Your SlideShare is downloading. ×
0
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Controle de Permissão com VRaptor - QCon SP 2011
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Controle de Permissão com VRaptor - QCon SP 2011

4,507

Published on

Published in: Technology, Health & Medicine
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,507
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
34
Comments
0
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. CONTROLE DE PERMISSÃO WASHINGTON BOTELHO@wbotelhos | wbotelhos.com.br | #qconsp / 11
  • 2. public enum Perfil { MEMBRO, MODERADOR, ADMINISTRADOR}public class Usuario { private Long id; private String nome; private Perfil perfil;}
  • 3. @Post("/usuario")public void salvar(Usuario usuario) {}@Resourcepublic class AdminController {}
  • 4. Annotation@Permission(Perfil.ADMINISTRADOR)
  • 5. public @interface Permission { Perfil[] value(); }
  • 6. @Retention(RetentionPolicy.RUNTIME)@Target({ ElementType.TYPE, ElementType.METHOD })public @interface Permission { Perfil[] value(); }
  • 7. @Permission({ Perfil.MODERADOR, Perfil.ADMINISTRADOR })@Post("/usuario")public void salvar(Usuario usuario) {} @Permission(Perfil.ADMINISTRADOR) @Resource public class AdminController { }
  • 8. Interceptor @Intercepts
  • 9. accepts() { true | false } intercept(){ next | redirect | error }
  • 10. public boolean accepts(ResourceMethod method) { return !method.getMethod().isAnnotationPresent(Public.class)}
  • 11. public void intercept( InterceptorStack stack, ResourceMethod method, Object resource) { Permission methodPermission = method.getMethod().getAnnotation(Permission.class); Permission controllerPermission = method.getResource().getType().getAnnotation(Permission.class); // ...}
  • 12. private boolean hasAccess(Permission permission) { if (permission == null) return true; Collection<Perfil> perfis = Arrays.asList(permission.value()); return perfis.contains(userSession.getUser().getPerfil());}
  • 13. if (hasAccess(methodPermission) && hasAccess(controllerPermission)) stack.next(method, resource);else result.redirectTo(UsuarioController.class).negado();
  • 14. Ajax Errorresult.use(http()).sendError(500, "Permission denied!"); Not Found result.use(http()).sendError(404);
  • 15. Obrigado! (: WASHINGTON BOTELHO@wbotelhos | wbotelhos.com.br

×