001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.apache.shiro.authz.aop;
020    
021    import org.apache.shiro.aop.AnnotationResolver;
022    
023    /**
024     * Checks to see if a @{@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotation is declared, and if so, performs
025     * a permission check to see if the calling <code>Subject</code> is allowed to call the method.
026     * @since 0.9
027     */
028    public class PermissionAnnotationMethodInterceptor extends AuthorizingAnnotationMethodInterceptor {
029    
030        /*
031         * The character to look for that closes a permission definition.
032         **/
033        //private static final char ARRAY_CLOSE_CHAR = ']';
034    
035        /**
036         * Default no-argument constructor that ensures this interceptor looks for
037         * {@link org.apache.shiro.authz.annotation.RequiresPermissions RequiresPermissions} annotations in a method declaration.
038         */
039        public PermissionAnnotationMethodInterceptor() {
040            super( new PermissionAnnotationHandler() );
041        }
042    
043        /**
044         * @param resolver
045         * @since 1.1
046         */
047        public PermissionAnnotationMethodInterceptor(AnnotationResolver resolver) {
048            super( new PermissionAnnotationHandler(), resolver);
049        }
050    
051        /*
052         * Infers the permission from the specified name path in the annotation.
053         * @param methodArgs the <code>MethodInvocation</code> method arguments.
054         * @param namePath the Annotation 'name' value, which is a string-based permission definition.
055         * @return the String permission representation.
056         * @throws Exception if there is an error infering the target.
057         *
058        protected String inferTargetFromPath(Object[] methodArgs, String namePath) throws Exception {
059            int propertyStartIndex = -1;
060    
061            char[] chars = namePath.toCharArray();
062            StringBuilder buf = new StringBuilder();
063            //init iteration at index 1 (instead of 0).  This is because the first
064            //character must be the ARRAY_OPEN_CHAR (eliminates unnecessary iteration)
065            for (int i = 1; i < chars.length; i++) {
066                if (chars[i] == ARRAY_CLOSE_CHAR) {
067                    // skip the delimiting period after the ARRAY_CLOSE_CHAR.  The resulting
068                    // index is the init of the property path that we'll use with
069                    // BeanUtils.getProperty:
070                    propertyStartIndex = i + 2;
071                    break;
072                } else {
073                    buf.append(chars[i]);
074                }
075            }
076    
077            Integer methodArgIndex = Integer.parseInt(buf.toString());
078            String beanUtilsPath = new String(chars, propertyStartIndex,
079                    chars.length - propertyStartIndex);
080            Object targetValue = PropertyUtils.getProperty(methodArgs[methodArgIndex], beanUtilsPath);
081            return targetValue.toString();
082        }
083    
084        /*
085         * Returns the <code>MethodInvocation</code>'s arguments, or <code>null</code> if there were none.
086         * @param invocation the methodInvocation to inspect.
087         * @return the method invocation's method arguments, or <code>null</code> if there were none.
088         *
089        protected Object[] getMethodArguments(MethodInvocation invocation) {
090            if (invocation != null) {
091                return invocation.getArguments();
092            } else {
093                return null;
094            }
095        }
096    
097        /*
098         * Returns the annotation {@link RequiresPermissions#value value}, from which the Permission will be constructed.
099         *
100         * @param invocation the method being invoked.
101         * @return the method annotation's <code>value</code>, from which the Permission will be constructed.
102         *
103        protected String getAnnotationValue(MethodInvocation invocation) {
104            RequiresPermissions prAnnotation = (RequiresPermissions) getAnnotation(invocation);
105            return prAnnotation.value();
106        } */
107    }