下面列出了javax.servlet.annotation.ServletSecurity.EmptyRoleSemantic#PERMIT 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@RequestMapping ( value = "/{userId}/view", method = RequestMethod.GET )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView viewUser ( @PathVariable ( "userId" ) final String userId, final HttpServletRequest request )
{
final boolean you = isYou ( userId, request );
if ( !you && !request.isUserInRole ( "ADMIN" ) )
{
return CommonController.createAccessDenied ();
}
final DatabaseUserInformation user = this.storage.getUserDetails ( userId );
if ( user == null || user.getDetails ( DatabaseDetails.class ) == null )
{
return CommonController.createNotFound ( "user", userId );
}
final ModelAndView model = new ModelAndView ( "user/view" );
model.put ( "user", user );
model.put ( "you", you );
return model;
}
private static SecurityConstraint createConstraint(
HttpConstraintElement element, String urlPattern, boolean alwaysCreate) {
SecurityConstraint constraint = new SecurityConstraint();
SecurityCollection collection = new SecurityCollection();
boolean create = alwaysCreate;
if (element.getTransportGuarantee() !=
ServletSecurity.TransportGuarantee.NONE) {
constraint.setUserConstraint(element.getTransportGuarantee().name());
create = true;
}
if (element.getRolesAllowed().length > 0) {
String[] roles = element.getRolesAllowed();
for (String role : roles) {
constraint.addAuthRole(role);
}
create = true;
}
if (element.getEmptyRoleSemantic() != EmptyRoleSemantic.PERMIT) {
constraint.setAuthConstraint(true);
create = true;
}
if (create) {
collection.addPattern(urlPattern);
constraint.addCollection(collection);
return constraint;
}
return null;
}
/**
* Default constraint is permit with no transport guarantee.
*/
public HttpConstraintElement() {
// Default constructor
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
private static SecurityConstraint createConstraint(
HttpConstraintElement element, String urlPattern, boolean alwaysCreate) {
SecurityConstraint constraint = new SecurityConstraint();
SecurityCollection collection = new SecurityCollection();
boolean create = alwaysCreate;
if (element.getTransportGuarantee() !=
ServletSecurity.TransportGuarantee.NONE) {
constraint.setUserConstraint(element.getTransportGuarantee().name());
create = true;
}
if (element.getRolesAllowed().length > 0) {
String[] roles = element.getRolesAllowed();
for (String role : roles) {
constraint.addAuthRole(role);
}
create = true;
}
if (element.getEmptyRoleSemantic() != EmptyRoleSemantic.PERMIT) {
constraint.setAuthConstraint(true);
create = true;
}
if (create) {
collection.addPattern(urlPattern);
constraint.addCollection(collection);
return constraint;
}
return null;
}
/**
* Default constraint is permit with no transport guarantee.
*/
public HttpConstraintElement() {
// Default constructor
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
/**
* Convenience constructor to specify transport guarantee and/or roles.
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee,
String... rolesAllowed) {
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
private static SecurityConstraint createConstraint(
HttpConstraintElement element, String urlPattern, boolean alwaysCreate) {
SecurityConstraint constraint = new SecurityConstraint();
SecurityCollection collection = new SecurityCollection();
boolean create = alwaysCreate;
if (element.getTransportGuarantee() !=
ServletSecurity.TransportGuarantee.NONE) {
constraint.setUserConstraint(element.getTransportGuarantee().name());
create = true;
}
if (element.getRolesAllowed().length > 0) {
String[] roles = element.getRolesAllowed();
for (String role : roles) {
constraint.addAuthRole(role);
}
create = true;
}
if (element.getEmptyRoleSemantic() != EmptyRoleSemantic.PERMIT) {
constraint.setAuthConstraint(true);
create = true;
}
if (create) {
collection.addPattern(urlPattern);
constraint.addCollection(collection);
return constraint;
}
return null;
}
/**
* Default constraint is permit with no transport guarantee.
*/
public HttpConstraintElement() {
// Default constructor
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
/**
* Convenience constructor to specify transport guarantee and/or roles.
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee,
String... rolesAllowed) {
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
@RequestMapping ( "/{userId}/newPassword" )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView changePassword ( @PathVariable ( "userId" ) final String userId, final HttpServletRequest request )
{
final Map<String, Object> model = new HashMap<> ();
final boolean you = isYou ( userId, request );
if ( !you && !request.isUserInRole ( "ADMIN" ) )
{
return CommonController.createAccessDenied ();
}
final DatabaseUserInformation user = this.storage.getUserDetails ( userId );
if ( user == null )
{
return CommonController.createNotFound ( "user", userId );
}
final DatabaseDetails details = user.getDetails ( DatabaseDetails.class );
if ( details == null )
{
return CommonController.createNotFound ( "details", userId );
}
final NewPassword data = new NewPassword ();
data.setEmail ( details.getEmail () );
model.put ( "you", you );
model.put ( "command", data );
return new ModelAndView ( "user/newPassword", model );
}
@RequestMapping ( value = "/{userId}/newPassword", method = RequestMethod.POST )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView changePasswordPost ( @PathVariable ( "userId" ) final String userId, @Valid @FormData ( "command" ) final NewPassword data, final BindingResult result, final HttpServletRequest request )
{
final boolean you = isYou ( userId, request );
if ( !you && !request.isUserInRole ( "ADMIN" ) )
{
return CommonController.createAccessDenied ();
}
final Map<String, Object> model = new HashMap<> ();
model.put ( "you", you );
if ( result.hasErrors () )
{
model.put ( "command", data );
return new ModelAndView ( "user/newPassword", model );
}
try
{
if ( !you /* but we are ADMIN */ )
{
this.storage.updatePassword ( userId, null, data.getPassword () );
}
else
{
this.storage.updatePassword ( userId, data.getCurrentPassword (), data.getPassword () );
}
return new ModelAndView ( "redirect:/user/" + userId + "/view" );
}
catch ( final Exception e )
{
return CommonController.createError ( "Error", "Failed to change password", e );
}
}
/**
* Constructor.
*/
public HttpConstraintElement() {
this(EmptyRoleSemantic.PERMIT);
}
/**
* Constructs a default HTTP constraint element
*/
public HttpConstraintElement() {
this(EmptyRoleSemantic.PERMIT);
}
@RequestMapping ( value = "/channel/{channelId}/export", method = RequestMethod.GET )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView exportChannel ( @PathVariable ( "channelId" ) final String channelId, final HttpServletResponse response )
{
return performExport ( response, makeExportFileName ( channelId ), ( stream ) -> this.transferService.exportChannel ( channelId, stream ) );
}
@RequestMapping ( value = "/channel/export", method = RequestMethod.GET )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView exportAll ( final HttpServletResponse response )
{
return performExport ( response, makeExportFileName ( null ), this.transferService::exportAll );
}
/**
* Construct a constraint with a transport guarantee and roles.
*
* @param transportGuarantee The transport guarantee to apply to the newly
* created constraint
* @param rolesAllowed The roles to associate with the newly created
* constraint
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee,
String... rolesAllowed) {
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
/**
* Constructor.
*
* @param transportGuarantee the TransportGuarantee.
* @param rolesAllowed the roles allowed.
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee, String... rolesAllowed) {
this(EmptyRoleSemantic.PERMIT, transportGuarantee, rolesAllowed);
}
/**
* Constructor to establish non-empty getRolesAllowed and/or
* <tt>TransportGuarantee.CONFIDENTIAL</tt>.
*
* @param guarantee <tt>TransportGuarantee.NONE</tt> or
* <tt>TransportGuarantee.CONFIDENTIAL</tt>
* @param roleNames the names of the roles that are to be
* allowed access
*/
public HttpConstraintElement(TransportGuarantee guarantee,
String... roleNames) {
this(EmptyRoleSemantic.PERMIT, guarantee, roleNames);
}