/* * Copyright 2013 Brian Rosenberger (Brutex Network) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package net.brutex.xservices.security; import net.brutex.xservices.ws.XmlService; import net.brutex.xservices.ws.rs.FileInfo; import org.apache.log4j.Logger; import org.apache.shiro.authz.Permission; import org.apache.shiro.authz.permission.InvalidPermissionStringException; /** * @author Brian Rosenberger, bru(at)brutex.de * */ public class PermissionResolver implements org.apache.shiro.authz.permission.PermissionResolver { final Logger logger = Logger.getLogger(PermissionResolver.class); private final String DELIMITER = "||"; @Override public Permission resolvePermission(String permissionString) { logger.debug(String.format("Trying to examine new Permission '%s'", permissionString)); if(! permissionString.contains(DELIMITER)) { logger.error(String.format("Permission '%s' is missing permission class.", permissionString)); throw new InvalidPermissionStringException(String.format("Permission '%s' is missing permission class.", permissionString), permissionString); } int delimiterIndex = permissionString.indexOf(DELIMITER); String value = permissionString.substring(0, delimiterIndex); delimiterIndex = delimiterIndex + DELIMITER.length(); switch (value) { case XmlService.SERVICE_NAME: logger.debug(String.format("Found '%s' as permission class.", value)); return new XmlServicePermission(permissionString.substring( delimiterIndex )); case FileInfo.SERVICE_NAME: logger.debug(String.format("Found '%s' as permission class.", value)); return new DirectoryPermission(permissionString.substring( delimiterIndex )); default: logger.warn(String.format("Permission class '%s' is not defined.", value)); throw new InvalidPermissionStringException(String.format("Permission class '%s' is not defined.", value), permissionString); } } }