SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
This commit is contained in:
@@ -5,47 +5,53 @@ package bigbank;
|
||||
* encapsulate business logic (methods) and state in the domain object.
|
||||
* Nevertheless, this demo is intended to reflect what people usually do,
|
||||
* as opposed to what they ideally would be doing.
|
||||
*
|
||||
*
|
||||
* @author Ben Alex
|
||||
* @version $Id$
|
||||
*/
|
||||
public class Account {
|
||||
private long id = -1;
|
||||
private String holder;
|
||||
private double balance;
|
||||
|
||||
public Account(String holder) {
|
||||
super();
|
||||
this.holder = holder;
|
||||
}
|
||||
private long id = -1;
|
||||
private String holder;
|
||||
private double balance;
|
||||
private double overdraft = 500.00;
|
||||
|
||||
public long getId() {
|
||||
return id;
|
||||
}
|
||||
public Account(String holder) {
|
||||
this.holder = holder;
|
||||
}
|
||||
|
||||
public void setId(long id) {
|
||||
this.id = id;
|
||||
}
|
||||
public long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public String getHolder() {
|
||||
return holder;
|
||||
}
|
||||
public void setId(long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public void setHolder(String holder) {
|
||||
this.holder = holder;
|
||||
}
|
||||
public String getHolder() {
|
||||
return holder;
|
||||
}
|
||||
|
||||
public double getBalance() {
|
||||
return balance;
|
||||
}
|
||||
public void setHolder(String holder) {
|
||||
this.holder = holder;
|
||||
}
|
||||
|
||||
public void setBalance(double balance) {
|
||||
this.balance = balance;
|
||||
}
|
||||
public double getBalance() {
|
||||
return balance;
|
||||
}
|
||||
|
||||
public String toString() {
|
||||
return "Account[id=" + id + ",balance=" + balance +",holder=" + holder + "]";
|
||||
}
|
||||
public void setBalance(double balance) {
|
||||
this.balance = balance;
|
||||
}
|
||||
|
||||
|
||||
public double getOverdraft() {
|
||||
return overdraft;
|
||||
}
|
||||
|
||||
public void setOverdraft(double overdraft) {
|
||||
this.overdraft = overdraft;
|
||||
}
|
||||
|
||||
public String toString() {
|
||||
return "Account[id=" + id + ",balance=" + balance +",holder=" + holder + ", overdraft=" + overdraft + "]";
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,15 +1,16 @@
|
||||
package bigbank;
|
||||
|
||||
import org.springframework.security.annotation.Secured;
|
||||
import org.springframework.security.expression.annotation.PreAuthorize;
|
||||
|
||||
|
||||
public interface BankService {
|
||||
|
||||
@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
|
||||
public Account readAccount(Long id);
|
||||
|
||||
@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
|
||||
public Account[] findAccounts();
|
||||
|
||||
@Secured("ROLE_TELLER")
|
||||
public Account post(Account account, double amount);
|
||||
|
||||
public Account readAccount(Long id);
|
||||
|
||||
public Account[] findAccounts();
|
||||
|
||||
@PreAuthorize(
|
||||
"hasRole('ROLE_SUPERVISOR') or " +
|
||||
"hasRole('ROLE_TELLER') and (#account.balance + #amount >= -#account.overdraft)" )
|
||||
public Account post(Account account, double amount);
|
||||
}
|
||||
|
||||
@@ -4,37 +4,36 @@ import org.aspectj.lang.annotation.Pointcut;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
public class BankServiceImpl implements BankService {
|
||||
private BankDao bankDao;
|
||||
private BankDao bankDao;
|
||||
|
||||
// Not used unless you declare a <protect-pointcut>
|
||||
@Pointcut("execution(* bigbank.BankServiceImpl.*(..))")
|
||||
public void myPointcut() {}
|
||||
// Not used unless you declare a <protect-pointcut>
|
||||
@Pointcut("execution(* bigbank.BankServiceImpl.*(..))")
|
||||
public void myPointcut() {}
|
||||
|
||||
public BankServiceImpl(BankDao bankDao) {
|
||||
Assert.notNull(bankDao);
|
||||
this.bankDao = bankDao;
|
||||
}
|
||||
public BankServiceImpl(BankDao bankDao) {
|
||||
Assert.notNull(bankDao);
|
||||
this.bankDao = bankDao;
|
||||
}
|
||||
|
||||
public Account[] findAccounts() {
|
||||
return this.bankDao.findAccounts();
|
||||
}
|
||||
public Account[] findAccounts() {
|
||||
return this.bankDao.findAccounts();
|
||||
}
|
||||
|
||||
public Account post(Account account, double amount) {
|
||||
Assert.notNull(account);
|
||||
Assert.notNull(account.getId());
|
||||
|
||||
// We read account bank from DAO so it reflects the latest balance
|
||||
Account a = bankDao.readAccount(account.getId());
|
||||
if (account == null) {
|
||||
throw new IllegalArgumentException("Couldn't find requested account");
|
||||
}
|
||||
|
||||
a.setBalance(a.getBalance() + amount);
|
||||
bankDao.createOrUpdateAccount(a);
|
||||
return a;
|
||||
}
|
||||
public Account post(Account account, double amount) {
|
||||
Assert.notNull(account);
|
||||
|
||||
public Account readAccount(Long id) {
|
||||
return bankDao.readAccount(id);
|
||||
}
|
||||
// We read account bank from DAO so it reflects the latest balance
|
||||
Account a = bankDao.readAccount(account.getId());
|
||||
if (account == null) {
|
||||
throw new IllegalArgumentException("Couldn't find requested account");
|
||||
}
|
||||
|
||||
a.setBalance(a.getBalance() + amount);
|
||||
bankDao.createOrUpdateAccount(a);
|
||||
return a;
|
||||
}
|
||||
|
||||
public Account readAccount(Long id) {
|
||||
return bankDao.readAccount(id);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,22 +3,22 @@
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:security="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
||||
|
||||
<bean id="bankDao" class="bigbank.BankDaoStub"/>
|
||||
<bean id="bankDao" class="bigbank.BankDaoStub"/>
|
||||
|
||||
<bean id="seedData" class="bigbank.SeedData">
|
||||
<property name="bankDao" ref="bankDao"/>
|
||||
</bean>
|
||||
<bean id="seedData" class="bigbank.SeedData">
|
||||
<property name="bankDao" ref="bankDao"/>
|
||||
</bean>
|
||||
|
||||
<bean id="bankService" class="bigbank.BankServiceImpl">
|
||||
<constructor-arg ref="bankDao"/>
|
||||
<bean id="bankService" class="bigbank.BankServiceImpl">
|
||||
<constructor-arg ref="bankDao"/>
|
||||
<!-- This will add a security interceptor to the bean
|
||||
<security:intercept-methods>
|
||||
<security:protect method="bigbank.BankService.*" access="IS_AUTHENTICATED_REMEMBERED" />
|
||||
<security:protect method="bigbank.BankService.post" access="ROLE_TELLER" />
|
||||
</security:intercept-methods> -->
|
||||
</bean>
|
||||
</bean>
|
||||
|
||||
</beans>
|
||||
</beans>
|
||||
|
||||
@@ -9,26 +9,26 @@
|
||||
<beans:beans xmlns="http://www.springframework.org/schema/security"
|
||||
xmlns:beans="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.5.xsd">
|
||||
|
||||
<global-method-security secured-annotations="enabled">
|
||||
<!-- AspectJ pointcut expression that locates our "post" method and applies security that way
|
||||
<protect-pointcut expression="execution(* bigbank.*Service.post*(..))" access="ROLE_TELLER"/>
|
||||
-->
|
||||
</global-method-security>
|
||||
<global-method-security spel-annotations="enabled">
|
||||
<!-- AspectJ pointcut expression that locates our "post" method and applies security that way
|
||||
<protect-pointcut expression="execution(* bigbank.*Service.post*(..))" access="ROLE_TELLER"/>
|
||||
-->
|
||||
</global-method-security>
|
||||
|
||||
<http auto-config="true">
|
||||
<intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
|
||||
<intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
|
||||
<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
|
||||
<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
|
||||
<intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />
|
||||
<intercept-url pattern="/post.html" access="ROLE_TELLER" />
|
||||
-->
|
||||
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
|
||||
<!--
|
||||
Uncomment to enable X509 client authentication support
|
||||
<x509 />
|
||||
<x509 />
|
||||
-->
|
||||
|
||||
<!-- All of this is unnecessary if auto-config="true"
|
||||
@@ -40,7 +40,7 @@
|
||||
|
||||
<!-- Uncomment to limit the number of sessions a user can have
|
||||
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>
|
||||
-->
|
||||
-->
|
||||
</http>
|
||||
|
||||
<!--
|
||||
@@ -54,10 +54,10 @@
|
||||
<password-encoder hash="md5"/>
|
||||
<user-service>
|
||||
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
|
||||
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
|
||||
<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
|
||||
<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
|
||||
<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
|
||||
</user-service>
|
||||
</authentication-provider>
|
||||
</user-service>
|
||||
</authentication-provider>
|
||||
|
||||
</beans:beans>
|
||||
</beans:beans>
|
||||
|
||||
@@ -24,4 +24,4 @@
|
||||
</td>
|
||||
</tr>
|
||||
</c:forEach>
|
||||
</table>
|
||||
</table>
|
||||
|
||||
Reference in New Issue
Block a user