├── grant
    ├── src
    │   ├── test
    │   │   ├── resources
    │   │   │   └── application.yml
    │   │   └── java
    │   │   │   └── com
    │   │   │       └── github
    │   │   │           └── lothar
    │   │   │               └── security
    │   │   │                   └── acl
    │   │   │                       └── grant
    │   │   │                           ├── domain
    │   │   │                               ├── NoAclObject.java
    │   │   │                               ├── NoStrategyObject.java
    │   │   │                               ├── DeniedToAllObject.java
    │   │   │                               ├── AllowedToAllObject.java
    │   │   │                               ├── UnknownStrategyObject.java
    │   │   │                               └── WithoutHandlerObject.java
    │   │   │                           ├── GrantEvaluatorTestConfiguration.java
    │   │   │                           └── config
    │   │   │                               └── GrantEvaluatorAclConfigurationTest.java
    │   └── main
    │   │   ├── resources
    │   │       └── META-INF
    │   │       │   └── spring.factories
    │   │   └── java
    │   │       └── com
    │   │           └── github
    │   │               └── lothar
    │   │                   └── security
    │   │                       └── acl
    │   │                           └── grant
    │   │                               ├── GrantEvaluatorFeature.java
    │   │                               ├── GrantEvaluator.java
    │   │                               ├── evaluators
    │   │                                   ├── AllowAllGrantEvaluator.java
    │   │                                   └── DenyAllGrantEvaluator.java
    │   │                               ├── TypedGrantEvaluator.java
    │   │                               ├── compound
    │   │                                   └── GrantEvaluatorComposer.java
    │   │                               └── config
    │   │                                   └── GrantEvaluatorAclConfiguration.java
    └── pom.xml
├── .mvn
    └── wrapper
    │   ├── maven-wrapper.jar
    │   └── maven-wrapper.properties
├── core
    ├── src
    │   ├── test
    │   │   ├── resources
    │   │   │   └── application.yml
    │   │   └── java
    │   │   │   └── com
    │   │   │       └── github
    │   │   │           └── lothar
    │   │   │               └── security
    │   │   │                   └── acl
    │   │   │                       ├── domain
    │   │   │                           ├── NoAclObject.java
    │   │   │                           ├── NoStrategyObject.java
    │   │   │                           ├── DeniedToAllObject.java
    │   │   │                           ├── AllowedToAllObject.java
    │   │   │                           └── UnknownStrategyObject.java
    │   │   │                       ├── StringTesterFeature.java
    │   │   │                       ├── config
    │   │   │                           ├── DenyAllDefaultConfiguration.java
    │   │   │                           ├── AclConfigurationTest.java
    │   │   │                           └── DefaultStrategyOverrideTest.java
    │   │   │                       ├── StringTesterComposer.java
    │   │   │                       ├── AclTestConfiguration.java
    │   │   │                       ├── activation
    │   │   │                           ├── test
    │   │   │                           │   ├── WithoutAclTestExecutionListenerTest.java
    │   │   │                           │   └── AclTestExecutionListenerTest.java
    │   │   │                           └── web
    │   │   │                           │   └── AclActivatorFilterTest.java
    │   │   │                       └── compound
    │   │   │                           └── AclStrategyComposerTest.java
    │   └── main
    │   │   └── java
    │   │       └── com
    │   │           └── github
    │   │               └── lothar
    │   │                   └── security
    │   │                       └── acl
    │   │                           ├── AclFeature.java
    │   │                           ├── AclStrategy.java
    │   │                           ├── AclStrategyProvider.java
    │   │                           ├── compound
    │   │                               ├── AclComposer.java
    │   │                               ├── Operator.java
    │   │                               ├── AclStrategyComposerProvider.java
    │   │                               ├── AbstractCompound.java
    │   │                               ├── AclComposersRegistry.java
    │   │                               └── AclStrategyComposer.java
    │   │                           ├── activation
    │   │                               ├── AclStatus.java
    │   │                               ├── AclActivationUtils.java
    │   │                               ├── AclSecurityActivator.java
    │   │                               ├── web
    │   │                               │   └── AclActivatorFilter.java
    │   │                               └── test
    │   │                               │   └── AclTestExecutionListener.java
    │   │                           ├── Acl.java
    │   │                           ├── named
    │   │                               └── NamedBean.java
    │   │                           ├── config
    │   │                               └── AclProperties.java
    │   │                           └── SimpleAclStrategy.java
    └── pom.xml
├── jpa
    ├── src
    │   ├── main
    │   │   ├── resources
    │   │   │   └── META-INF
    │   │   │   │   └── spring.factories
    │   │   └── java
    │   │   │   └── com
    │   │   │       └── github
    │   │   │           └── lothar
    │   │   │               └── security
    │   │   │                   └── acl
    │   │   │                       └── jpa
    │   │   │                           ├── JpaSpecFeature.java
    │   │   │                           ├── annotation
    │   │   │                               └── NoAcl.java
    │   │   │                           ├── spec
    │   │   │                               ├── AllowAllSpecification.java
    │   │   │                               ├── DenyAllSpecification.java
    │   │   │                               ├── BiFunctionSpecification.java
    │   │   │                               └── AclJpaSpecifications.java
    │   │   │                           ├── compound
    │   │   │                               └── JpaSpecComposer.java
    │   │   │                           ├── query
    │   │   │                               └── AclPredicateTargetSource.java
    │   │   │                           ├── JpaSpecProvider.java
    │   │   │                           └── config
    │   │   │                               └── JpaSpecAclConfiguration.java
    │   └── test
    │   │   ├── resources
    │   │       └── application.yml
    │   │   └── java
    │   │       └── com
    │   │           └── github
    │   │               └── lothar
    │   │                   └── security
    │   │                       └── acl
    │   │                           └── jpa
    │   │                               ├── domain
    │   │                                   ├── NoAclObject.java
    │   │                                   ├── AllowedToAllObject.java
    │   │                                   ├── NoStrategyObject.java
    │   │                                   ├── DeniedToAllObject.java
    │   │                                   ├── UnknownStrategyObject.java
    │   │                                   ├── WithoutHandlerObject.java
    │   │                                   └── Customer.java
    │   │                               ├── repository
    │   │                                   ├── NoAclRepository.java
    │   │                                   ├── NoStrategyRepository.java
    │   │                                   ├── AllowedToAllRepository.java
    │   │                                   ├── DeniedToAllRepository.java
    │   │                                   ├── WithoutHandlerRepository.java
    │   │                                   ├── UnknownStrategyRepository.java
    │   │                                   ├── CustomerRepository.java
    │   │                                   └── AclJpaRepositoryFactoryBeanTest.java
    │   │                               ├── multithread
    │   │                                   ├── Session.java
    │   │                                   ├── CurrentUserLastNameSpec.java
    │   │                                   ├── TestDataPreparer.java
    │   │                                   └── MultithreadTestConfiguration.java
    │   │                               ├── spec
    │   │                                   └── CustomerSpecification.java
    │   │                               ├── config
    │   │                                   └── JpaSpecAclConfigurationTest.java
    │   │                               ├── JpaSpecTestConfiguration.java
    │   │                               └── JpaSpecProviderTest.java
    └── pom.xml
├── elasticsearch
    ├── src
    │   ├── main
    │   │   ├── resources
    │   │   │   └── META-INF
    │   │   │   │   └── spring.factories
    │   │   └── java
    │   │   │   └── com
    │   │   │       └── github
    │   │   │           └── lothar
    │   │   │               └── security
    │   │   │                   └── acl
    │   │   │                       └── elasticsearch
    │   │   │                           ├── ElasticSearchFeature.java
    │   │   │                           ├── compound
    │   │   │                               └── FilterBuilderComposer.java
    │   │   │                           ├── AclFilterProvider.java
    │   │   │                           └── config
    │   │   │                               └── ElasticSearchAclConfiguration.java
    │   └── test
    │   │   ├── resources
    │   │       └── application.yml
    │   │   └── java
    │   │       └── com
    │   │           └── github
    │   │               └── lothar
    │   │                   └── security
    │   │                       └── acl
    │   │                           └── elasticsearch
    │   │                               ├── repository
    │   │                                   ├── CustomerRepository.java
    │   │                                   ├── NoAclRepository.java
    │   │                                   ├── DeniedToAllRepository.java
    │   │                                   ├── NoStrategyRepository.java
    │   │                                   ├── AllowedToAllRepository.java
    │   │                                   ├── UnknownStrategyRepository.java
    │   │                                   ├── WithoutHandlerRepository.java
    │   │                                   └── AclElasticsearchRepositoryFactoryBeanTest.java
    │   │                               ├── domain
    │   │                                   ├── NoAclObject.java
    │   │                                   ├── AllowedToAllObject.java
    │   │                                   ├── NoStrategyObject.java
    │   │                                   ├── DeniedToAllObject.java
    │   │                                   ├── UnknownStrategyObject.java
    │   │                                   ├── WithoutHandlerObject.java
    │   │                                   └── Customer.java
    │   │                               ├── config
    │   │                                   └── ElasticSearchAclConfigurationTest.java
    │   │                               └── ElasticSearchTestConfiguration.java
    └── pom.xml
├── .travis.yml
├── .gitignore
└── sample
    ├── src
        ├── main
        │   ├── resources
        │   │   └── application.yml
        │   └── java
        │   │   └── com
        │   │       └── github
        │   │           └── lothar
        │   │               └── security
        │   │                   └── acl
        │   │                       └── sample
        │   │                           ├── grant
        │   │                               ├── Permission.java
        │   │                               ├── AbstractGrantEvaluator.java
        │   │                               ├── CustomerService.java
        │   │                               └── CustomerGrantEvaluator.java
        │   │                           ├── elasticsearch
        │   │                               └── CustomerSearchRepository.java
        │   │                           ├── jpa
        │   │                               └── CustomerRepository.java
        │   │                           └── domain
        │   │                               └── Customer.java
        └── test
        │   └── java
        │       └── com
        │           └── github
        │               └── lothar
        │                   └── security
        │                       └── acl
        │                           └── sample
        │                               ├── SampleApplicationTests.java
        │                               ├── grant
        │                                   └── CustomerServiceTest.java
        │                               ├── elasticsearch
        │                                   └── CustomerSearchRepositoryTest.java
        │                               └── jpa
        │                                   └── CustomerRepositoryTest.java
    └── pom.xml


/grant/src/test/resources/application.yml:
--------------------------------------------------------------------------------
1 | logging:
2 |     level:
3 |         com.github.lothar.security.acl: debug


--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lordlothar99/strategy-spring-security-acl/HEAD/.mvn/wrapper/maven-wrapper.jar


--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.properties:
--------------------------------------------------------------------------------
1 | distributionUrl=https://repo1.maven.org/maven2/org/apache/maven/apache-maven/3.3.9/apache-maven-3.3.9-bin.zip


--------------------------------------------------------------------------------
/core/src/test/resources/application.yml:
--------------------------------------------------------------------------------
1 | logging:
2 |     level:
3 |         com.github.lothar.security.acl: debug
4 | strategy-security-acl:
5 |     disabled: false


--------------------------------------------------------------------------------
/jpa/src/main/resources/META-INF/spring.factories:
--------------------------------------------------------------------------------
1 | org.springframework.boot.autoconfigure.EnableAutoConfiguration=com.github.lothar.security.acl.jpa.config.JpaSpecAclConfiguration


--------------------------------------------------------------------------------
/grant/src/main/resources/META-INF/spring.factories:
--------------------------------------------------------------------------------
1 | org.springframework.boot.autoconfigure.EnableAutoConfiguration=com.github.lothar.security.acl.grant.config.GrantEvaluatorAclConfiguration


--------------------------------------------------------------------------------
/elasticsearch/src/main/resources/META-INF/spring.factories:
--------------------------------------------------------------------------------
1 | org.springframework.boot.autoconfigure.EnableAutoConfiguration=com.github.lothar.security.acl.elasticsearch.config.ElasticSearchAclConfiguration


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | language: java
 3 | jdk:
 4 |   - oraclejdk8
 5 | 
 6 | script: mvn verify
 7 | 
 8 | after_success: mvn coveralls:report -Dcoveralls.repoToken=$COVERALLS_REPO_TOKEN
 9 | 
10 | sudo: false
11 | 
12 | notifications:
13 |   slack:
14 |     on_success: never


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *.class
 2 | 
 3 | # Mobile Tools for Java (J2ME)
 4 | .mtj.tmp/
 5 | 
 6 | # Package Files #
 7 | *.war
 8 | *.ear
 9 | 
10 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
11 | hs_err_pid*
12 | target/
13 | 
14 | # eclipse stuff
15 | .settings/
16 | .project
17 | .classpath


--------------------------------------------------------------------------------
/elasticsearch/src/test/resources/application.yml:
--------------------------------------------------------------------------------
 1 | spring:
 2 |     data:
 3 |         elasticsearch:
 4 |             cluster-name:
 5 |             cluster-nodes:
 6 |             properties:
 7 |                 path:
 8 |                     logs: target/elasticsearch/log
 9 |                     data: target/elasticsearch/data
10 | logging:
11 |     level:
12 |         com.github.lothar.security.acl: debug


--------------------------------------------------------------------------------
/jpa/src/test/resources/application.yml:
--------------------------------------------------------------------------------
 1 | spring:
 2 |     jpa:
 3 |         hibernate:
 4 |             ddl-auto: create
 5 |         properties:
 6 |             hibernate.cache.use_second_level_cache: false
 7 |             hibernate.cache.use_query_cache: false
 8 |             hibernate.format_sql: true
 9 | logging:
10 |     level:
11 | #         org.hibernate.SQL: debug
12 | #         org.hibernate.type: trace
13 | #         com.github.lothar.security.acl: debug


--------------------------------------------------------------------------------
/sample/src/main/resources/application.yml:
--------------------------------------------------------------------------------
 1 | spring:
 2 |     jpa:
 3 |         hibernate:
 4 |             ddl-auto: create
 5 |     data:
 6 |         elasticsearch:
 7 |             cluster-name:
 8 |             cluster-nodes:
 9 |             properties:
10 |                 path:
11 |                     logs: target/elasticsearch/log
12 |                     data: target/elasticsearch/data
13 | logging:
14 |     level:
15 |         org.hibernate.SQL: debug
16 |         com.github.lothar.security.acl: debug


--------------------------------------------------------------------------------
/grant/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 3 | 	<modelVersion>4.0.0</modelVersion>
 4 | 
 5 | 	<artifactId>strategy-spring-security-acl-grant</artifactId>
 6 | 
 7 | 	<parent>
 8 | 		<groupId>com.github.lothar.security.acl</groupId>
 9 | 		<artifactId>strategy-spring-security-acl-parent</artifactId>
10 | 		<version>1.6.0-SNAPSHOT</version>
11 | 	</parent>
12 | 
13 | 	<dependencies>
14 | 		<dependency>
15 | 			<groupId>com.github.lothar.security.acl</groupId>
16 | 			<artifactId>strategy-spring-security-acl-core</artifactId>
17 | 		</dependency>
18 | 		<dependency>
19 | 			<groupId>org.springframework.boot</groupId>
20 | 			<artifactId>spring-boot-starter-security</artifactId>
21 | 		</dependency>
22 | 	</dependencies>
23 | 
24 | </project>
25 | 


--------------------------------------------------------------------------------
/elasticsearch/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 3 | 	<modelVersion>4.0.0</modelVersion>
 4 | 
 5 | 	<artifactId>strategy-spring-security-acl-elasticsearch</artifactId>
 6 | 
 7 | 	<parent>
 8 | 		<groupId>com.github.lothar.security.acl</groupId>
 9 | 		<artifactId>strategy-spring-security-acl-parent</artifactId>
10 | 		<version>1.6.0-SNAPSHOT</version>
11 | 	</parent>
12 | 
13 | 	<dependencies>
14 | 		<dependency>
15 | 			<groupId>com.github.lothar.security.acl</groupId>
16 | 			<artifactId>strategy-spring-security-acl-core</artifactId>
17 | 		</dependency>
18 | 		<dependency>
19 | 			<groupId>org.springframework.boot</groupId>
20 | 			<artifactId>spring-boot-starter-data-elasticsearch</artifactId>
21 | 		</dependency>
22 | 	</dependencies>
23 | 
24 | </project>
25 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/AclFeature.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl;
17 | 
18 | public interface AclFeature<Handler> {
19 | }
20 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/domain/NoAclObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.domain;
17 | 
18 | public class NoAclObject {
19 | }
20 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/domain/NoAclObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.domain;
17 | 
18 | public class NoAclObject {
19 | }
20 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/grant/Permission.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.sample.grant;
17 | 
18 | public enum Permission {
19 | 
20 |   SAVE, DELETE, READ
21 | }
22 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/AclStrategy.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl;
15 | 
16 | @FunctionalInterface
17 | public interface AclStrategy {
18 | 
19 |   <Handler> Handler handlerFor(AclFeature<Handler> feature);
20 | }
21 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/domain/NoStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl
21 | public class NoStrategyObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/domain/NoStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl
21 | public class NoStrategyObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/domain/DeniedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("denyAllStrategy")
21 | public class DeniedToAllObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/domain/AllowedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("allowAllStrategy")
21 | public class AllowedToAllObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/AclStrategyProvider.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl;
15 | 
16 | public interface AclStrategyProvider {
17 | 
18 |   AclStrategy strategyFor(Class<?> entityClass);
19 | 
20 |   void setDefaultStrategy(AclStrategy strategy);
21 | }
22 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/compound/AclComposer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.compound;
15 | 
16 | public interface AclComposer<Handler> {
17 | 
18 |   Handler and(Handler lhs, Handler rhs);
19 | 
20 |   Handler or(Handler lhs, Handler rhs);
21 | 
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/domain/UnknownStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("unknownStrategy")
21 | public class UnknownStrategyObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/jpa/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 3 | 	<modelVersion>4.0.0</modelVersion>
 4 | 
 5 | 	<artifactId>strategy-spring-security-acl-jpa</artifactId>
 6 | 
 7 | 	<parent>
 8 | 		<groupId>com.github.lothar.security.acl</groupId>
 9 | 		<artifactId>strategy-spring-security-acl-parent</artifactId>
10 | 		<version>1.6.0-SNAPSHOT</version>
11 | 	</parent>
12 | 
13 | 	<dependencies>
14 | 		<dependency>
15 | 			<groupId>com.github.lothar.security.acl</groupId>
16 | 			<artifactId>strategy-spring-security-acl-core</artifactId>
17 | 		</dependency>
18 | 		<dependency>
19 | 			<groupId>org.springframework.boot</groupId>
20 | 			<artifactId>spring-boot-starter-data-jpa</artifactId>
21 | 		</dependency>
22 | 
23 | 		<dependency>
24 | 			<groupId>com.h2database</groupId>
25 | 			<artifactId>h2</artifactId>
26 | 			<scope>test</scope>
27 | 		</dependency>
28 | 	</dependencies>
29 | 
30 | </project>
31 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/domain/DeniedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("denyAllStrategy")
21 | public class DeniedToAllObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/domain/AllowedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("allowAllStrategy")
21 | public class AllowedToAllObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/domain/UnknownStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("unknownStrategy")
21 | public class UnknownStrategyObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/domain/WithoutHandlerObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.domain;
17 | 
18 | import com.github.lothar.security.acl.Acl;
19 | 
20 | @Acl("withoutHandlerStrategy")
21 | public class WithoutHandlerObject {
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/compound/Operator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.compound;
17 | 
18 | public interface Operator<T> {
19 | 
20 |   default String toString(T lhs, T rhs) {
21 |     return "(" + lhs + " " + toString() + " " + rhs + ")";
22 |   }
23 | }
24 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/StringTesterFeature.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl;
15 | 
16 | import java.util.function.Function;
17 | 
18 | import com.github.lothar.security.acl.named.NamedBean;
19 | 
20 | public class StringTesterFeature extends NamedBean
21 |     implements AclFeature<Function<String, Boolean>> {
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/compound/AclStrategyComposerProvider.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.compound;
15 | 
16 | import com.github.lothar.security.acl.AclFeature;
17 | 
18 | @FunctionalInterface
19 | public interface AclStrategyComposerProvider {
20 | 
21 |   <Handler> AclComposer<Handler> composerFor(AclFeature<Handler> feature);
22 | 
23 | }
24 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/GrantEvaluatorFeature.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant;
17 | 
18 | import com.github.lothar.security.acl.AclFeature;
19 | import com.github.lothar.security.acl.named.NamedBean;
20 | 
21 | public final class GrantEvaluatorFeature extends NamedBean implements AclFeature<GrantEvaluator> {
22 | }
23 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/activation/AclStatus.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.activation;
17 | 
18 | public enum AclStatus {
19 | 
20 |   ENABLED(true), DISABLED(false);
21 |   private boolean value;
22 | 
23 |   private AclStatus(boolean value) {
24 |     this.value = value;
25 |   }
26 | 
27 |   boolean value() {
28 |     return value;
29 |   }
30 | }
31 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/JpaSpecFeature.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa;
17 | 
18 | import org.springframework.data.jpa.domain.Specification;
19 | 
20 | import com.github.lothar.security.acl.AclFeature;
21 | import com.github.lothar.security.acl.named.NamedBean;
22 | 
23 | public final class JpaSpecFeature<T> extends NamedBean implements AclFeature<Specification<T>> {
24 | }
25 | 


--------------------------------------------------------------------------------
/elasticsearch/src/main/java/com/github/lothar/security/acl/elasticsearch/ElasticSearchFeature.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch;
17 | 
18 | import org.elasticsearch.index.query.QueryBuilder;
19 | 
20 | import com.github.lothar.security.acl.AclFeature;
21 | import com.github.lothar.security.acl.named.NamedBean;
22 | 
23 | public final class ElasticSearchFeature extends NamedBean implements AclFeature<QueryBuilder> {
24 | }
25 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/elasticsearch/CustomerSearchRepository.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  */
16 | 
17 | package com.github.lothar.security.acl.sample.elasticsearch;
18 | 
19 | import java.util.List;
20 | 
21 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
22 | 
23 | import com.github.lothar.security.acl.sample.domain.Customer;
24 | 
25 | public interface CustomerSearchRepository extends ElasticsearchRepository<Customer, String> {
26 | 
27 | 	Customer findByFirstName(String firstName);
28 | 
29 | 	List<Customer> findByLastName(String lastName);
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/NoAclObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.domain;
17 | 
18 | import javax.persistence.Entity;
19 | import javax.persistence.Id;
20 | 
21 | @Entity
22 | public class NoAclObject {
23 | 
24 |   @Id
25 |   private Long id;
26 | 
27 |   public Long getId() {
28 |     return id;
29 |   }
30 | 
31 |   public void setId(Long id) {
32 |     this.id = id;
33 |   }
34 | 
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/NoAclRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.repository;
17 | 
18 | import org.springframework.data.jpa.repository.JpaRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.NoAclObject;
22 | 
23 | @Repository
24 | public interface NoAclRepository extends JpaRepository<NoAclObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/NoStrategyRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.repository;
17 | 
18 | import org.springframework.data.jpa.repository.JpaRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.NoStrategyObject;
22 | 
23 | @Repository
24 | public interface NoStrategyRepository extends JpaRepository<NoStrategyObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/AllowedToAllRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.repository;
17 | 
18 | import org.springframework.data.jpa.repository.JpaRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.AllowedToAllObject;
22 | 
23 | @Repository
24 | public interface AllowedToAllRepository extends JpaRepository<AllowedToAllObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/DeniedToAllRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.repository;
17 | 
18 | import org.springframework.data.jpa.repository.JpaRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.DeniedToAllObject;
22 | 
23 | @Repository
24 | public interface DeniedToAllRepository extends JpaRepository<DeniedToAllObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/CustomerRepository.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  */
14 | 
15 | package com.github.lothar.security.acl.elasticsearch.repository;
16 | 
17 | import java.util.List;
18 | 
19 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
20 | 
21 | import com.github.lothar.security.acl.elasticsearch.domain.Customer;
22 | 
23 | public interface CustomerRepository extends ElasticsearchRepository<Customer, String> {
24 | 
25 |   Customer findByFirstName(String firstName);
26 | 
27 |   List<Customer> findByLastName(String lastName);
28 | 
29 |   int countByLastName(String lastName);
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/jpa/CustomerRepository.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  */
14 | 
15 | package com.github.lothar.security.acl.sample.jpa;
16 | 
17 | import java.util.List;
18 | 
19 | import org.springframework.data.jpa.repository.JpaRepository;
20 | import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
21 | 
22 | import com.github.lothar.security.acl.sample.domain.Customer;
23 | 
24 | public interface CustomerRepository
25 |     extends JpaRepository<Customer, String>, JpaSpecificationExecutor<Customer> {
26 | 
27 |   Customer findByFirstName(String firstName);
28 | 
29 |   List<Customer> findByLastName(String lastName);
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/WithoutHandlerRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.repository;
17 | 
18 | import org.springframework.data.jpa.repository.JpaRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.WithoutHandlerObject;
22 | 
23 | @Repository
24 | public interface WithoutHandlerRepository extends JpaRepository<WithoutHandlerObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/UnknownStrategyRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.repository;
17 | 
18 | import org.springframework.data.jpa.repository.JpaRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.UnknownStrategyObject;
22 | 
23 | @Repository
24 | public interface UnknownStrategyRepository extends JpaRepository<UnknownStrategyObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/NoAclRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.repository;
15 | 
16 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
17 | import org.springframework.stereotype.Repository;
18 | 
19 | import com.github.lothar.security.acl.elasticsearch.domain.NoAclObject;
20 | 
21 | @Repository
22 | public interface NoAclRepository extends ElasticsearchRepository<NoAclObject, Long> {
23 | 
24 | }
25 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/AllowedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.domain;
15 | 
16 | import javax.persistence.Entity;
17 | import javax.persistence.Id;
18 | 
19 | import com.github.lothar.security.acl.Acl;
20 | 
21 | @Entity
22 | @Acl("allowAllStrategy")
23 | public class AllowedToAllObject {
24 | 
25 |   @Id
26 |   private Long id;
27 | 
28 |   public Long getId() {
29 |     return id;
30 |   }
31 | 
32 |   public void setId(Long id) {
33 |     this.id = id;
34 |   }
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/DeniedToAllRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.repository;
15 | 
16 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
17 | import org.springframework.stereotype.Repository;
18 | 
19 | import com.github.lothar.security.acl.elasticsearch.domain.DeniedToAllObject;
20 | 
21 | @Repository
22 | public interface DeniedToAllRepository extends ElasticsearchRepository<DeniedToAllObject, Long> {
23 | 
24 | }
25 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/NoStrategyRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.repository;
15 | 
16 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
17 | import org.springframework.stereotype.Repository;
18 | 
19 | import com.github.lothar.security.acl.elasticsearch.domain.NoStrategyObject;
20 | 
21 | @Repository
22 | public interface NoStrategyRepository extends ElasticsearchRepository<NoStrategyObject, Long> {
23 | 
24 | }
25 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/GrantEvaluator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant;
17 | 
18 | import java.io.Serializable;
19 | 
20 | import org.springframework.security.core.Authentication;
21 | 
22 | public interface GrantEvaluator {
23 | 
24 |   boolean isGranted(Object permission, Authentication authentication, Object domainObject);
25 | 
26 |   boolean isGranted(Object permission, Authentication authentication, Serializable targetId,
27 |       String targetType);
28 | 
29 | }
30 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/NoStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.domain;
17 | 
18 | import javax.persistence.Entity;
19 | import javax.persistence.Id;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Entity
24 | @Acl
25 | public class NoStrategyObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/DeniedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.domain;
17 | 
18 | import javax.persistence.Entity;
19 | import javax.persistence.Id;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Entity
24 | @Acl("denyAllStrategy")
25 | public class DeniedToAllObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/sample/src/test/java/com/github/lothar/security/acl/sample/SampleApplicationTests.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.sample;
17 | 
18 | import org.junit.Test;
19 | import org.junit.runner.RunWith;
20 | import org.springframework.boot.test.context.SpringBootTest;
21 | import org.springframework.test.context.junit4.SpringRunner;
22 | 
23 | @RunWith(SpringRunner.class)
24 | @SpringBootTest(classes = SampleApplication.class)
25 | public class SampleApplicationTests {
26 | 
27 | 	@Test
28 | 	public void contextLoads() {
29 | 	}
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/AllowedToAllRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.repository;
17 | 
18 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.elasticsearch.domain.AllowedToAllObject;
22 | 
23 | @Repository
24 | public interface AllowedToAllRepository extends ElasticsearchRepository<AllowedToAllObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/UnknownStrategyRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.repository;
15 | 
16 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
17 | import org.springframework.stereotype.Repository;
18 | 
19 | import com.github.lothar.security.acl.elasticsearch.domain.UnknownStrategyObject;
20 | 
21 | @Repository
22 | public interface UnknownStrategyRepository
23 |     extends ElasticsearchRepository<UnknownStrategyObject, Long> {
24 | 
25 | }
26 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/NoAclObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.domain;
17 | 
18 | import org.springframework.data.annotation.Id;
19 | import org.springframework.data.elasticsearch.annotations.Document;
20 | 
21 | @Document(indexName = "noAcl")
22 | public class NoAclObject {
23 | 
24 |   @Id
25 |   private Long id;
26 | 
27 |   public Long getId() {
28 |     return id;
29 |   }
30 | 
31 |   public void setId(Long id) {
32 |     this.id = id;
33 |   }
34 | 
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/UnknownStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.domain;
17 | 
18 | import javax.persistence.Entity;
19 | import javax.persistence.Id;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Entity
24 | @Acl("unknownStrategy")
25 | public class UnknownStrategyObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/WithoutHandlerRepository.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.repository;
17 | 
18 | import org.springframework.data.elasticsearch.repository.ElasticsearchRepository;
19 | import org.springframework.stereotype.Repository;
20 | 
21 | import com.github.lothar.security.acl.elasticsearch.domain.WithoutHandlerObject;
22 | 
23 | @Repository
24 | public interface WithoutHandlerRepository extends ElasticsearchRepository<WithoutHandlerObject, Long> {
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/WithoutHandlerObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.domain;
17 | 
18 | import javax.persistence.Entity;
19 | import javax.persistence.Id;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Entity
24 | @Acl("withoutHandlerStrategy")
25 | public class WithoutHandlerObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/multithread/Session.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.multithread;
15 | 
16 | public class Session {
17 | 
18 |     private static final ThreadLocal<String> user = new ThreadLocal<>();
19 | 
20 |     private Session() {}
21 | 
22 |     public static String currentUserLastName() {
23 |         return user.get();
24 |     }
25 | 
26 |     public static void login(String userLastName) {
27 |         user.set(userLastName);
28 |     }
29 | 
30 |     public static void logout() {
31 |         user.remove();
32 |     }
33 | }
34 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/GrantEvaluatorTestConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.grant;
15 | 
16 | import org.springframework.boot.autoconfigure.SpringBootApplication;
17 | import org.springframework.context.annotation.Bean;
18 | 
19 | import com.github.lothar.security.acl.AclStrategy;
20 | import com.github.lothar.security.acl.SimpleAclStrategy;
21 | 
22 | @SpringBootApplication
23 | public class GrantEvaluatorTestConfiguration {
24 | 
25 |   @Bean
26 |   public AclStrategy withoutHandlerStrategy() {
27 |     return new SimpleAclStrategy();
28 |   }
29 | }
30 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/annotation/NoAcl.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.annotation;
15 | 
16 | import java.lang.annotation.Documented;
17 | import java.lang.annotation.ElementType;
18 | import java.lang.annotation.Inherited;
19 | import java.lang.annotation.Retention;
20 | import java.lang.annotation.RetentionPolicy;
21 | import java.lang.annotation.Target;
22 | 
23 | /**
24 |  * Disable acl on query method
25 |  */
26 | @Target(ElementType.METHOD)
27 | @Retention(RetentionPolicy.RUNTIME)
28 | @Inherited
29 | @Documented
30 | public @interface NoAcl {
31 | 
32 | }
33 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/AllowedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.domain;
15 | 
16 | import org.springframework.data.annotation.Id;
17 | import org.springframework.data.elasticsearch.annotations.Document;
18 | 
19 | import com.github.lothar.security.acl.Acl;
20 | 
21 | @Document(indexName = "allowedToAll")
22 | @Acl("allowAllStrategy")
23 | public class AllowedToAllObject {
24 | 
25 |   @Id
26 |   private Long id;
27 | 
28 |   public Long getId() {
29 |     return id;
30 |   }
31 | 
32 |   public void setId(Long id) {
33 |     this.id = id;
34 |   }
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/NoStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.domain;
17 | 
18 | import org.springframework.data.annotation.Id;
19 | import org.springframework.data.elasticsearch.annotations.Document;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Document(indexName = "noStrategy")
24 | @Acl
25 | public class NoStrategyObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/config/DenyAllDefaultConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.config;
17 | 
18 | import org.springframework.context.annotation.Bean;
19 | import org.springframework.context.annotation.Configuration;
20 | import org.springframework.context.annotation.Import;
21 | 
22 | import com.github.lothar.security.acl.AclStrategy;
23 | 
24 | @Configuration
25 | @Import(AclConfiguration.class)
26 | public class DenyAllDefaultConfiguration {
27 | 
28 |   @Bean
29 |   public AclStrategy defaultAclStrategy(AclStrategy denyAllStrategy) {
30 |     return denyAllStrategy;
31 |   }
32 | }
33 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/Acl.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl;
17 | 
18 | import java.lang.annotation.Documented;
19 | import java.lang.annotation.ElementType;
20 | import java.lang.annotation.Inherited;
21 | import java.lang.annotation.Retention;
22 | import java.lang.annotation.RetentionPolicy;
23 | import java.lang.annotation.Target;
24 | 
25 | @Target(ElementType.TYPE)
26 | @Retention(RetentionPolicy.RUNTIME)
27 | @Inherited
28 | @Documented
29 | public @interface Acl {
30 | 
31 |   /**
32 |    * {@link AclStrategy} bean name
33 |    */
34 |   String value() default "defaultAclStrategy";
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/DeniedToAllObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.domain;
17 | 
18 | import org.springframework.data.annotation.Id;
19 | import org.springframework.data.elasticsearch.annotations.Document;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Document(indexName = "deniedToAll")
24 | @Acl("denyAllStrategy")
25 | public class DeniedToAllObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/UnknownStrategyObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.domain;
17 | 
18 | import org.springframework.data.annotation.Id;
19 | import org.springframework.data.elasticsearch.annotations.Document;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Document(indexName = "unknownStrategy")
24 | @Acl("unknownStrategy")
25 | public class UnknownStrategyObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/WithoutHandlerObject.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.domain;
17 | 
18 | import org.springframework.data.annotation.Id;
19 | import org.springframework.data.elasticsearch.annotations.Document;
20 | 
21 | import com.github.lothar.security.acl.Acl;
22 | 
23 | @Document(indexName = "withoutHandler")
24 | @Acl("withoutHandlerStrategy")
25 | public class WithoutHandlerObject {
26 | 
27 |   @Id
28 |   private Long id;
29 | 
30 |   public Long getId() {
31 |     return id;
32 |   }
33 | 
34 |   public void setId(Long id) {
35 |     this.id = id;
36 |   }
37 | 
38 | }
39 | 


--------------------------------------------------------------------------------
/core/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 3 | 	<modelVersion>4.0.0</modelVersion>
 4 | 
 5 | 	<artifactId>strategy-spring-security-acl-core</artifactId>
 6 | 
 7 | 	<parent>
 8 | 		<groupId>com.github.lothar.security.acl</groupId>
 9 | 		<artifactId>strategy-spring-security-acl-parent</artifactId>
10 | 		<version>1.6.0-SNAPSHOT</version>
11 | 	</parent>
12 | 
13 | 	<dependencies>
14 | 		<dependency>
15 | 			<groupId>org.springframework</groupId>
16 | 			<artifactId>spring-context-support</artifactId>
17 | 		</dependency>
18 | 		<dependency>
19 | 			<groupId>org.springframework.boot</groupId>
20 | 			<artifactId>spring-boot-autoconfigure</artifactId>
21 | 		</dependency>
22 | 		<dependency>
23 | 			<groupId>org.slf4j</groupId>
24 | 			<artifactId>slf4j-api</artifactId>
25 | 		</dependency>
26 | 		<dependency>
27 | 			<groupId>org.springframework</groupId>
28 | 			<artifactId>spring-test</artifactId>
29 | 			<optional>true</optional>
30 | 		</dependency>
31 | 		<dependency>
32 | 			<groupId>org.springframework</groupId>
33 | 			<artifactId>spring-web</artifactId>
34 | 			<optional>true</optional>
35 | 		</dependency>
36 | 		<dependency>
37 | 			<groupId>javax.servlet</groupId>
38 | 			<artifactId>javax.servlet-api</artifactId>
39 | 			<scope>provided</scope>
40 | 		</dependency>
41 | 	</dependencies>
42 | 
43 | </project>
44 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/StringTesterComposer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl;
17 | 
18 | import java.util.function.Function;
19 | 
20 | import com.github.lothar.security.acl.compound.AclComposer;
21 | 
22 | public class StringTesterComposer implements AclComposer<Function<String, Boolean>> {
23 | 
24 |   public Function<String, Boolean> and(Function<String, Boolean> lhs,
25 |       Function<String, Boolean> rhs) {
26 |     return (s) -> lhs.apply(s) && rhs.apply(s);
27 |   }
28 | 
29 |   @Override
30 |   public Function<String, Boolean> or(Function<String, Boolean> lhs,
31 |       Function<String, Boolean> rhs) {
32 |     return (s) -> lhs.apply(s) || rhs.apply(s);
33 |   }
34 | }
35 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/compound/AbstractCompound.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.compound;
17 | 
18 | import static org.springframework.util.Assert.notNull;
19 | 
20 | public abstract class AbstractCompound<T, O extends Operator<T>> {
21 | 
22 |   protected final T lhs;
23 |   protected final T rhs;
24 |   protected final O operator;
25 | 
26 |   public AbstractCompound(T lhs, T rhs, O operator) {
27 |     super();
28 |     notNull(operator, "Operator must not be null");
29 |     this.lhs = lhs;
30 |     this.rhs = rhs;
31 |     this.operator = operator;
32 |   }
33 | 
34 |   @Override
35 |   public String toString() {
36 |     return operator.toString(lhs, rhs);
37 |   }
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/spec/AllowAllSpecification.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.spec;
17 | 
18 | import javax.persistence.criteria.CriteriaBuilder;
19 | import javax.persistence.criteria.CriteriaQuery;
20 | import javax.persistence.criteria.Predicate;
21 | import javax.persistence.criteria.Root;
22 | 
23 | import org.springframework.data.jpa.domain.Specification;
24 | 
25 | import com.github.lothar.security.acl.named.NamedBean;
26 | 
27 | public class AllowAllSpecification<T> extends NamedBean implements Specification<T> {
28 | 
29 |   @Override
30 |   public Predicate toPredicate(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
31 |     return cb.conjunction();
32 |   }
33 | }
34 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/compound/JpaSpecComposer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.compound;
17 | 
18 | import static org.springframework.data.jpa.domain.Specifications.where;
19 | 
20 | import org.springframework.data.jpa.domain.Specification;
21 | 
22 | import com.github.lothar.security.acl.compound.AclComposer;
23 | 
24 | public class JpaSpecComposer<T> implements AclComposer<Specification<T>> {
25 | 
26 |   @Override
27 |   public Specification<T> and(Specification<T> lhs, Specification<T> rhs) {
28 |     return where(lhs).and(rhs);
29 |   }
30 | 
31 |   @Override
32 |   public Specification<T> or(Specification<T> lhs, Specification<T> rhs) {
33 |     return where(lhs).or(rhs);
34 |   }
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/named/NamedBean.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.named;
17 | 
18 | import java.util.Objects;
19 | 
20 | import org.springframework.beans.factory.BeanNameAware;
21 | 
22 | public class NamedBean implements BeanNameAware, org.springframework.beans.factory.NamedBean {
23 | 
24 |   private String name;
25 | 
26 |   @Override
27 |   public void setBeanName(String name) {
28 |     this.name = name;
29 |   }
30 | 
31 |   @Override
32 |   public String getBeanName() {
33 |     return name;
34 |   }
35 | 
36 |   public String name() {
37 |     return Objects.toString(name, getClass().getSimpleName());
38 |   }
39 | 
40 |   @Override
41 |   public String toString() {
42 |     return name();
43 |   }
44 | }
45 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/spec/DenyAllSpecification.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.spec;
17 | 
18 | import javax.persistence.criteria.CriteriaBuilder;
19 | import javax.persistence.criteria.CriteriaQuery;
20 | import javax.persistence.criteria.Predicate;
21 | import javax.persistence.criteria.Root;
22 | 
23 | import org.springframework.data.jpa.domain.Specification;
24 | 
25 | public class DenyAllSpecification<T> implements Specification<T> {
26 | 
27 |   @Override
28 |   public Predicate toPredicate(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
29 |     return cb.disjunction();
30 |   }
31 | 
32 |   @Override
33 |   public String toString() {
34 |     return getClass().getSimpleName();
35 |   }
36 | }
37 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/config/AclProperties.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.config;
15 | 
16 | import org.springframework.boot.context.properties.ConfigurationProperties;
17 | 
18 | @ConfigurationProperties("strategy-security-acl")
19 | public class AclProperties {
20 | 
21 |   private String overrideStrategy;
22 |   private boolean disabled;
23 | 
24 |   public String getOverrideStrategy() {
25 |     return overrideStrategy;
26 |   }
27 | 
28 |   public void setOverrideStrategy(String overrideStrategy) {
29 |     this.overrideStrategy = overrideStrategy;
30 |   }
31 | 
32 |   public boolean isDisabled() {
33 |     return disabled;
34 |   }
35 | 
36 |   public void setDisabled(boolean disabled) {
37 |     this.disabled = disabled;
38 |   }
39 | 
40 | }
41 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/grant/AbstractGrantEvaluator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.sample.grant;
17 | 
18 | import static org.springframework.util.Assert.notNull;
19 | 
20 | import java.io.Serializable;
21 | 
22 | import org.springframework.security.core.Authentication;
23 | import com.github.lothar.security.acl.grant.TypedGrantEvaluator;
24 | 
25 | public abstract class AbstractGrantEvaluator<T, ID extends Serializable>
26 |     extends TypedGrantEvaluator<T, ID, Authentication, Permission> {
27 | 
28 |   @Override
29 |   protected Permission mapPermission(Object permission) {
30 |     notNull(permission, "Permission must be not null");
31 |     return Permission.valueOf(String.valueOf(permission));
32 |   }
33 | 
34 | }
35 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/CustomerRepository.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  */
14 | 
15 | package com.github.lothar.security.acl.jpa.repository;
16 | 
17 | import java.util.List;
18 | 
19 | import org.springframework.data.domain.Pageable;
20 | import org.springframework.data.domain.Sort;
21 | import org.springframework.data.jpa.repository.JpaRepository;
22 | 
23 | import com.github.lothar.security.acl.jpa.annotation.NoAcl;
24 | import com.github.lothar.security.acl.jpa.domain.Customer;
25 | 
26 | public interface CustomerRepository extends JpaRepository<Customer, String> {
27 | 
28 |   Customer findByFirstName(String firstName);
29 | 
30 |   List<Customer> findByLastName(String lastName);
31 | 
32 |   List<Customer> findByFirstNameContains(String firstNameContains, Sort sort);
33 | 
34 |   List<Customer> findByFirstNameContains(String firstNameContains, Pageable pageable);
35 | 
36 |   int countByLastName(String lastName);
37 | 
38 |   @NoAcl
39 |   int countByLastNameContains(String firstName);
40 | }
41 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/evaluators/AllowAllGrantEvaluator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.evaluators;
17 | 
18 | import java.io.Serializable;
19 | 
20 | import org.springframework.security.core.Authentication;
21 | 
22 | import com.github.lothar.security.acl.grant.GrantEvaluator;
23 | import com.github.lothar.security.acl.named.NamedBean;
24 | 
25 | public class AllowAllGrantEvaluator extends NamedBean implements GrantEvaluator {
26 | 
27 |   @Override
28 |   public boolean isGranted(Object permission, Authentication authentication, Object domainObject) {
29 |     return true;
30 |   }
31 | 
32 |   @Override
33 |   public boolean isGranted(Object permission, Authentication authentication, Serializable targetId,
34 |       String targetType) {
35 |     return true;
36 |   }
37 | 
38 | }
39 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/evaluators/DenyAllGrantEvaluator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.evaluators;
17 | 
18 | import java.io.Serializable;
19 | 
20 | import org.springframework.security.core.Authentication;
21 | 
22 | import com.github.lothar.security.acl.grant.GrantEvaluator;
23 | import com.github.lothar.security.acl.named.NamedBean;
24 | 
25 | public class DenyAllGrantEvaluator extends NamedBean implements GrantEvaluator {
26 | 
27 |   @Override
28 |   public boolean isGranted(Object permission, Authentication authentication, Object domainObject) {
29 |     return false;
30 |   }
31 | 
32 |   @Override
33 |   public boolean isGranted(Object permission, Authentication authentication, Serializable targetId,
34 |       String targetType) {
35 |     return false;
36 |   }
37 | 
38 | }
39 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/grant/CustomerService.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.sample.grant;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.springframework.security.access.prepost.PreAuthorize;
21 | import org.springframework.stereotype.Service;
22 | import org.springframework.transaction.annotation.Transactional;
23 | 
24 | import com.github.lothar.security.acl.sample.domain.Customer;
25 | import com.github.lothar.security.acl.sample.jpa.CustomerRepository;
26 | 
27 | @Service
28 | public class CustomerService {
29 | 
30 |   @Resource
31 |   private CustomerRepository repository;
32 | 
33 |   @Transactional
34 |   @PreAuthorize("hasPermission(#customer, 'SAVE')")
35 |   public Customer save(Customer customer) {
36 |     return repository.save(customer);
37 |   }
38 | }
39 | 


--------------------------------------------------------------------------------
/elasticsearch/src/main/java/com/github/lothar/security/acl/elasticsearch/compound/FilterBuilderComposer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.compound;
17 | 
18 | import static org.elasticsearch.index.query.QueryBuilders.andQuery;
19 | import static org.elasticsearch.index.query.QueryBuilders.orQuery;
20 | 
21 | import org.elasticsearch.index.query.QueryBuilder;
22 | 
23 | import com.github.lothar.security.acl.compound.AclComposer;
24 | 
25 | @SuppressWarnings("deprecation")
26 | public class FilterBuilderComposer implements AclComposer<QueryBuilder> {
27 | 
28 |   @Override
29 |   public QueryBuilder and(QueryBuilder lhs, QueryBuilder rhs) {
30 |     return andQuery(lhs, rhs);
31 |   }
32 | 
33 |   @Override
34 |   public QueryBuilder or(QueryBuilder lhs, QueryBuilder rhs) {
35 |     return orQuery(lhs, rhs);
36 |   }
37 | 
38 | }
39 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/AclTestConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl;
17 | 
18 | import org.springframework.boot.autoconfigure.SpringBootApplication;
19 | import org.springframework.context.annotation.Bean;
20 | import com.github.lothar.security.acl.compound.AclComposersRegistry;
21 | 
22 | @SpringBootApplication
23 | public class AclTestConfiguration {
24 | 
25 |   private StringTesterFeature stringTesterFeature = new StringTesterFeature();
26 | 
27 |   @Bean
28 |   public StringTesterFeature stringTesterFeature() {
29 |     return stringTesterFeature;
30 |   }
31 | 
32 |   @Bean
33 |   public StringTesterComposer stringTesterComposer(AclComposersRegistry composersRegistry) {
34 |     StringTesterComposer stringTesterComposer = new StringTesterComposer();
35 |     composersRegistry.register(stringTesterFeature, stringTesterComposer);
36 |     return stringTesterComposer;
37 |   }
38 | }
39 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/multithread/CurrentUserLastNameSpec.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.multithread;
15 | 
16 | import javax.persistence.criteria.CriteriaBuilder;
17 | import javax.persistence.criteria.CriteriaQuery;
18 | import javax.persistence.criteria.Predicate;
19 | import javax.persistence.criteria.Root;
20 | 
21 | import org.springframework.data.jpa.domain.Specification;
22 | 
23 | import com.github.lothar.security.acl.jpa.domain.Customer;
24 | 
25 | public class CurrentUserLastNameSpec implements Specification<Customer> {
26 | 
27 |     @Override
28 |     public Predicate toPredicate(Root<Customer> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
29 |         String currentUserLastName = Session.currentUserLastName();
30 |         if (currentUserLastName == null) {
31 |             return cb.conjunction();
32 |         } else {
33 |             return cb.equal(root.get("lastName"), currentUserLastName);
34 |         }
35 |     }
36 | }
37 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/spec/BiFunctionSpecification.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.spec;
17 | 
18 | import java.util.function.BiFunction;
19 | 
20 | import javax.persistence.criteria.CriteriaBuilder;
21 | import javax.persistence.criteria.CriteriaQuery;
22 | import javax.persistence.criteria.Predicate;
23 | import javax.persistence.criteria.Root;
24 | 
25 | import org.springframework.data.jpa.domain.Specification;
26 | 
27 | public class BiFunctionSpecification<T> implements Specification<T> {
28 | 
29 |   private BiFunction<Root<T>, CriteriaBuilder, Predicate> predicateFunction;
30 | 
31 |   public BiFunctionSpecification(
32 |       BiFunction<Root<T>, CriteriaBuilder, Predicate> predicateFunction) {
33 |     this.predicateFunction = predicateFunction;
34 |   }
35 | 
36 |   @Override
37 |   public Predicate toPredicate(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
38 |     return predicateFunction.apply(root, cb);
39 |   }
40 | }
41 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/spec/CustomerSpecification.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.spec;
17 | 
18 | import javax.persistence.criteria.CriteriaBuilder;
19 | import javax.persistence.criteria.CriteriaQuery;
20 | import javax.persistence.criteria.Predicate;
21 | import javax.persistence.criteria.Root;
22 | 
23 | import org.springframework.data.jpa.domain.Specification;
24 | 
25 | import com.github.lothar.security.acl.jpa.domain.Customer;
26 | 
27 | public class CustomerSpecification implements Specification<Customer> {
28 | 
29 |   private String lastName;
30 | 
31 |   public CustomerSpecification(String lastName) {
32 |     this.lastName = lastName;
33 |   }
34 | 
35 |   @Override
36 |   public Predicate toPredicate(Root<Customer> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
37 |     return cb.equal(root.get("lastName"), lastName);
38 |   }
39 | 
40 |   public void setLastName(String lastName) {
41 |     this.lastName = lastName;
42 |   }
43 | }
44 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/activation/test/WithoutAclTestExecutionListenerTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.activation.test;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Test;
23 | import org.junit.runner.RunWith;
24 | import org.springframework.boot.test.context.SpringBootTest;
25 | import org.springframework.test.context.junit4.SpringRunner;
26 | 
27 | import com.github.lothar.security.acl.activation.AclSecurityActivator;
28 | import com.github.lothar.security.acl.config.AclConfiguration;
29 | 
30 | @RunWith(SpringRunner.class)
31 | @SpringBootTest(classes = AclConfiguration.class)
32 | public class WithoutAclTestExecutionListenerTest {
33 | 
34 |   @Resource
35 |   private AclSecurityActivator aclSecurityActivator;
36 | 
37 |   @Test
38 |   public void should_acl_security_be_enabled_when_listener_is_not_installed() {
39 |     assertThat(aclSecurityActivator.isEnabled()).isTrue();
40 |   }
41 | }
42 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/config/ElasticSearchAclConfigurationTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.elasticsearch.config;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Test;
23 | import org.junit.runner.RunWith;
24 | import org.springframework.boot.test.context.SpringBootTest;
25 | import org.springframework.test.context.junit4.SpringRunner;
26 | 
27 | import com.github.lothar.security.acl.elasticsearch.ElasticSearchFeature;
28 | import com.github.lothar.security.acl.elasticsearch.ElasticSearchTestConfiguration;
29 | 
30 | @RunWith(SpringRunner.class)
31 | @SpringBootTest(classes = ElasticSearchTestConfiguration.class)
32 | public class ElasticSearchAclConfigurationTest {
33 | 
34 |   @Resource
35 |   private ElasticSearchFeature elasticSearchFeature;
36 | 
37 |   @Test
38 |   public void should_elasticSearchFeature_be_loaded() {
39 |     assertThat(elasticSearchFeature).isNotNull();
40 |   }
41 | }
42 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/config/AclConfigurationTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.config;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.boot.test.context.SpringBootTest;
23 | import org.springframework.test.context.junit4.SpringRunner;
24 | 
25 | import com.github.lothar.security.acl.AclStrategy;
26 | 
27 | @RunWith(SpringRunner.class)
28 | @SpringBootTest(classes = AclConfiguration.class)
29 | public class AclConfigurationTest {
30 | 
31 |   @Resource
32 |   private AclStrategy defaultAclStrategy;
33 |   @Resource
34 |   private AclStrategy allowAllStrategy;
35 |   @Resource
36 |   private AclStrategy denyAllStrategy;
37 | 
38 |   @Test
39 |   public void should_default_and_allowAll_be_the_same() {
40 |     assertThat(defaultAclStrategy).isSameAs(allowAllStrategy);
41 |   }
42 | 
43 |   @Test
44 |   public void should_denyAll_and_allowAll_be_different() {
45 |     assertThat(denyAllStrategy).isNotSameAs(allowAllStrategy);
46 |   }
47 | }
48 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/config/DefaultStrategyOverrideTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.config;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.boot.test.context.SpringBootTest;
23 | import org.springframework.test.context.junit4.SpringRunner;
24 | 
25 | import com.github.lothar.security.acl.AclStrategy;
26 | 
27 | @RunWith(SpringRunner.class)
28 | @SpringBootTest(classes = DenyAllDefaultConfiguration.class)
29 | public class DefaultStrategyOverrideTest {
30 | 
31 |   @Resource
32 |   private AclStrategy defaultAclStrategy;
33 |   @Resource
34 |   private AclStrategy allowAllStrategy;
35 |   @Resource
36 |   private AclStrategy denyAllStrategy;
37 | 
38 |   @Test
39 |   public void should_default_and_denyAll_be_the_same() {
40 |     assertThat(defaultAclStrategy).isSameAs(denyAllStrategy);
41 |   }
42 | 
43 |   @Test
44 |   public void should_default_and_allowAll_be_different() {
45 |     assertThat(defaultAclStrategy).isNotSameAs(allowAllStrategy);
46 |   }
47 | }
48 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/spec/AclJpaSpecifications.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.spec;
17 | 
18 | import static java.util.stream.Collectors.toList;
19 | import static java.util.stream.StreamSupport.stream;
20 | 
21 | import java.io.Serializable;
22 | import java.util.Collection;
23 | 
24 | import org.springframework.data.jpa.domain.Specification;
25 | 
26 | public class AclJpaSpecifications {
27 | 
28 |   private AclJpaSpecifications() {}
29 | 
30 |   public static <T, ID extends Serializable> Specification<T> idsIn(Iterable<ID> ids) {
31 |     return new BiFunctionSpecification<>((root, cb) -> root.get("ids").in(collection(ids)));
32 |   }
33 | 
34 |   public static <T, ID extends Serializable> Specification<T> idEqualTo(ID id) {
35 |     return new BiFunctionSpecification<>((root, cb) -> cb.equal(root.get("id"), id));
36 |   }
37 | 
38 |   public static <T> Collection<T> collection(Iterable<T> iterable) {
39 |     if (iterable instanceof Collection) {
40 |       return (Collection<T>) iterable;
41 |     } else {
42 |       return stream(iterable.spliterator(), false).collect(toList());
43 |     }
44 |   }
45 | }
46 | 


--------------------------------------------------------------------------------
/sample/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 3 | 	<modelVersion>4.0.0</modelVersion>
 4 | 
 5 | 	<artifactId>strategy-spring-security-acl-sample</artifactId>
 6 | 
 7 | 	<parent>
 8 | 		<groupId>com.github.lothar.security.acl</groupId>
 9 | 		<artifactId>strategy-spring-security-acl-parent</artifactId>
10 | 		<version>1.6.0-SNAPSHOT</version>
11 | 	</parent>
12 | 
13 | 	<dependencies>
14 | 		<dependency>
15 | 			<groupId>com.github.lothar.security.acl</groupId>
16 | 			<artifactId>strategy-spring-security-acl-elasticsearch</artifactId>
17 | 		</dependency>
18 | 		<dependency>
19 | 			<groupId>com.github.lothar.security.acl</groupId>
20 | 			<artifactId>strategy-spring-security-acl-grant</artifactId>
21 | 		</dependency>
22 | 		<dependency>
23 | 			<groupId>com.github.lothar.security.acl</groupId>
24 | 			<artifactId>strategy-spring-security-acl-jpa</artifactId>
25 | 		</dependency>
26 | 		<dependency>
27 | 			<groupId>com.h2database</groupId>
28 | 			<artifactId>h2</artifactId>
29 | 		</dependency>
30 | 
31 | 		<dependency>
32 | 			<groupId>org.springframework.security</groupId>
33 | 			<artifactId>spring-security-test</artifactId>
34 | 			<scope>test</scope>
35 | 		</dependency>
36 | 	</dependencies>
37 | 
38 | 	<build>
39 | 		<plugins>
40 | 			<plugin>
41 | 				<groupId>org.springframework.boot</groupId>
42 | 				<artifactId>spring-boot-maven-plugin</artifactId>
43 | 			</plugin>
44 | 			<plugin>
45 | 				<artifactId>maven-deploy-plugin</artifactId>
46 | 				<configuration>
47 | 					<skip>true</skip>
48 | 				</configuration>
49 | 			</plugin>
50 | 			<plugin>
51 | 				<groupId>com.github.github</groupId>
52 | 				<artifactId>site-maven-plugin</artifactId>
53 | 				<configuration>
54 | 					<skip>true</skip>
55 | 				</configuration>
56 | 			</plugin>
57 | 		</plugins>
58 | 	</build>
59 | 
60 | 
61 | </project>
62 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/activation/AclActivationUtils.java:
--------------------------------------------------------------------------------
 1 | package com.github.lothar.security.acl.activation;
 2 | 
 3 | import static com.github.lothar.security.acl.activation.AclStatus.DISABLED;
 4 | import static com.github.lothar.security.acl.activation.AclStatus.ENABLED;
 5 | 
 6 | import java.util.concurrent.Callable;
 7 | 
 8 | public class AclActivationUtils {
 9 | 
10 |     private AclSecurityActivator aclSecurityActivator;
11 | 
12 |     public AclActivationUtils(AclSecurityActivator aclSecurityActivator) {
13 |         this.aclSecurityActivator = aclSecurityActivator;
14 |     }
15 | 
16 |     public <T> T doWithoutAcl(Callable<T> callable) throws Exception {
17 |         AclStatus previousStatus = setStatus(DISABLED);
18 |         try {
19 |             return callable.call();
20 |         } finally {
21 |             aclSecurityActivator.setStatus(previousStatus);
22 |         }
23 |     }
24 | 
25 |     public void doWithoutAcl(Runnable runnable) {
26 |         AclStatus previousStatus = setStatus(DISABLED);
27 |         try {
28 |             runnable.run();
29 |         } finally {
30 |             aclSecurityActivator.setStatus(previousStatus);
31 |         }
32 |     }
33 | 
34 |     public <T> T doWithAcl(Callable<T> callable) throws Exception {
35 |         AclStatus previousStatus = setStatus(ENABLED);
36 |         try {
37 |             return callable.call();
38 |         } finally {
39 |             aclSecurityActivator.setStatus(previousStatus);
40 |         }
41 |     }
42 | 
43 |     public void doWithAcl(Runnable runnable) {
44 |         AclStatus previousStatus = setStatus(ENABLED);
45 |         try {
46 |             runnable.run();
47 |         } finally {
48 |             aclSecurityActivator.setStatus(previousStatus);
49 |         }
50 |     }
51 | 
52 |     private AclStatus setStatus(AclStatus status) {
53 |         AclStatus previousStatus = aclSecurityActivator.getStatus();
54 |         if (!status.equals(previousStatus)) {
55 |             aclSecurityActivator.setStatus(status);
56 |         }
57 |         return previousStatus;
58 |     }
59 | 
60 | }
61 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/activation/test/AclTestExecutionListenerTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.activation.test;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Test;
23 | import org.junit.runner.RunWith;
24 | import org.springframework.boot.test.context.SpringBootTest;
25 | import org.springframework.test.context.TestExecutionListeners;
26 | import org.springframework.test.context.junit4.SpringRunner;
27 | import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
28 | 
29 | import com.github.lothar.security.acl.activation.AclSecurityActivator;
30 | import com.github.lothar.security.acl.config.AclConfiguration;
31 | 
32 | @RunWith(SpringRunner.class)
33 | @SpringBootTest(classes = AclConfiguration.class)
34 | @TestExecutionListeners({AclTestExecutionListener.class,
35 |     DependencyInjectionTestExecutionListener.class})
36 | public class AclTestExecutionListenerTest {
37 | 
38 |   @Resource
39 |   private AclSecurityActivator aclSecurityActivator;
40 | 
41 |   @Test
42 |   public void should_acl_security_be_disabled_when_listener_is_installed() {
43 |     assertThat(aclSecurityActivator.isEnabled()).isFalse();
44 |   }
45 | }
46 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/activation/AclSecurityActivator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.activation;
15 | 
16 | import static com.github.lothar.security.acl.activation.AclStatus.DISABLED;
17 | import static com.github.lothar.security.acl.activation.AclStatus.ENABLED;
18 | 
19 | import org.slf4j.Logger;
20 | import org.slf4j.LoggerFactory;
21 | 
22 | public class AclSecurityActivator {
23 | 
24 |   private Logger logger = LoggerFactory.getLogger(getClass());
25 |   private AclStatus status;
26 | 
27 |   public AclSecurityActivator() {
28 |     this(true);
29 |   }
30 | 
31 |   public AclSecurityActivator(boolean enabled) {
32 |     super();
33 |     this.status = enabled ? ENABLED : DISABLED;
34 |   }
35 | 
36 |   public AclSecurityActivator(AclStatus status) {
37 |     super();
38 |     this.status = status;
39 |   }
40 | 
41 |   public void enable() {
42 |     setStatus(ENABLED);
43 |   }
44 | 
45 |   public void disable() {
46 |     setStatus(DISABLED);
47 |   }
48 | 
49 |   public void setStatus(AclStatus status) {
50 |     this.status = status;
51 |     logger.debug("ACL {}", status);
52 |   }
53 | 
54 |   public AclStatus getStatus() {
55 |     return status;
56 |   }
57 | 
58 |   public boolean isDisabled() {
59 |     return DISABLED.equals(status);
60 |   }
61 | 
62 |   public boolean isEnabled() {
63 |     return ENABLED.equals(status);
64 |   }
65 | 
66 | }
67 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/grant/CustomerGrantEvaluator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.sample.grant;
15 | 
16 | import static com.github.lothar.security.acl.jpa.spec.AclJpaSpecifications.idEqualTo;
17 | 
18 | import org.springframework.security.core.Authentication;
19 | 
20 | import com.github.lothar.security.acl.sample.domain.Customer;
21 | import com.github.lothar.security.acl.sample.jpa.CustomerRepository;
22 | 
23 | public class CustomerGrantEvaluator extends AbstractGrantEvaluator<Customer, String> {
24 | 
25 |   private CustomerRepository repository;
26 | 
27 |   public CustomerGrantEvaluator(CustomerRepository repository) {
28 |     super();
29 |     this.repository = repository;
30 |   }
31 | 
32 |   @Override
33 |   public boolean isGranted(Permission permission, Authentication authentication,
34 |       Customer domainObject) {
35 |     return "Smith".equals(domainObject.getLastName());
36 |   }
37 | 
38 |   @Override
39 |   public boolean isGranted(Permission permission, Authentication authentication, String targetId,
40 |       Class<? extends Customer> targetType) {
41 |     // thanks to JpaSpecFeature, repository will count only authorized customers !
42 |     return repository.count(idEqualTo(targetId)) == 1;
43 |     // if Jpa feature was not enabled, we would use
44 |     // return repository.countByLastName("Smith")
45 |   }
46 | 
47 | }
48 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/config/JpaSpecAclConfigurationTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.jpa.config;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Test;
23 | import org.junit.runner.RunWith;
24 | import org.springframework.boot.test.context.SpringBootTest;
25 | import org.springframework.data.jpa.domain.Specification;
26 | import org.springframework.test.context.junit4.SpringRunner;
27 | 
28 | import com.github.lothar.security.acl.jpa.JpaSpecFeature;
29 | import com.github.lothar.security.acl.jpa.JpaSpecTestConfiguration;
30 | 
31 | @RunWith(SpringRunner.class)
32 | @SpringBootTest(classes = JpaSpecTestConfiguration.class)
33 | public class JpaSpecAclConfigurationTest {
34 | 
35 |   @Resource
36 |   private Specification<?> allowAllSpecification;
37 |   @Resource
38 |   private Specification<?> denyAllSpecification;
39 |   @Resource
40 |   private JpaSpecFeature<?> jpaSpecFeature;
41 | 
42 |   @Test
43 |   public void should_jpaSpecFeature_be_loaded() {
44 |     assertThat(jpaSpecFeature).isNotNull();
45 |   }
46 | 
47 |   @Test
48 |   public void should_allowAllSpec_be_loaded() {
49 |     assertThat(allowAllSpecification).isNotNull();
50 |   }
51 | 
52 |   @Test
53 |   public void should_denyAllSpec_be_loaded() {
54 |     assertThat(denyAllSpecification).isNotNull();
55 |   }
56 | 
57 | }
58 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/compound/AclComposersRegistry.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.compound;
17 | 
18 | import static org.springframework.util.Assert.notNull;
19 | 
20 | import java.util.HashMap;
21 | import java.util.Map;
22 | import java.util.Objects;
23 | 
24 | import org.slf4j.Logger;
25 | import org.slf4j.LoggerFactory;
26 | 
27 | import com.github.lothar.security.acl.AclFeature;
28 | 
29 | @SuppressWarnings("unchecked")
30 | public class AclComposersRegistry implements AclStrategyComposerProvider {
31 | 
32 |   private Logger logger = LoggerFactory.getLogger(getClass());
33 |   private Map<AclFeature<?>, AclComposer<?>> composers = new HashMap<>();
34 | 
35 |   public <Handler> void register(AclFeature<Handler> feature, AclComposer<Handler> composer) {
36 |     notNull(feature, "Feature can't be null");
37 |     composers.put(feature, composer);
38 |     logger.debug("Registered {} composer: {}", feature, composer);
39 |   }
40 | 
41 |   public <Handler> AclComposer<Handler> unregister(AclFeature<Handler> feature) {
42 |     return (AclComposer<Handler>) composers.remove(feature);
43 |   }
44 | 
45 |   @Override
46 |   public <Handler> AclComposer<Handler> composerFor(AclFeature<Handler> feature) {
47 |     return (AclComposer<Handler>) composers.get(feature);
48 |   }
49 | 
50 |   @Override
51 |   public String toString() {
52 |     return Objects.toString(composers);
53 |   }
54 | }
55 | 


--------------------------------------------------------------------------------
/sample/src/test/java/com/github/lothar/security/acl/sample/grant/CustomerServiceTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.sample.grant;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.boot.test.context.SpringBootTest;
23 | import org.springframework.security.access.AccessDeniedException;
24 | import org.springframework.security.test.context.support.WithMockUser;
25 | import org.springframework.test.context.junit4.SpringRunner;
26 | import org.springframework.transaction.annotation.Transactional;
27 | 
28 | import com.github.lothar.security.acl.SimpleAclStrategy;
29 | import com.github.lothar.security.acl.sample.SampleApplication;
30 | import com.github.lothar.security.acl.sample.domain.Customer;
31 | 
32 | @RunWith(SpringRunner.class)
33 | @SpringBootTest(classes = SampleApplication.class)
34 | @Transactional
35 | @WithMockUser
36 | public class CustomerServiceTest {
37 | 
38 |   @Resource
39 |   private CustomerService service;
40 |   @Resource
41 |   private SimpleAclStrategy customerStrategy;
42 | 
43 |   @Test
44 |   public void should_save_an_authorized_customer() {
45 |     Customer savedCustomer = service.save(new Customer("Alice", "Smith"));
46 |     assertThat(savedCustomer.getLastName()).isEqualTo("Smith");
47 |   }
48 | 
49 |   @Test(expected = AccessDeniedException.class)
50 |   public void should_throw_AccessDenied_when_try_to_save_an_unauthorized_customer() {
51 |     service.save(new Customer("John", "Doe"));
52 |   }
53 | 
54 | }
55 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/ElasticSearchTestConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch;
15 | 
16 | import static org.elasticsearch.index.query.QueryBuilders.matchQuery;
17 | 
18 | import org.elasticsearch.index.query.MatchQueryBuilder;
19 | import org.springframework.boot.autoconfigure.SpringBootApplication;
20 | import org.springframework.context.annotation.Bean;
21 | import org.springframework.data.elasticsearch.repository.config.EnableElasticsearchRepositories;
22 | 
23 | import com.github.lothar.security.acl.AclStrategy;
24 | import com.github.lothar.security.acl.SimpleAclStrategy;
25 | import com.github.lothar.security.acl.elasticsearch.repository.AclElasticsearchRepositoryFactoryBean;
26 | 
27 | @SpringBootApplication
28 | @EnableElasticsearchRepositories(value = "com.github.lothar.security.acl.elasticsearch.repository",
29 |     repositoryFactoryBeanClass = AclElasticsearchRepositoryFactoryBean.class)
30 | public class ElasticSearchTestConfiguration {
31 | 
32 |   private SimpleAclStrategy customerStrategy = new SimpleAclStrategy();
33 | 
34 |   @Bean
35 |   public AclStrategy withoutHandlerStrategy() {
36 |     return new SimpleAclStrategy();
37 |   }
38 | 
39 |   @Bean
40 |   public SimpleAclStrategy customerStrategy() {
41 |     return customerStrategy;
42 |   }
43 | 
44 |   @Bean
45 |   public MatchQueryBuilder smithFamilyFilter(ElasticSearchFeature elasticSearchFeature) {
46 |     MatchQueryBuilder smithFamilyFilter = matchQuery("lastName", "Smith");
47 |     customerStrategy.install(elasticSearchFeature, smithFamilyFilter);
48 |     return smithFamilyFilter;
49 |   }
50 | }
51 | 


--------------------------------------------------------------------------------
/sample/src/main/java/com/github/lothar/security/acl/sample/domain/Customer.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  */
16 | 
17 | package com.github.lothar.security.acl.sample.domain;
18 | 
19 | import java.io.Serializable;
20 | 
21 | import javax.persistence.Entity;
22 | import javax.persistence.GeneratedValue;
23 | import javax.persistence.GenerationType;
24 | import javax.persistence.Id;
25 | import javax.persistence.Table;
26 | 
27 | import org.springframework.data.elasticsearch.annotations.Document;
28 | 
29 | import com.github.lothar.security.acl.Acl;
30 | 
31 | @Entity
32 | @Table(name = "customer")
33 | @Acl("customerStrategy")
34 | @Document(indexName = "customer", type = "customer", shards = 1, replicas = 0, refreshInterval = "-1")
35 | public class Customer implements Serializable {
36 | 
37 |     private static final long serialVersionUID = 1L;
38 | 
39 |     @Id
40 |     @GeneratedValue(strategy = GenerationType.AUTO)
41 | 	private String id;
42 | 
43 | 	private String firstName;
44 | 
45 | 	private String lastName;
46 | 
47 | 	public Customer() {
48 | 	}
49 | 
50 | 	public Customer(String firstName, String lastName) {
51 | 		this.firstName = firstName;
52 | 		this.lastName = lastName;
53 | 	}
54 | 
55 | 	public String getId() {
56 | 		return this.id;
57 | 	}
58 | 
59 | 	public void setId(String id) {
60 | 		this.id = id;
61 | 	}
62 | 
63 | 	public String getFirstName() {
64 | 		return this.firstName;
65 | 	}
66 | 
67 | 	public void setFirstName(String firstName) {
68 | 		this.firstName = firstName;
69 | 	}
70 | 
71 | 	public String getLastName() {
72 | 		return this.lastName;
73 | 	}
74 | 
75 | 	public void setLastName(String lastName) {
76 | 		this.lastName = lastName;
77 | 	}
78 | 
79 | 	@Override
80 | 	public String toString() {
81 | 		return String.format("Customer[id=%s, firstName='%s', lastName='%s']", this.id,
82 | 				this.firstName, this.lastName);
83 | 	}
84 | 
85 | }
86 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/multithread/TestDataPreparer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.multithread;
15 | 
16 | import org.springframework.context.ApplicationContext;
17 | import org.springframework.stereotype.Component;
18 | import org.springframework.test.context.TestContext;
19 | import org.springframework.test.context.support.AbstractTestExecutionListener;
20 | 
21 | import com.github.lothar.security.acl.jpa.domain.Customer;
22 | import com.github.lothar.security.acl.jpa.repository.CustomerRepository;
23 | 
24 | @Component
25 | public class TestDataPreparer extends AbstractTestExecutionListener {
26 | 
27 |     private Customer aliceSmith;
28 |     private Customer bobSmith;
29 |     private Customer johnDoe;
30 | 
31 |     @Override
32 |     public void beforeTestClass(TestContext testContext) throws Exception {
33 |         CustomerRepository repository = repository(testContext);
34 |         aliceSmith = repository.saveAndFlush(new Customer("Alice", "Smith"));
35 |         bobSmith = repository.saveAndFlush(new Customer("Bob", "Smith"));
36 |         johnDoe = repository.saveAndFlush(new Customer("John", "Doe"));
37 |     }
38 |     
39 |     @Override
40 |     public void afterTestClass(TestContext testContext) throws Exception {
41 |         CustomerRepository repository = repository(testContext);
42 |         repository.delete(aliceSmith);
43 |         repository.delete(bobSmith);
44 |         repository.delete(johnDoe);
45 |     }
46 | 
47 |     private CustomerRepository repository(TestContext testContext) {
48 |       ApplicationContext context = testContext.getApplicationContext();
49 |       CustomerRepository customerRepository = context.getBean(CustomerRepository.class);
50 |       return customerRepository;
51 |     }
52 | }
53 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/activation/web/AclActivatorFilter.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.activation.web;
15 | 
16 | import static com.github.lothar.security.acl.activation.AclStatus.ENABLED;
17 | 
18 | import java.io.IOException;
19 | 
20 | import javax.servlet.Filter;
21 | import javax.servlet.FilterChain;
22 | import javax.servlet.FilterConfig;
23 | import javax.servlet.ServletException;
24 | import javax.servlet.ServletRequest;
25 | import javax.servlet.ServletResponse;
26 | 
27 | import com.github.lothar.security.acl.activation.AclSecurityActivator;
28 | import com.github.lothar.security.acl.activation.AclStatus;
29 | 
30 | public class AclActivatorFilter implements Filter {
31 | 
32 |   private AclStatus statusDuringTest;
33 |   private AclSecurityActivator aclSecurityActivator;
34 | 
35 |   public AclActivatorFilter(AclSecurityActivator aclSecurityActivator) {
36 |     this(ENABLED, aclSecurityActivator);
37 |   }
38 | 
39 |   public AclActivatorFilter(AclStatus statusDuringTest, AclSecurityActivator aclSecurityActivator) {
40 |     super();
41 |     this.statusDuringTest = statusDuringTest;
42 |     this.aclSecurityActivator = aclSecurityActivator;
43 |   }
44 | 
45 |   @Override
46 |   public void init(FilterConfig filterConfig) throws ServletException {}
47 | 
48 |   @Override
49 |   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
50 |       throws IOException, ServletException {
51 |     AclStatus status = aclSecurityActivator.getStatus();
52 |     aclSecurityActivator.setStatus(statusDuringTest);
53 |     try {
54 |       chain.doFilter(request, response);
55 |     } finally {
56 |       aclSecurityActivator.setStatus(status);
57 |     }
58 |   }
59 | 
60 |   @Override
61 |   public void destroy() {}
62 | }
63 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/query/AclPredicateTargetSource.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.query;
15 | 
16 | import javax.persistence.criteria.CriteriaBuilder;
17 | import javax.persistence.criteria.Predicate;
18 | 
19 | import org.slf4j.Logger;
20 | import org.slf4j.LoggerFactory;
21 | import org.springframework.aop.TargetSource;
22 | 
23 | public class AclPredicateTargetSource implements TargetSource {
24 | 
25 |     private Logger logger = LoggerFactory.getLogger(getClass());
26 |     private Predicate original;
27 |     private Predicate current;
28 |     private CriteriaBuilder criteriaBuilder;
29 | 
30 |     public AclPredicateTargetSource(CriteriaBuilder criteriaBuilder, Predicate original) {
31 |         this.criteriaBuilder = criteriaBuilder;
32 |         this.original = original;
33 |         setCurrent(original);
34 |         logger.debug("Original predicate : {}", original);
35 |     }
36 | 
37 |     public void installAcl(Predicate aclPredicate) {
38 |         Predicate enhancedPredicate = criteriaBuilder.and(original, aclPredicate);
39 |         setCurrent(enhancedPredicate);
40 |         logger.debug("Enhanced predicate : {}", enhancedPredicate);
41 |     }
42 | 
43 |     public void uninstallAcl() {
44 |         setCurrent(original);
45 |     }
46 | 
47 |     @Override
48 |     public Class<?> getTargetClass() {
49 |         return getTarget().getClass();
50 |     }
51 | 
52 |     @Override
53 |     public boolean isStatic() {
54 |         return false;
55 |     }
56 | 
57 |     @Override
58 |     public Object getTarget() {
59 |         return current;
60 |     }
61 | 
62 |     @Override
63 |     public void releaseTarget(Object target) throws Exception {}
64 | 
65 |     private void setCurrent(Predicate predicate) {
66 |         this.current = predicate;
67 |     }
68 | }
69 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/domain/Customer.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  */
14 | 
15 | package com.github.lothar.security.acl.elasticsearch.domain;
16 | 
17 | import java.io.Serializable;
18 | import java.util.Objects;
19 | 
20 | import org.springframework.data.annotation.Id;
21 | import org.springframework.data.elasticsearch.annotations.Document;
22 | 
23 | import com.github.lothar.security.acl.Acl;
24 | 
25 | @Document(indexName = "customer")
26 | @Acl("customerStrategy")
27 | public class Customer implements Serializable {
28 | 
29 |   private static final long serialVersionUID = 1L;
30 | 
31 |   @Id
32 |   private String id;
33 | 
34 |   private String firstName;
35 | 
36 |   private String lastName;
37 | 
38 |   public Customer() {}
39 | 
40 |   public Customer(String id, String firstName, String lastName) {
41 |     this.id = id;
42 |     this.firstName = firstName;
43 |     this.lastName = lastName;
44 |   }
45 | 
46 |   public String getId() {
47 |     return this.id;
48 |   }
49 | 
50 |   public void setId(String id) {
51 |     this.id = id;
52 |   }
53 | 
54 |   public String getFirstName() {
55 |     return this.firstName;
56 |   }
57 | 
58 |   public void setFirstName(String firstName) {
59 |     this.firstName = firstName;
60 |   }
61 | 
62 |   public String getLastName() {
63 |     return this.lastName;
64 |   }
65 | 
66 |   public void setLastName(String lastName) {
67 |     this.lastName = lastName;
68 |   }
69 | 
70 |   @Override
71 |   public boolean equals(Object obj) {
72 |     if (!(obj instanceof Customer)) {
73 |       return false;
74 |     }
75 |     Customer customer = (Customer) obj;
76 |     return Objects.equals(customer.id, id);
77 |   }
78 | 
79 |   @Override
80 |   public int hashCode() {
81 |     return Objects.hashCode(id);
82 |   }
83 | 
84 |   @Override
85 |   public String toString() {
86 |     return String.format("Customer[id=%s, firstName='%s', lastName='%s']", this.id, this.firstName,
87 |         this.lastName);
88 |   }
89 | 
90 | }
91 | 


--------------------------------------------------------------------------------
/sample/src/test/java/com/github/lothar/security/acl/sample/elasticsearch/CustomerSearchRepositoryTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.sample.elasticsearch;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | import static org.elasticsearch.index.query.QueryBuilders.matchQuery;
20 | 
21 | import javax.annotation.Resource;
22 | 
23 | import org.junit.Before;
24 | import org.junit.Ignore;
25 | import org.junit.Test;
26 | import org.junit.runner.RunWith;
27 | import org.springframework.boot.test.context.SpringBootTest;
28 | import org.springframework.test.context.junit4.SpringRunner;
29 | 
30 | import com.github.lothar.security.acl.sample.SampleApplication;
31 | import com.github.lothar.security.acl.sample.domain.Customer;
32 | 
33 | @RunWith(SpringRunner.class)
34 | @SpringBootTest(classes = SampleApplication.class)
35 | public class CustomerSearchRepositoryTest {
36 | 
37 |   @Resource
38 |   private CustomerSearchRepository searchRepository;
39 | 
40 |   @Before
41 |   public void init() {
42 |     searchRepository.deleteAll();
43 |     searchRepository.save(new Customer("Alice", "Smith"));
44 |     searchRepository.save(new Customer("Bob", "Smith"));
45 |     searchRepository.save(new Customer("John", "Doe"));
46 |   }
47 | 
48 |   @Test
49 |   public void should_find_authorized_customers_only_when_strategy_applied() {
50 |     assertThat(searchRepository.count()).isEqualTo(2);
51 |   }
52 | 
53 |   @Ignore("Not yet implemented #12")
54 |   @Test
55 |   public void should_not_find_members_of_Doe_family_when_strategy_applied() {
56 |     assertThat(searchRepository.findByLastName("Doe")).isEmpty();
57 |   }
58 | 
59 |   @Test
60 |   public void should_search_retrieve_authorized_customers_only_when_strategy_applied() {
61 |     assertThat(searchRepository.search(matchQuery("name", "Doe"))).isEmpty();
62 |   }
63 | }
64 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/JpaSpecProvider.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa;
15 | 
16 | import org.slf4j.Logger;
17 | import org.slf4j.LoggerFactory;
18 | import org.springframework.data.jpa.domain.Specification;
19 | 
20 | import com.github.lothar.security.acl.AclStrategy;
21 | import com.github.lothar.security.acl.AclStrategyProvider;
22 | 
23 | public class JpaSpecProvider<T> {
24 | 
25 |   private Logger logger = LoggerFactory.getLogger(getClass());
26 |   private AclStrategyProvider strategyProvider;
27 |   private JpaSpecFeature<T> jpaSpecFeature;
28 |   private Specification<T> defaultJpaSpec;
29 | 
30 |   public JpaSpecProvider(AclStrategyProvider strategyProvider, JpaSpecFeature<T> jpaSpecFeature,
31 |       Specification<T> defaultJpaSpec) {
32 |     super();
33 |     this.strategyProvider = strategyProvider;
34 |     this.jpaSpecFeature = jpaSpecFeature;
35 |     this.defaultJpaSpec = defaultJpaSpec;
36 |   }
37 | 
38 |   public Specification<T> jpaSpecFor(Class<? extends T> domainType) {
39 |     Specification<T> aclJpaSpec = defaultJpaSpec;
40 | 
41 |     AclStrategy strategy = strategyProvider.strategyFor(domainType);
42 |     if (strategy == null) {
43 |       logger.debug("No strategy found for '{}' in strategy provider", domainType.getSimpleName());
44 | 
45 |     } else {
46 |       Specification<T> aclJpaSpecification = strategy.handlerFor(jpaSpecFeature);
47 |       if (aclJpaSpecification == null) {
48 |         logger.debug(
49 |             "No ACL JPA specification found in strategy {} > fall back on default ACL JPA specification",
50 |             strategy);
51 |       } else {
52 |         aclJpaSpec = aclJpaSpecification;
53 |       }
54 |     }
55 | 
56 |     logger.debug("Using ACL JPA specification for '{}': {}", domainType.getSimpleName(),
57 |         aclJpaSpec);
58 |     return aclJpaSpec;
59 |   }
60 | }
61 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/SimpleAclStrategy.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl;
17 | 
18 | import static org.springframework.util.Assert.notNull;
19 | 
20 | import java.util.HashMap;
21 | import java.util.Map;
22 | import java.util.Objects;
23 | 
24 | import org.slf4j.Logger;
25 | import org.slf4j.LoggerFactory;
26 | import com.github.lothar.security.acl.named.NamedBean;
27 | 
28 | @SuppressWarnings("unchecked")
29 | public class SimpleAclStrategy extends NamedBean implements AclStrategy {
30 | 
31 |   private Logger logger = LoggerFactory.getLogger(getClass());
32 |   private Map<AclFeature<?>, Object> handlersByFeature = new HashMap<>();
33 | 
34 |   public <Handler> void install(AclFeature<Handler> feature, Handler handler) {
35 |     notNull(feature, "Feature can't be null");
36 |     notNull(handler, "Can't register a null handler ; please use unregister("
37 |         + AclFeature.class.getSimpleName() + ")");
38 |     handlersByFeature.put(feature, handler);
39 |     if (logger.isDebugEnabled()) {
40 |       logger.debug("Installed {} handler in {} : {}", feature, name(), handler);
41 |     }
42 |   }
43 | 
44 |   public <Handler> Handler uninstall(AclFeature<Handler> feature) {
45 |     Handler filter = (Handler) handlersByFeature.remove(feature);
46 |     if (logger.isDebugEnabled()) {
47 |       logger.debug("Uninstalled {} handler from {}", feature, name());
48 |     }
49 |     return filter;
50 |   }
51 | 
52 |   public <Handler> Handler handlerFor(AclFeature<Handler> feature) {
53 |     return (Handler) handlersByFeature.get(feature);
54 |   }
55 | 
56 |   public <Handler> boolean hasHandler(AclFeature<Handler> feature) {
57 |     return handlersByFeature.containsKey(feature);
58 |   }
59 | 
60 |   @Override
61 |   public String toString() {
62 |     return name() + ":" + Objects.toString(handlersByFeature);
63 |   }
64 | }
65 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/domain/Customer.java:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright 2012-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  */
14 | 
15 | package com.github.lothar.security.acl.jpa.domain;
16 | 
17 | import java.io.Serializable;
18 | import java.util.Objects;
19 | 
20 | import javax.persistence.Entity;
21 | import javax.persistence.GeneratedValue;
22 | import javax.persistence.GenerationType;
23 | import javax.persistence.Id;
24 | import javax.persistence.Table;
25 | 
26 | import com.github.lothar.security.acl.Acl;
27 | 
28 | @Entity
29 | @Table(name = "customer")
30 | @Acl("customerStrategy")
31 | public class Customer implements Serializable {
32 | 
33 |     private static final long serialVersionUID = 1L;
34 | 
35 |     @Id
36 |     @GeneratedValue(strategy = GenerationType.AUTO)
37 | 	private String id;
38 | 
39 | 	private String firstName;
40 | 
41 | 	private String lastName;
42 | 
43 | 	public Customer() {
44 | 	}
45 | 
46 | 	public Customer(String firstName, String lastName) {
47 | 		this.firstName = firstName;
48 | 		this.lastName = lastName;
49 | 	}
50 | 
51 | 	public String getId() {
52 | 		return this.id;
53 | 	}
54 | 
55 | 	public void setId(String id) {
56 | 		this.id = id;
57 | 	}
58 | 
59 | 	public String getFirstName() {
60 | 		return this.firstName;
61 | 	}
62 | 
63 | 	public void setFirstName(String firstName) {
64 | 		this.firstName = firstName;
65 | 	}
66 | 
67 | 	public String getLastName() {
68 | 		return this.lastName;
69 | 	}
70 | 
71 | 	public void setLastName(String lastName) {
72 | 		this.lastName = lastName;
73 | 	}
74 | 
75 | 	@Override
76 | 	public String toString() {
77 | 		return String.format("Customer[id=%s, firstName='%s', lastName='%s']", this.id,
78 | 				this.firstName, this.lastName);
79 | 	}
80 | 
81 | 	@Override
82 | 	public boolean equals(Object obj) {
83 | 	    if (obj == null) {
84 | 	        return false;
85 | 	    }
86 | 	    if (!(obj instanceof Customer)) {
87 | 	        return false;
88 | 	    }
89 | 	    Customer customer = (Customer) obj;
90 | 	    return Objects.equals(this.id, customer.id);
91 | 	}
92 | 
93 | 	@Override
94 | 	public int hashCode() {
95 | 	    return Objects.hash(id);
96 | 	}
97 | }
98 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/activation/test/AclTestExecutionListener.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.activation.test;
15 | 
16 | import static com.github.lothar.security.acl.activation.AclStatus.DISABLED;
17 | 
18 | import org.springframework.context.ApplicationContext;
19 | import org.springframework.test.context.TestContext;
20 | import org.springframework.test.context.support.AbstractTestExecutionListener;
21 | import org.springframework.util.Assert;
22 | 
23 | import com.github.lothar.security.acl.activation.AclSecurityActivator;
24 | import com.github.lothar.security.acl.activation.AclStatus;
25 | 
26 | public class AclTestExecutionListener extends AbstractTestExecutionListener {
27 | 
28 |   private AclStatus statusDuringTest;
29 |   private AclStatus initialStatus;
30 | 
31 |   public AclTestExecutionListener() {
32 |     this(DISABLED);
33 |   }
34 | 
35 |   public AclTestExecutionListener(AclStatus statusDuringTest) {
36 |     super();
37 |     Assert.notNull(statusDuringTest, "Status should not be null");
38 |     this.statusDuringTest = statusDuringTest;
39 |   }
40 | 
41 |   @Override
42 |   public void beforeTestMethod(TestContext testContext) {
43 |     AclSecurityActivator aclSecurityActivator = aclSecurityActivator(testContext);
44 |     initialStatus = aclSecurityActivator.getStatus();
45 |     aclSecurityActivator.setStatus(statusDuringTest);
46 |   }
47 | 
48 |   @Override
49 |   public void afterTestMethod(TestContext testContext) {
50 |     AclSecurityActivator aclSecurityActivator = aclSecurityActivator(testContext);
51 |     aclSecurityActivator.setStatus(initialStatus);
52 |   }
53 | 
54 |   private AclSecurityActivator aclSecurityActivator(TestContext testContext) {
55 |     ApplicationContext context = testContext.getApplicationContext();
56 |     AclSecurityActivator aclSecurityActivator = context.getBean(AclSecurityActivator.class);
57 |     return aclSecurityActivator;
58 |   }
59 | }
60 | 


--------------------------------------------------------------------------------
/elasticsearch/src/main/java/com/github/lothar/security/acl/elasticsearch/AclFilterProvider.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch;
15 | 
16 | import org.elasticsearch.index.query.QueryBuilder;
17 | import org.slf4j.Logger;
18 | import org.slf4j.LoggerFactory;
19 | 
20 | import com.github.lothar.security.acl.AclStrategy;
21 | import com.github.lothar.security.acl.AclStrategyProvider;
22 | 
23 | public class AclFilterProvider {
24 | 
25 |   private Logger logger = LoggerFactory.getLogger(getClass());
26 |   private AclStrategyProvider strategyProvider;
27 |   private ElasticSearchFeature elasticSearchFeature;
28 |   private QueryBuilder defaultQueryBuilder;
29 | 
30 |   public AclFilterProvider(AclStrategyProvider strategyProvider,
31 |       ElasticSearchFeature elasticSearchFeature, QueryBuilder defaultQueryBuilder) {
32 |     super();
33 |     this.strategyProvider = strategyProvider;
34 |     this.elasticSearchFeature = elasticSearchFeature;
35 |     this.defaultQueryBuilder = defaultQueryBuilder;
36 |   }
37 | 
38 |   public QueryBuilder filterFor(Class<?> domainType) {
39 |     QueryBuilder filterBuilder = defaultQueryBuilder;
40 | 
41 |     AclStrategy strategy = strategyProvider.strategyFor(domainType);
42 |     if (strategy == null) {
43 |       logger.debug("No strategy found for '{}' in strategy provider", domainType.getSimpleName());
44 | 
45 |     } else {
46 |       QueryBuilder filter = strategy.handlerFor(elasticSearchFeature);
47 |       if (filter == null) {
48 |         logger.debug(
49 |             "No ACL ElasticSearch found in strategy {} > fall back on default ACL ElasticSearch specification",
50 |             strategy);
51 |       } else {
52 |         filterBuilder = filter;
53 |       }
54 |     }
55 | 
56 |     logger.debug("Using ACL ElasticSearch filter builder for {} using strategy {}: {}",
57 |         domainType.getSimpleName(), strategy, filterBuilder);
58 |     return filterBuilder;
59 |   }
60 | 
61 | }
62 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/JpaSpecTestConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa;
15 | 
16 | import javax.annotation.PostConstruct;
17 | import javax.annotation.Resource;
18 | 
19 | import org.springframework.boot.autoconfigure.SpringBootApplication;
20 | import org.springframework.context.annotation.Bean;
21 | import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
22 | 
23 | import com.github.lothar.security.acl.AclStrategy;
24 | import com.github.lothar.security.acl.SimpleAclStrategy;
25 | import com.github.lothar.security.acl.jpa.domain.Customer;
26 | import com.github.lothar.security.acl.jpa.repository.AclJpaRepositoryFactoryBean;
27 | import com.github.lothar.security.acl.jpa.spec.AllowAllSpecification;
28 | import com.github.lothar.security.acl.jpa.spec.CustomerSpecification;
29 | 
30 | @SpringBootApplication
31 | @EnableJpaRepositories(value = "com.github.lothar.security.acl.jpa.repository",
32 |     repositoryFactoryBeanClass = AclJpaRepositoryFactoryBean.class)
33 | public class JpaSpecTestConfiguration {
34 | 
35 |   @Resource
36 |   private SimpleAclStrategy allowAllStrategy;
37 |   @Resource
38 |   private AllowAllSpecification<?> allowAllSpecification;
39 |   @Resource
40 |   private JpaSpecFeature<Customer> jpaSpecFeature;
41 |   private SimpleAclStrategy customerStrategy = new SimpleAclStrategy();
42 |   private CustomerSpecification smithFamilySpec = new CustomerSpecification("Smith");
43 | 
44 |   @Bean
45 |   public AclStrategy withoutHandlerStrategy() {
46 |     return new SimpleAclStrategy();
47 |   }
48 | 
49 |   @Bean
50 |   public AclStrategy customerStrategy() {
51 |     return customerStrategy;
52 |   }
53 | 
54 |   @Bean
55 |   public CustomerSpecification smithFamilySpec() {
56 |     return smithFamilySpec;
57 |   }
58 | 
59 |   @PostConstruct
60 |   public void installStrategy() {
61 |     customerStrategy.install(jpaSpecFeature, smithFamilySpec);
62 |   }
63 | }
64 | 


--------------------------------------------------------------------------------
/grant/src/test/java/com/github/lothar/security/acl/grant/config/GrantEvaluatorAclConfigurationTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant.config;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Test;
23 | import org.junit.runner.RunWith;
24 | import org.springframework.boot.test.context.SpringBootTest;
25 | import org.springframework.security.access.PermissionEvaluator;
26 | import org.springframework.test.context.junit4.SpringRunner;
27 | 
28 | import com.github.lothar.security.acl.grant.AclPermissionEvaluator;
29 | import com.github.lothar.security.acl.grant.GrantEvaluator;
30 | import com.github.lothar.security.acl.grant.GrantEvaluatorFeature;
31 | import com.github.lothar.security.acl.grant.GrantEvaluatorTestConfiguration;
32 | 
33 | @RunWith(SpringRunner.class)
34 | @SpringBootTest(classes = GrantEvaluatorTestConfiguration.class)
35 | public class GrantEvaluatorAclConfigurationTest {
36 | 
37 |   @Resource
38 |   private PermissionEvaluator permissionEvaluator;
39 |   @Resource
40 |   private GrantEvaluatorFeature grantEvaluatorFeature;
41 |   @Resource
42 |   private GrantEvaluator allowAllGrantEvaluator;
43 |   @Resource
44 |   private GrantEvaluator defaultGrantEvaluator;
45 |   @Resource
46 |   private GrantEvaluator denyAllGrantEvaluator;
47 | 
48 |   @Test
49 |   public void should_grantEvaluatorFeature_be_loaded() {
50 |     assertThat(grantEvaluatorFeature).isNotNull();
51 |   }
52 | 
53 |   @Test
54 |   public void should_permissionEvaluator_be_loaded() {
55 |     assertThat(permissionEvaluator).isInstanceOf(AclPermissionEvaluator.class);
56 |   }
57 | 
58 |   @Test
59 |   public void should_default_and_allowAll_be_the_same() {
60 |     assertThat(defaultGrantEvaluator).isSameAs(allowAllGrantEvaluator);
61 |   }
62 | 
63 |   @Test
64 |   public void should_denyAll_and_allowAll_be_different() {
65 |     assertThat(denyAllGrantEvaluator).isNotSameAs(allowAllGrantEvaluator);
66 |   }
67 | }
68 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/activation/web/AclActivatorFilterTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.activation.web;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import java.io.IOException;
21 | 
22 | import javax.annotation.Resource;
23 | import javax.servlet.FilterChain;
24 | import javax.servlet.ServletException;
25 | import javax.servlet.ServletRequest;
26 | import javax.servlet.ServletResponse;
27 | 
28 | import org.junit.Test;
29 | import org.junit.runner.RunWith;
30 | import org.springframework.boot.test.context.SpringBootTest;
31 | import org.springframework.test.context.TestExecutionListeners;
32 | import org.springframework.test.context.junit4.SpringRunner;
33 | import org.springframework.test.context.support.DependencyInjectionTestExecutionListener;
34 | 
35 | import com.github.lothar.security.acl.activation.AclSecurityActivator;
36 | import com.github.lothar.security.acl.activation.test.AclTestExecutionListener;
37 | import com.github.lothar.security.acl.config.AclConfiguration;
38 | 
39 | @RunWith(SpringRunner.class)
40 | @SpringBootTest(classes = AclConfiguration.class)
41 | @TestExecutionListeners({AclTestExecutionListener.class,
42 |     DependencyInjectionTestExecutionListener.class})
43 | public class AclActivatorFilterTest {
44 | 
45 |   @Resource
46 |   private AclSecurityActivator aclSecurityActivator;
47 | 
48 |   @Test
49 |   public void should_acl_security_be_enabled_when_filter_is_activated()
50 |       throws IOException, ServletException {
51 |     AclActivatorFilter filter = new AclActivatorFilter(aclSecurityActivator);
52 |     FilterChain chainAssert = new FilterChain() {
53 |       @Override
54 |       public void doFilter(ServletRequest request, ServletResponse response)
55 |           throws IOException, ServletException {
56 |         assertThat(aclSecurityActivator.isEnabled()).isTrue();
57 |       }
58 |     };
59 | 
60 |     assertThat(aclSecurityActivator.isEnabled()).isFalse();
61 |     filter.doFilter(null, null, chainAssert);
62 |     assertThat(aclSecurityActivator.isEnabled()).isFalse();
63 |   }
64 | }
65 | 


--------------------------------------------------------------------------------
/core/src/main/java/com/github/lothar/security/acl/compound/AclStrategyComposer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.compound;
15 | 
16 | import static org.springframework.util.Assert.notNull;
17 | 
18 | import com.github.lothar.security.acl.AclFeature;
19 | import com.github.lothar.security.acl.AclStrategy;
20 | 
21 | public class AclStrategyComposer implements AclComposer<AclStrategy> {
22 | 
23 |   private AclStrategyComposerProvider composerProvider;
24 | 
25 |   public AclStrategyComposer(AclStrategyComposerProvider composerProvider) {
26 |     super();
27 |     this.composerProvider = composerProvider;
28 |   }
29 | 
30 |   public AclStrategy and(AclStrategy lhs, AclStrategy rhs) {
31 |     return new CompoundAclStrategy(lhs, rhs, StrategyOperator.AND);
32 |   }
33 | 
34 |   public AclStrategy or(AclStrategy lhs, AclStrategy rhs) {
35 |     return new CompoundAclStrategy(lhs, rhs, StrategyOperator.OR);
36 |   }
37 | 
38 |   private class CompoundAclStrategy extends AbstractCompound<AclStrategy, StrategyOperator>
39 |       implements AclStrategy {
40 | 
41 |     private CompoundAclStrategy(AclStrategy lhs, AclStrategy rhs, StrategyOperator operator) {
42 |       super(lhs, rhs, operator);
43 |     }
44 | 
45 |     @Override
46 |     public <Handler> Handler handlerFor(AclFeature<Handler> feature) {
47 |       AclComposer<Handler> composer = composerProvider.composerFor(feature);
48 |       notNull(composer, "No composer found for " + feature);
49 |       return operator.apply(composer, lhs.handlerFor(feature), rhs.handlerFor(feature));
50 |     }
51 |   }
52 | 
53 |   private static enum StrategyOperator implements Operator<AclStrategy> {
54 | 
55 |     AND {
56 |       @Override
57 |       <Handler> Handler apply(AclComposer<Handler> composer, Handler lhs, Handler rhs) {
58 |         return composer.and(lhs, rhs);
59 |       }
60 |     },
61 | 
62 |     OR {
63 |       @Override
64 |       <Handler> Handler apply(AclComposer<Handler> composer, Handler lhs, Handler rhs) {
65 |         return composer.or(lhs, rhs);
66 |       }
67 |     };
68 | 
69 |     abstract <Handler> Handler apply(AclComposer<Handler> composer, Handler lhs, Handler rhs);
70 |   }
71 | }
72 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/multithread/MultithreadTestConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.multithread;
15 | 
16 | import javax.annotation.PostConstruct;
17 | import javax.annotation.Resource;
18 | 
19 | import org.springframework.boot.autoconfigure.SpringBootApplication;
20 | import org.springframework.context.annotation.Bean;
21 | import org.springframework.context.annotation.ComponentScan;
22 | import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
23 | 
24 | import com.github.lothar.security.acl.AclStrategy;
25 | import com.github.lothar.security.acl.SimpleAclStrategy;
26 | import com.github.lothar.security.acl.jpa.JpaSpecFeature;
27 | import com.github.lothar.security.acl.jpa.domain.Customer;
28 | import com.github.lothar.security.acl.jpa.repository.AclJpaRepositoryFactoryBean;
29 | import com.github.lothar.security.acl.jpa.spec.AllowAllSpecification;
30 | 
31 | @SpringBootApplication
32 | @ComponentScan("com.github.lothar.security.acl.jpa")
33 | @EnableJpaRepositories(value = "com.github.lothar.security.acl.jpa.repository",
34 |         repositoryFactoryBeanClass = AclJpaRepositoryFactoryBean.class)
35 | public class MultithreadTestConfiguration {
36 | 
37 |     @Resource
38 |     private SimpleAclStrategy allowAllStrategy;
39 |     @Resource
40 |     private AllowAllSpecification<?> allowAllSpecification;
41 |     @Resource
42 |     private JpaSpecFeature<Customer> jpaSpecFeature;
43 |     private SimpleAclStrategy customerStrategy = new SimpleAclStrategy();
44 |     private CurrentUserLastNameSpec currentUserLastNameSpec = new CurrentUserLastNameSpec();
45 | 
46 |     @Bean
47 |     public AclStrategy withoutHandlerStrategy() {
48 |         return new SimpleAclStrategy();
49 |     }
50 | 
51 |     @Bean
52 |     public AclStrategy customerStrategy() {
53 |         return customerStrategy;
54 |     }
55 | 
56 |     @Bean
57 |     public CurrentUserLastNameSpec currentUserLastNameSpec() {
58 |         return currentUserLastNameSpec;
59 |     }
60 | 
61 |     @PostConstruct
62 |     public void installStrategy() {
63 |         customerStrategy.install(jpaSpecFeature, currentUserLastNameSpec);
64 |     }
65 | }
66 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/TypedGrantEvaluator.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.grant;
17 | 
18 | import java.io.Serializable;
19 | 
20 | import org.springframework.security.core.Authentication;
21 | import com.github.lothar.security.acl.named.NamedBean;
22 | 
23 | /**
24 |  * @author Francois Lecomte
25 |  *
26 |  * @param <T> Object type
27 |  * @param <ID> Object ID type
28 |  * @param <A> {@link Authentication}
29 |  * @param <P> Permission
30 |  */
31 | @SuppressWarnings("unchecked")
32 | public abstract class TypedGrantEvaluator<T, ID extends Serializable, A, P> extends NamedBean
33 |     implements GrantEvaluator {
34 | 
35 |   @Override
36 |   public boolean isGranted(Object permission, Authentication authentication, Object domainObject) {
37 |     P thePermission = mapPermission(permission);
38 |     A theAuthentication = mapAuthentication(authentication);
39 |     T theDomainObject = mapDomainObject(domainObject);
40 |     return isGranted(thePermission, theAuthentication, theDomainObject);
41 |   }
42 | 
43 |   public abstract boolean isGranted(P permission, A authentication, T domainObject);
44 | 
45 |   @Override
46 |   public boolean isGranted(Object permission, Authentication authentication, Serializable targetId,
47 |       String targetType) {
48 |     P thePermission = mapPermission(permission);
49 |     A theAuthentication = mapAuthentication(authentication);
50 |     ID theTargetId = mapTargetId(targetId);
51 |     Class<? extends T> theTargetType = mapTargetType(targetType);
52 |     return isGranted(thePermission, theAuthentication, theTargetId, theTargetType);
53 |   }
54 | 
55 |   public abstract boolean isGranted(P permission, A authentication, ID targetId,
56 |       Class<? extends T> targetType);
57 | 
58 |   // ------------------------
59 |   // Mappers ----------------
60 |   // ------------------------
61 | 
62 |   protected P mapPermission(Object permission) {
63 |     return (P) permission;
64 |   }
65 | 
66 |   protected A mapAuthentication(Authentication authentication) {
67 |     return (A) authentication;
68 |   }
69 | 
70 |   protected T mapDomainObject(Object domainObject) {
71 |     return (T) domainObject;
72 |   }
73 | 
74 |   protected ID mapTargetId(Serializable targetId) {
75 |     return (ID) targetId;
76 |   }
77 | 
78 |   private Class<? extends T> mapTargetType(String targetType) {
79 |     try {
80 |       return (Class<? extends T>) Class.forName(targetType);
81 |     } catch (ClassNotFoundException e) {
82 |       throw new IllegalArgumentException("Unable to find target type '" + targetType + "'");
83 |     }
84 |   }
85 | }
86 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/compound/GrantEvaluatorComposer.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.grant.compound;
15 | 
16 | import java.io.Serializable;
17 | import java.util.function.Supplier;
18 | 
19 | import org.springframework.security.core.Authentication;
20 | 
21 | import com.github.lothar.security.acl.compound.AbstractCompound;
22 | import com.github.lothar.security.acl.compound.AclComposer;
23 | import com.github.lothar.security.acl.compound.Operator;
24 | import com.github.lothar.security.acl.grant.GrantEvaluator;
25 | 
26 | public class GrantEvaluatorComposer implements AclComposer<GrantEvaluator> {
27 | 
28 |   @Override
29 |   public GrantEvaluator and(GrantEvaluator lhs, GrantEvaluator rhs) {
30 |     return new CompoundGrantEvaluator(lhs, rhs, GrantEvaluatorOperator.AND);
31 |   }
32 | 
33 |   @Override
34 |   public GrantEvaluator or(GrantEvaluator lhs, GrantEvaluator rhs) {
35 |     return new CompoundGrantEvaluator(lhs, rhs, GrantEvaluatorOperator.OR);
36 |   }
37 | 
38 |   public static class CompoundGrantEvaluator
39 |       extends AbstractCompound<GrantEvaluator, GrantEvaluatorOperator>implements GrantEvaluator {
40 | 
41 |     private CompoundGrantEvaluator(GrantEvaluator lhs, GrantEvaluator rhs,
42 |         GrantEvaluatorOperator operator) {
43 |       super(lhs, rhs, operator);
44 |     }
45 | 
46 |     @Override
47 |     public boolean isGranted(Object permission, Authentication authentication,
48 |         Serializable targetId, String targetType) {
49 |       return operator.apply( //
50 |           () -> lhs.isGranted(permission, authentication, targetId, targetType), //
51 |           () -> rhs.isGranted(permission, authentication, targetId, targetType) //
52 |       );
53 |     }
54 | 
55 |     @Override
56 |     public boolean isGranted(Object permission, Authentication authentication,
57 |         Object domainObject) {
58 |       return operator.apply( //
59 |           () -> lhs.isGranted(permission, authentication, domainObject), //
60 |           () -> rhs.isGranted(permission, authentication, domainObject) //
61 |       );
62 |     }
63 |   }
64 | 
65 |   private static enum GrantEvaluatorOperator implements Operator<GrantEvaluator> {
66 | 
67 |     AND {
68 |       @Override
69 |       boolean apply(Supplier<Boolean> lhs, Supplier<Boolean> rhs) {
70 |         return lhs.get() && rhs.get();
71 |       }
72 |     },
73 | 
74 |     OR {
75 |       @Override
76 |       boolean apply(Supplier<Boolean> lhs, Supplier<Boolean> rhs) {
77 |         return lhs.get() || rhs.get();
78 |       }
79 |     };
80 | 
81 |     abstract boolean apply(Supplier<Boolean> lhs, Supplier<Boolean> rhs);
82 |   }
83 | }
84 | 


--------------------------------------------------------------------------------
/core/src/test/java/com/github/lothar/security/acl/compound/AclStrategyComposerTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.compound;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import java.util.function.Function;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Before;
23 | import org.junit.Test;
24 | import org.junit.runner.RunWith;
25 | import org.springframework.boot.test.context.SpringBootTest;
26 | import org.springframework.test.context.junit4.SpringRunner;
27 | 
28 | import com.github.lothar.security.acl.AclStrategy;
29 | import com.github.lothar.security.acl.AclTestConfiguration;
30 | import com.github.lothar.security.acl.SimpleAclStrategy;
31 | import com.github.lothar.security.acl.StringTesterFeature;
32 | 
33 | @RunWith(SpringRunner.class)
34 | @SpringBootTest(classes = AclTestConfiguration.class)
35 | public class AclStrategyComposerTest {
36 | 
37 |   @Resource
38 |   private AclStrategyComposer aclStrategyComposer;
39 |   @Resource
40 |   private StringTesterFeature stringTesterFeature;
41 |   private SimpleAclStrategy containsA;
42 |   private SimpleAclStrategy containsB;
43 | 
44 |   @Before
45 |   public void init() {
46 |     containsA = new SimpleAclStrategy();
47 |     containsA.install(stringTesterFeature, s -> s.contains("A"));
48 |     containsB = new SimpleAclStrategy();
49 |     containsB.install(stringTesterFeature, s -> s.contains("B"));
50 |   }
51 | 
52 |   @Test
53 |   public void test_and_strategy() {
54 |     AclStrategy aAndB = aclStrategyComposer.and(containsA, containsB);
55 |     Function<String, Boolean> stringTester = aAndB.handlerFor(stringTesterFeature);
56 |     assertThat(stringTester.apply("A")).isFalse();
57 |     assertThat(stringTester.apply("B")).isFalse();
58 |     assertThat(stringTester.apply("C")).isFalse();
59 |     assertThat(stringTester.apply("AB")).isTrue();
60 |     assertThat(stringTester.apply("ABC")).isTrue();
61 |     assertThat(stringTester.apply("AC")).isFalse();
62 |     assertThat(stringTester.apply("BC")).isFalse();
63 |   }
64 | 
65 |   @Test
66 |   public void test_or_strategy() {
67 |     AclStrategy aOrB = aclStrategyComposer.or(containsA, containsB);
68 |     Function<String, Boolean> stringTester = aOrB.handlerFor(stringTesterFeature);
69 |     assertThat(stringTester.apply("A")).isTrue();
70 |     assertThat(stringTester.apply("B")).isTrue();
71 |     assertThat(stringTester.apply("C")).isFalse();
72 |     assertThat(stringTester.apply("AB")).isTrue();
73 |     assertThat(stringTester.apply("ABC")).isTrue();
74 |     assertThat(stringTester.apply("AC")).isTrue();
75 |     assertThat(stringTester.apply("BC")).isTrue();
76 |   }
77 | 
78 | }
79 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/repository/AclJpaRepositoryFactoryBeanTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.repository;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.boot.test.context.SpringBootTest;
23 | import org.springframework.test.context.junit4.SpringRunner;
24 | 
25 | import com.github.lothar.security.acl.jpa.JpaSpecProvider;
26 | import com.github.lothar.security.acl.jpa.JpaSpecTestConfiguration;
27 | import com.github.lothar.security.acl.jpa.domain.AllowedToAllObject;
28 | import com.github.lothar.security.acl.jpa.domain.DeniedToAllObject;
29 | import com.github.lothar.security.acl.jpa.domain.NoAclObject;
30 | import com.github.lothar.security.acl.jpa.domain.NoStrategyObject;
31 | import com.github.lothar.security.acl.jpa.domain.UnknownStrategyObject;
32 | import com.github.lothar.security.acl.jpa.domain.WithoutHandlerObject;
33 | import com.github.lothar.security.acl.jpa.spec.AllowAllSpecification;
34 | import com.github.lothar.security.acl.jpa.spec.DenyAllSpecification;
35 | 
36 | @RunWith(SpringRunner.class)
37 | @SpringBootTest(classes = JpaSpecTestConfiguration.class)
38 | public class AclJpaRepositoryFactoryBeanTest {
39 | 
40 |   @Resource
41 |   private JpaSpecProvider<Object> jpaSpecProvider;
42 |   @Resource
43 |   private AllowAllSpecification<Object> allowAllSpec;
44 |   @Resource
45 |   private DenyAllSpecification<Object> denyAllSpec;
46 | 
47 |   @Test
48 |   public void should_provider_return_allowAll_spec() {
49 |     assertThat(jpaSpecProvider.jpaSpecFor(AllowedToAllObject.class)).isSameAs(allowAllSpec);
50 |   }
51 | 
52 |   @Test
53 |   public void should_provider_return_denyAll_spec() {
54 |     assertThat(jpaSpecProvider.jpaSpecFor(DeniedToAllObject.class)).isSameAs(denyAllSpec);
55 |   }
56 | 
57 |   @Test
58 |   public void should_provider_return_allowAll_spec_for_noAcl() {
59 |     assertThat(jpaSpecProvider.jpaSpecFor(NoAclObject.class)).isSameAs(allowAllSpec);
60 |   }
61 | 
62 |   @Test
63 |   public void should_provider_return_allowAll_spec_for_noStrategy() {
64 |     assertThat(jpaSpecProvider.jpaSpecFor(NoStrategyObject.class)).isSameAs(allowAllSpec);
65 |   }
66 | 
67 |   @Test
68 |   public void should_provider_return_allowAll_spec_for_unknownStrategy() {
69 |     assertThat(jpaSpecProvider.jpaSpecFor(UnknownStrategyObject.class)).isSameAs(allowAllSpec);
70 |   }
71 | 
72 |   @Test
73 |   public void should_provider_return_allowAll_spec_for_withoutHandlerStrategy() {
74 |     assertThat(jpaSpecProvider.jpaSpecFor(WithoutHandlerObject.class)).isSameAs(allowAllSpec);
75 |   }
76 | 
77 | }
78 | 


--------------------------------------------------------------------------------
/elasticsearch/src/test/java/com/github/lothar/security/acl/elasticsearch/repository/AclElasticsearchRepositoryFactoryBeanTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.repository;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.elasticsearch.index.query.QueryBuilder;
21 | import org.junit.Test;
22 | import org.junit.runner.RunWith;
23 | import org.springframework.boot.test.context.SpringBootTest;
24 | import org.springframework.test.context.junit4.SpringRunner;
25 | 
26 | import com.github.lothar.security.acl.elasticsearch.AclFilterProvider;
27 | import com.github.lothar.security.acl.elasticsearch.ElasticSearchTestConfiguration;
28 | import com.github.lothar.security.acl.elasticsearch.domain.AllowedToAllObject;
29 | import com.github.lothar.security.acl.elasticsearch.domain.DeniedToAllObject;
30 | import com.github.lothar.security.acl.elasticsearch.domain.NoAclObject;
31 | import com.github.lothar.security.acl.elasticsearch.domain.NoStrategyObject;
32 | import com.github.lothar.security.acl.elasticsearch.domain.UnknownStrategyObject;
33 | import com.github.lothar.security.acl.elasticsearch.domain.WithoutHandlerObject;
34 | 
35 | @RunWith(SpringRunner.class)
36 | @SpringBootTest(classes = ElasticSearchTestConfiguration.class)
37 | public class AclElasticsearchRepositoryFactoryBeanTest {
38 | 
39 |   @Resource
40 |   private AclFilterProvider filterProvider;
41 |   @Resource
42 |   private QueryBuilder allowAllFilter;
43 |   @Resource
44 |   private QueryBuilder denyAllFilter;
45 | 
46 |   @Test
47 |   public void should_provider_return_allowAll_filter() {
48 |     assertThat(filterProvider.filterFor(AllowedToAllObject.class)).isSameAs(allowAllFilter);
49 |   }
50 | 
51 |   @Test
52 |   public void should_provider_return_denyAll_spec() {
53 |     assertThat(filterProvider.filterFor(DeniedToAllObject.class)).isSameAs(denyAllFilter);
54 |   }
55 | 
56 |   @Test
57 |   public void should_provider_return_allowAll_filter_for_noAcl() {
58 |     assertThat(filterProvider.filterFor(NoAclObject.class)).isSameAs(allowAllFilter);
59 |   }
60 | 
61 |   @Test
62 |   public void should_provider_return_allowAll_filter_for_noStrategy() {
63 |     assertThat(filterProvider.filterFor(NoStrategyObject.class)).isSameAs(allowAllFilter);
64 |   }
65 | 
66 |   @Test
67 |   public void should_provider_return_allowAll_filter_for_unknownStrategy() {
68 |     assertThat(filterProvider.filterFor(UnknownStrategyObject.class)).isSameAs(allowAllFilter);
69 |   }
70 | 
71 |   @Test
72 |   public void should_provider_return_allowAll_filter_for_withoutHandlerStrategy() {
73 |     assertThat(filterProvider.filterFor(WithoutHandlerObject.class)).isSameAs(allowAllFilter);
74 |   }
75 | 
76 | }
77 | 


--------------------------------------------------------------------------------
/jpa/src/main/java/com/github/lothar/security/acl/jpa/config/JpaSpecAclConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa.config;
15 | 
16 | import org.slf4j.Logger;
17 | import org.slf4j.LoggerFactory;
18 | import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
19 | import org.springframework.context.annotation.Bean;
20 | import org.springframework.context.annotation.Configuration;
21 | import org.springframework.context.annotation.Import;
22 | import org.springframework.data.jpa.domain.Specification;
23 | import com.github.lothar.security.acl.AclStrategyProvider;
24 | import com.github.lothar.security.acl.SimpleAclStrategy;
25 | import com.github.lothar.security.acl.compound.AclComposersRegistry;
26 | import com.github.lothar.security.acl.config.AclConfiguration;
27 | import com.github.lothar.security.acl.jpa.JpaSpecFeature;
28 | import com.github.lothar.security.acl.jpa.JpaSpecProvider;
29 | import com.github.lothar.security.acl.jpa.compound.JpaSpecComposer;
30 | import com.github.lothar.security.acl.jpa.spec.AllowAllSpecification;
31 | import com.github.lothar.security.acl.jpa.spec.DenyAllSpecification;
32 | 
33 | @Configuration
34 | @Import(AclConfiguration.class)
35 | public class JpaSpecAclConfiguration<T> {
36 | 
37 |   private JpaSpecFeature<T> jpaSpecFeature = new JpaSpecFeature<>();
38 |   private Logger logger = LoggerFactory.getLogger(JpaSpecAclConfiguration.class);
39 | 
40 |   public JpaSpecAclConfiguration() {
41 |     logger.info("Configured feature : {}", jpaSpecFeature);
42 |   }
43 | 
44 |   @Bean
45 |   public JpaSpecFeature<T> jpaSpecFeature() {
46 |     return jpaSpecFeature;
47 |   }
48 | 
49 |   @Bean
50 |   @ConditionalOnMissingBean(JpaSpecComposer.class)
51 |   public JpaSpecComposer<T> jpaSpecComposer(AclComposersRegistry registry) {
52 |     JpaSpecComposer<T> composer = new JpaSpecComposer<>();
53 |     registry.register(jpaSpecFeature, composer);
54 |     return composer;
55 |   }
56 | 
57 |   @Bean
58 |   public JpaSpecProvider<T> jpaSpecProvider(AclStrategyProvider strategyProvider,
59 |       Specification<T> defaultAclSpecification) {
60 |     return new JpaSpecProvider<>(strategyProvider, jpaSpecFeature, defaultAclSpecification);
61 |   }
62 | 
63 |   @Bean(name = {"allowAllSpecification", "defaultAclSpecification"})
64 |   public AllowAllSpecification<T> allowAllSpecification(SimpleAclStrategy allowAllStrategy) {
65 |     AllowAllSpecification<T> allowAllSpecification = new AllowAllSpecification<>();
66 |     allowAllStrategy.install(jpaSpecFeature, allowAllSpecification);
67 |     return allowAllSpecification;
68 |   }
69 | 
70 |   @Bean
71 |   public DenyAllSpecification<T> denyAllSpecification(SimpleAclStrategy denyAllStrategy) {
72 |     DenyAllSpecification<T> denyAllSpecification = new DenyAllSpecification<>();
73 |     denyAllStrategy.install(jpaSpecFeature, denyAllSpecification);
74 |     return denyAllSpecification;
75 |   }
76 | }
77 | 


--------------------------------------------------------------------------------
/elasticsearch/src/main/java/com/github/lothar/security/acl/elasticsearch/config/ElasticSearchAclConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.elasticsearch.config;
15 | 
16 | import static org.elasticsearch.index.query.QueryBuilders.boolQuery;
17 | import static org.elasticsearch.index.query.QueryBuilders.matchAllQuery;
18 | 
19 | import org.elasticsearch.index.query.QueryBuilder;
20 | import org.slf4j.Logger;
21 | import org.slf4j.LoggerFactory;
22 | import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
23 | import org.springframework.context.annotation.Bean;
24 | import org.springframework.context.annotation.Configuration;
25 | import org.springframework.context.annotation.Import;
26 | 
27 | import com.github.lothar.security.acl.AclStrategyProvider;
28 | import com.github.lothar.security.acl.SimpleAclStrategy;
29 | import com.github.lothar.security.acl.compound.AclComposersRegistry;
30 | import com.github.lothar.security.acl.config.AclConfiguration;
31 | import com.github.lothar.security.acl.elasticsearch.AclFilterProvider;
32 | import com.github.lothar.security.acl.elasticsearch.ElasticSearchFeature;
33 | import com.github.lothar.security.acl.elasticsearch.compound.FilterBuilderComposer;
34 | 
35 | @Configuration
36 | @Import(AclConfiguration.class)
37 | public class ElasticSearchAclConfiguration {
38 | 
39 |   private ElasticSearchFeature elasticSearchFeature = new ElasticSearchFeature();
40 |   private Logger logger = LoggerFactory.getLogger(ElasticSearchAclConfiguration.class);
41 | 
42 |   public ElasticSearchAclConfiguration() {
43 |     logger.info("Configured feature : {}", elasticSearchFeature);
44 |   }
45 | 
46 |   @Bean
47 |   public ElasticSearchFeature elasticSearchFeature() {
48 |     return elasticSearchFeature;
49 |   }
50 | 
51 |   @Bean
52 |   @ConditionalOnMissingBean(FilterBuilderComposer.class)
53 |   public FilterBuilderComposer filterBuilderComposer(AclComposersRegistry registry) {
54 |     FilterBuilderComposer composer = new FilterBuilderComposer();
55 |     registry.register(elasticSearchFeature, composer);
56 |     return composer;
57 |   }
58 | 
59 |   @Bean
60 |   public AclFilterProvider aclFilterProvider(AclStrategyProvider strategyProvider,
61 |       QueryBuilder defaultFilter) {
62 |     return new AclFilterProvider(strategyProvider, elasticSearchFeature, defaultFilter);
63 |   }
64 | 
65 |   @Bean(name = {"allowAllFilter", "defaultFilter"})
66 |   public QueryBuilder allowAllFilter(SimpleAclStrategy allowAllStrategy) {
67 |     QueryBuilder allowAllFilter = matchAllQuery();
68 |     allowAllStrategy.install(elasticSearchFeature, allowAllFilter);
69 |     return allowAllFilter;
70 |   }
71 | 
72 |   @Bean
73 |   public QueryBuilder denyAllFilter(SimpleAclStrategy denyAllStrategy) {
74 |     QueryBuilder denyAllFilter = boolQuery().mustNot(matchAllQuery());
75 |     denyAllStrategy.install(elasticSearchFeature, denyAllFilter);
76 |     return denyAllFilter;
77 |   }
78 | }
79 | 


--------------------------------------------------------------------------------
/sample/src/test/java/com/github/lothar/security/acl/sample/jpa/CustomerRepositoryTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License");
 5 |  * you may not use this file except in compliance with the License.
 6 |  * You may obtain a copy of the License at
 7 |  *
 8 |  *      http://www.apache.org/licenses/LICENSE-2.0
 9 |  *
10 |  * Unless required by applicable law or agreed to in writing, software
11 |  * distributed under the License is distributed on an "AS IS" BASIS,
12 |  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 |  * See the License for the specific language governing permissions and
14 |  * limitations under the License.
15 |  *******************************************************************************/
16 | package com.github.lothar.security.acl.sample.jpa;
17 | 
18 | import static org.assertj.core.api.Assertions.assertThat;
19 | 
20 | import javax.annotation.Resource;
21 | 
22 | import org.junit.Before;
23 | import org.junit.Test;
24 | import org.junit.runner.RunWith;
25 | import org.slf4j.Logger;
26 | import org.slf4j.LoggerFactory;
27 | import org.springframework.boot.test.context.SpringBootTest;
28 | import org.springframework.data.jpa.domain.Specification;
29 | import org.springframework.test.context.junit4.SpringRunner;
30 | import org.springframework.transaction.annotation.Transactional;
31 | 
32 | import com.github.lothar.security.acl.SimpleAclStrategy;
33 | import com.github.lothar.security.acl.jpa.JpaSpecFeature;
34 | import com.github.lothar.security.acl.sample.SampleApplication;
35 | import com.github.lothar.security.acl.sample.domain.Customer;
36 | 
37 | @RunWith(SpringRunner.class)
38 | @SpringBootTest(classes = SampleApplication.class)
39 | @Transactional
40 | public class CustomerRepositoryTest {
41 | 
42 |   @Resource
43 |   private CustomerRepository repository;
44 |   @Resource
45 |   private SimpleAclStrategy customerStrategy;
46 |   @Resource
47 |   private JpaSpecFeature<Customer> jpaSpecFeature;
48 |   private Logger logger = LoggerFactory.getLogger(getClass());
49 | 
50 |   @Before
51 |   public void init() {
52 |     repository.save(new Customer("Alice", "Smith"));
53 |     repository.save(new Customer("Bob", "Smith"));
54 |     repository.save(new Customer("John", "Doe"));
55 |     logger.info("Customer strategy : {}", customerStrategy);
56 |   }
57 | 
58 |   @Test
59 |   public void should_customer_spec_be_registered_in_customer_strategy() {
60 |     Specification<Customer> customerSpec = customerStrategy.handlerFor(jpaSpecFeature);
61 |     assertThat(customerSpec) //
62 |         .as("Customer ACL JPA specification not registered") //
63 |         .isNotNull();
64 |   }
65 | 
66 |   @Test
67 |   public void should_find_authorized_customers_only_when_strategy_applied() {
68 |     assertThat(repository.count()).isEqualTo(2);
69 |   }
70 | 
71 |   @Test
72 |   public void should_find_all_customers_only_when_strategy_not_applied() {
73 |     doWithoutCustomerSpec(new Runnable() {
74 |       @Override
75 |       public void run() {
76 |         assertThat(repository.count()).isEqualTo(3);
77 |       }
78 |     });
79 |   }
80 | 
81 |   private void doWithoutCustomerSpec(Runnable runnable) {
82 |     Specification<Customer> customerSpec = customerStrategy.uninstall(jpaSpecFeature);
83 |     try {
84 |       runnable.run();
85 |     } finally {
86 |       customerStrategy.install(jpaSpecFeature, customerSpec);
87 |     }
88 |   }
89 | 
90 |   @Test
91 |   public void should_not_find_members_of_Doe_family_when_strategy_applied() {
92 |     assertThat(repository.findByLastName("Doe")).isEmpty();
93 |   }
94 | 
95 | }
96 | 


--------------------------------------------------------------------------------
/jpa/src/test/java/com/github/lothar/security/acl/jpa/JpaSpecProviderTest.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.jpa;
15 | 
16 | import static org.assertj.core.api.Assertions.assertThat;
17 | 
18 | import javax.annotation.Resource;
19 | 
20 | import org.junit.Test;
21 | import org.junit.runner.RunWith;
22 | import org.springframework.boot.test.context.SpringBootTest;
23 | import org.springframework.data.jpa.domain.Specification;
24 | import org.springframework.test.context.junit4.SpringRunner;
25 | 
26 | import com.github.lothar.security.acl.jpa.domain.NoStrategyObject;
27 | import com.github.lothar.security.acl.jpa.domain.UnknownStrategyObject;
28 | import com.github.lothar.security.acl.jpa.domain.WithoutHandlerObject;
29 | import com.github.lothar.security.acl.jpa.repository.AllowedToAllRepository;
30 | import com.github.lothar.security.acl.jpa.repository.DeniedToAllRepository;
31 | import com.github.lothar.security.acl.jpa.repository.NoAclRepository;
32 | import com.github.lothar.security.acl.jpa.repository.NoStrategyRepository;
33 | import com.github.lothar.security.acl.jpa.repository.UnknownStrategyRepository;
34 | import com.github.lothar.security.acl.jpa.repository.WithoutHandlerRepository;
35 | 
36 | @RunWith(SpringRunner.class)
37 | @SpringBootTest(classes = JpaSpecTestConfiguration.class)
38 | public class JpaSpecProviderTest {
39 | 
40 |   @Resource
41 |   private JpaSpecProvider<Object> jpaSpecProvider;
42 |   @Resource
43 |   private Specification<?> defaultAclSpecification;
44 |   @Resource
45 |   private AllowedToAllRepository allowedToAllRepository;
46 |   @Resource
47 |   private DeniedToAllRepository deniedToAllRepository;
48 |   @Resource
49 |   private NoAclRepository noAclRepository;
50 |   @Resource
51 |   private NoStrategyRepository noStrategyRepository;
52 |   @Resource
53 |   private UnknownStrategyRepository unknownStrategyRepository;
54 |   @Resource
55 |   private WithoutHandlerRepository withoutHandlerRepository;
56 | 
57 |   @Test
58 |   public void should_all_acl_repositories_be_loaded() {
59 |     assertThat(allowedToAllRepository).isNotNull();
60 |     assertThat(deniedToAllRepository).isNotNull();
61 |     assertThat(noAclRepository).isNotNull();
62 |     assertThat(noStrategyRepository).isNotNull();
63 |     assertThat(unknownStrategyRepository).isNotNull();
64 |     assertThat(withoutHandlerRepository).isNotNull();
65 |   }
66 | 
67 |   @Test
68 |   public void should_use_default_handler_when_none_defined() {
69 |     assertThat(jpaSpecProvider.jpaSpecFor(WithoutHandlerObject.class)).isSameAs(defaultAclSpecification);
70 |   }
71 | 
72 |   @Test
73 |   public void should_use_default_handler_when_unknown_defined() {
74 |     assertThat(jpaSpecProvider.jpaSpecFor(UnknownStrategyObject.class)).isSameAs(defaultAclSpecification);
75 |   }
76 | 
77 |   @Test
78 |   public void should_use_default_handler_when_no_strategy_defined() {
79 |     assertThat(jpaSpecProvider.jpaSpecFor(NoStrategyObject.class)).isSameAs(defaultAclSpecification);
80 |   }
81 | }
82 | 


--------------------------------------------------------------------------------
/grant/src/main/java/com/github/lothar/security/acl/grant/config/GrantEvaluatorAclConfiguration.java:
--------------------------------------------------------------------------------
 1 | /*******************************************************************************
 2 |  * Copyright 2002-2016 the original author or authors.
 3 |  *
 4 |  * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 5 |  * in compliance with the License. You may obtain a copy of the License at
 6 |  *
 7 |  * http://www.apache.org/licenses/LICENSE-2.0
 8 |  *
 9 |  * Unless required by applicable law or agreed to in writing, software distributed under the License
10 |  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11 |  * or implied. See the License for the specific language governing permissions and limitations under
12 |  * the License.
13 |  *******************************************************************************/
14 | package com.github.lothar.security.acl.grant.config;
15 | 
16 | import org.slf4j.Logger;
17 | import org.slf4j.LoggerFactory;
18 | import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
19 | import org.springframework.context.annotation.Bean;
20 | import org.springframework.context.annotation.Configuration;
21 | import org.springframework.context.annotation.Import;
22 | 
23 | import com.github.lothar.security.acl.AclStrategyProvider;
24 | import com.github.lothar.security.acl.SimpleAclStrategy;
25 | import com.github.lothar.security.acl.compound.AclComposersRegistry;
26 | import com.github.lothar.security.acl.config.AclConfiguration;
27 | import com.github.lothar.security.acl.grant.AclPermissionEvaluator;
28 | import com.github.lothar.security.acl.grant.GrantEvaluator;
29 | import com.github.lothar.security.acl.grant.GrantEvaluatorFeature;
30 | import com.github.lothar.security.acl.grant.compound.GrantEvaluatorComposer;
31 | import com.github.lothar.security.acl.grant.evaluators.AllowAllGrantEvaluator;
32 | import com.github.lothar.security.acl.grant.evaluators.DenyAllGrantEvaluator;
33 | 
34 | @Configuration
35 | @Import(AclConfiguration.class)
36 | public class GrantEvaluatorAclConfiguration {
37 | 
38 |   private GrantEvaluatorFeature grantEvaluatorFeature = new GrantEvaluatorFeature();
39 |   private Logger logger = LoggerFactory.getLogger(GrantEvaluatorAclConfiguration.class);
40 | 
41 |   public GrantEvaluatorAclConfiguration() {
42 |     logger.info("Configured feature : {}", grantEvaluatorFeature);
43 |   }
44 | 
45 |   @Bean
46 |   public GrantEvaluatorFeature grantEvaluatorFeature() {
47 |     return grantEvaluatorFeature;
48 |   }
49 | 
50 |   @Bean
51 |   @ConditionalOnMissingBean(GrantEvaluatorComposer.class)
52 |   public GrantEvaluatorComposer grantEvaluatorComposer(AclComposersRegistry registry) {
53 |     GrantEvaluatorComposer composer = new GrantEvaluatorComposer();
54 |     registry.register(grantEvaluatorFeature, composer);
55 |     return composer;
56 |   }
57 | 
58 |   @Bean
59 |   public AclPermissionEvaluator aclPermissionEvaluator(AclStrategyProvider strategyProvider,
60 |       GrantEvaluator defaultGrantEvaluator) {
61 |     return new AclPermissionEvaluator(strategyProvider, grantEvaluatorFeature,
62 |         defaultGrantEvaluator);
63 |   }
64 | 
65 |   @Bean(name = {"allowAllGrantEvaluator", "defaultGrantEvaluator"})
66 |   public GrantEvaluator allowAllGrantEvaluator(SimpleAclStrategy allowAllStrategy) {
67 |     GrantEvaluator allowAllGrantEvaluator = new AllowAllGrantEvaluator();
68 |     allowAllStrategy.install(grantEvaluatorFeature, allowAllGrantEvaluator);
69 |     return allowAllGrantEvaluator;
70 |   }
71 | 
72 |   @Bean
73 |   public GrantEvaluator denyAllGrantEvaluator(SimpleAclStrategy denyAllStrategy) {
74 |     GrantEvaluator denyAllGrantEvaluator = new DenyAllGrantEvaluator();
75 |     denyAllStrategy.install(grantEvaluatorFeature, denyAllGrantEvaluator);
76 |     return denyAllGrantEvaluator;
77 |   }
78 | 
79 | }
80 | 


--------------------------------------------------------------------------------