org/codelutin/topia/taas/event/TaasEntityVetoable.java:1.2 Thu Nov 29 16:16:06 2007 +++ topia-service/src/java/org/codelutin/topia/taas/event/TaasEntityVetoable.java Tue Dec 4 16:42:50 2007 @@ -24,9 +24,9 @@ * Created: 10 févr. 2006 * * @author Arnaud Thimel -* @version $Revision: 1.2 $ +* @version $Revision: 1.3 $ * -* Mise a jour: $Date: 2007-11-29 16:16:06 $ +* Mise a jour: $Date: 2007-12-04 16:42:50 $ * par : $Author: ruchaud $ */ @@ -46,12 +46,17 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.codelutin.topia.TopiaContext; +import org.codelutin.topia.TopiaException; import org.codelutin.topia.TopiaNotFoundException; import org.codelutin.topia.event.TopiaEntityEvent; import org.codelutin.topia.event.TopiaEntityVetoable; +import org.codelutin.topia.framework.TopiaContextImplementor; +import org.codelutin.topia.persistence.TopiaDAO; import org.codelutin.topia.persistence.TopiaEntity; import org.codelutin.topia.persistence.TopiaId; import org.codelutin.topia.security.util.TopiaSecurityUtil; +import org.codelutin.topia.taas.TaasService; import org.codelutin.topia.taas.entities.TaasAuthorization; import org.codelutin.topia.taas.entities.TaasAuthorizationImpl; import org.codelutin.topia.taas.jaas.TaasPermission; @@ -65,6 +70,15 @@ private static Log log = LogFactory.getLog(TaasEntityVetoable.class); + protected TaasService taasService; + + /** + * Contructeur par defaut + */ + public TaasEntityVetoable(TaasService taasService) { + this.taasService = taasService; + } + /* (non-Javadoc) * @see org.codelutin.topia.event.TopiaVetoableEntityListener#createEntity(org.codelutin.topia.event.TopiaVetoableEntityEvent) */ @@ -110,6 +124,13 @@ * @see org.codelutin.topia.event.TopiaVetoableEntityListener#updateEntity(org.codelutin.topia.event.TopiaVetoableEntityEvent) */ public void update(TopiaEntityEvent event) { + TopiaEntity entity = event.getEntity(); + String topiaId = entity.getTopiaId(); + + if (log.isDebugEnabled()) { + log.debug("[Security] load entity : " + topiaId); + } + checkPermission(entity, UPDATE); } /* (non-Javadoc) @@ -122,10 +143,7 @@ try { klass = TopiaId.getClassName(topiaId); } catch (TopiaNotFoundException e) { - if(log.isWarnEnabled()) { - log.warn("", e); - } - return; + throw new SecurityException("Invalid topiaId", e); } // Actions @@ -135,11 +153,21 @@ } // Permissions - List permissions = new ArrayList(); - if(TopiaSecurityUtil.isImplement(klass, TaasOwnSecurity.class)) { - TaasOwnSecurity ownSecurity = (TaasOwnSecurity) entity; - permissions = ownSecurity.getRequestPermissions(); - } else { + List permissions = null; + try { + TopiaContext rootContext = taasService.getRootContext(); + TopiaContextImplementor transaction = (TopiaContextImplementor) rootContext.beginTransaction(); + + TopiaDAO dao = transaction.getDAO(klass); + permissions = dao.getRequestPermission(topiaId, actions); + + transaction.closeContext(); + } catch (TopiaException e) { + throw new SecurityException("Error in getRequestPermission", e); + } + + if(permissions == null) { + permissions = new ArrayList(); TaasAuthorization authorization = new TaasAuthorizationImpl(topiaId, actions); permissions.add(new TaasPermission(authorization)); }