SEC-2194: Add Java Config samples

This commit is contained in:
Rob Winch
2013-08-01 14:14:18 -05:00
parent 36418b964d
commit 388a4dd9db
435 changed files with 71210 additions and 51 deletions

View File

@@ -0,0 +1,56 @@
package bigbank;
/**
* Note this class does not represent best practice, as we are failing to
* encapsulate business logic (methods) and state in the domain object.
* Nevertheless, this demo is intended to reflect what people usually do,
* as opposed to what they ideally would be doing.
*
* @author Ben Alex
*/
public class Account {
private long id = -1;
private String holder;
private double balance;
private double overdraft = 100.00;
public Account(String holder) {
this.holder = holder;
}
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public String getHolder() {
return holder;
}
public void setHolder(String holder) {
this.holder = holder;
}
public double getBalance() {
return balance;
}
public void setBalance(double balance) {
this.balance = balance;
}
public double getOverdraft() {
return overdraft;
}
public void setOverdraft(double overdraft) {
this.overdraft = overdraft;
}
public String toString() {
return "Account[id=" + id + ",balance=" + balance +",holder=" + holder + ", overdraft=" + overdraft + "]";
}
}

View File

@@ -0,0 +1,7 @@
package bigbank;
public interface BankDao {
public Account readAccount(Long id);
public void createOrUpdateAccount(Account account);
public Account[] findAccounts();
}

View File

@@ -0,0 +1,32 @@
package bigbank;
import java.util.HashMap;
import java.util.Map;
public class BankDaoStub implements BankDao {
private long id = 0;
private final Map<Long, Account> accounts = new HashMap<Long, Account>();
public void createOrUpdateAccount(Account account) {
if (account.getId() == -1) {
id++;
account.setId(id);
}
accounts.put(new Long(account.getId()), account);
System.out.println("SAVE: " + account);
}
public Account[] findAccounts() {
Account[] accounts = this.accounts.values().toArray(new Account[] {});
System.out.println("Returning " + accounts.length + " account(s):");
for (Account account : accounts) {
System.out.println(" > " + account);
}
return accounts;
}
public Account readAccount(Long id) {
return accounts.get(id);
}
}

View File

@@ -0,0 +1,16 @@
package bigbank;
import org.springframework.security.access.prepost.PreAuthorize;
public interface BankService {
public Account readAccount(Long id);
public Account[] findAccounts();
@PreAuthorize(
"hasRole('supervisor') or " +
"hasRole('teller') and (#account.balance + #amount >= -#account.overdraft)" )
public Account post(Account account, double amount);
}

View File

@@ -0,0 +1,34 @@
package bigbank;
import org.springframework.util.Assert;
public class BankServiceImpl implements BankService {
private final BankDao bankDao;
public BankServiceImpl(BankDao bankDao) {
Assert.notNull(bankDao);
this.bankDao = bankDao;
}
public Account[] findAccounts() {
return this.bankDao.findAccounts();
}
public Account post(Account account, double amount) {
Assert.notNull(account);
// We read account back from DAO so it reflects the latest balance
Account a = bankDao.readAccount(account.getId());
if (a == null) {
throw new IllegalArgumentException("Couldn't find requested account");
}
a.setBalance(a.getBalance() + amount);
bankDao.createOrUpdateAccount(a);
return a;
}
public Account readAccount(Long id) {
return bankDao.readAccount(id);
}
}

View File

@@ -0,0 +1,21 @@
package bigbank;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
public class SeedData implements InitializingBean{
private BankDao bankDao;
public void afterPropertiesSet() throws Exception {
Assert.notNull(bankDao);
bankDao.createOrUpdateAccount(new Account("rod"));
bankDao.createOrUpdateAccount(new Account("dianne"));
bankDao.createOrUpdateAccount(new Account("scott"));
bankDao.createOrUpdateAccount(new Account("peter"));
}
public void setBankDao(BankDao bankDao) {
this.bankDao = bankDao;
}
}

View File

@@ -0,0 +1,33 @@
package bigbank.web;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.Assert;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.Controller;
import bigbank.BankService;
public class ListAccounts implements Controller {
private final BankService bankService;
public ListAccounts(BankService bankService) {
Assert.notNull(bankService);
this.bankService = bankService;
}
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
// Security check (this is unnecessary if Spring Security is performing the authorization)
// if (request.getUserPrincipal() == null) {
// throw new AuthenticationCredentialsNotFoundException("You must login to view the account list (Spring Security message)"); // only for Spring Security managed authentication
// }
// Actual business logic
ModelAndView mav = new ModelAndView("listAccounts");
mav.addObject("accounts", bankService.findAccounts());
return mav;
}
}

View File

@@ -0,0 +1,38 @@
package bigbank.web;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.Assert;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.Controller;
import bigbank.Account;
import bigbank.BankService;
public class PostAccounts implements Controller {
private final BankService bankService;
public PostAccounts(BankService bankService) {
Assert.notNull(bankService);
this.bankService = bankService;
}
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
// Security check (this is unnecessary if Spring Security is performing the authorization)
// if (!request.isUserInRole("ROLE_TELLER")) {
// throw new AccessDeniedException("You must be a teller to post transactions (Spring Security message)");
// }
// Actual business logic
Long id = ServletRequestUtils.getRequiredLongParameter(request, "id");
Double amount = ServletRequestUtils.getRequiredDoubleParameter(request, "amount");
Account a = bankService.readAccount(id);
bankService.post(a, amount);
return new ModelAndView("redirect:listAccounts.html");
}
}