コード例 #1
0
 // returns a trusted Widget object, either from the WidgetRepository, or the
 // cached container list
 private Widget getTrustedWidget(String widgetId, List<Widget> trustedWidgetContainer) {
   Widget widget;
   if (trustedWidgetContainer.isEmpty()) {
     widget = widgetRepository.get(widgetId);
     trustedWidgetContainer.add(widget);
   } else {
     widget = trustedWidgetContainer.get(0);
   }
   return widget;
 }
コード例 #2
0
 /**
  * Checks to see if the Authentication object has the supplied Permission for the Entity
  * represented by the targetId(entityId) and targetType(model class name). This method invokes the
  * private hasPermission function with the trustedDomainObject parameter set to true since we must
  * pull the entity from the database and are guaranteed a trusted domain object, before performing
  * our permission checks.
  *
  * @param authentication the current Authentication object
  * @param targetId the entityId of the model to check, or a RaveSecurityContext object
  * @param targetType the class of the model to check
  * @param permission the Permission to check
  * @return true if the Authentication has the proper permission, false otherwise
  */
 @Override
 public boolean hasPermission(
     Authentication authentication,
     Serializable targetId,
     String targetType,
     Permission permission) {
   boolean hasPermission = false;
   if (targetId instanceof RaveSecurityContext) {
     hasPermission = verifyRaveSecurityContext(authentication, (RaveSecurityContext) targetId);
   } else {
     hasPermission =
         hasPermission(
             authentication, widgetRepository.get(targetId.toString()), permission, true);
   }
   return hasPermission;
 }