public AuthorizationResult isAuthorized()

in redback-authorization/redback-authorization-providers/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/RbacAuthorizer.java [78:158]

• 69 lines of code
• 15 McCabe index (conditional complexity)

    public AuthorizationResult isAuthorized( AuthorizationDataSource source )
        throws AuthorizationException
    {
        String principal = source.getPrincipal();
        String operation = source.getPermission();
        String resource = source.getResource();

        try
        {
            if ( principal != null )
            {
                // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
                Map<String, List<? extends Permission>> permissionMap = manager.getAssignedPermissionMap( principal );

                if ( permissionMap.keySet().contains( operation ) )
                {
                    for ( Permission permission : permissionMap.get( operation ) )
                    {

                        log.debug( "checking permission {} for operation {} resource {}",
                                   ( permission != null ? permission.getName() : "null" ), operation, resource );

                        if ( evaluator.evaluate( permission, operation, resource, principal ) )
                        {
                            return new AuthorizationResult( true, permission, null );
                        }
                    }

                    log.debug( "no permission found for operation {} resource {}", operation, resource );
                }
                else
                {
                    log.debug( "permission map does not contain operation: {}", operation );
                }
            }
            // check if guest user is enabled, if so check the global permissions
            User guest = userManager.getGuestUser();

            if ( !guest.isLocked() )
            {
                // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
                Map<String, List<? extends Permission>> permissionMap = manager.getAssignedPermissionMap( guest.getUsername() );

                if ( permissionMap.keySet().contains( operation ) )
                {
                    for ( Permission permission : permissionMap.get( operation ) )
                    {
                        log.debug( "checking permission {}", permission.getName() );

                        if ( evaluator.evaluate( permission, operation, resource, guest.getUsername() ) )
                        {
                            return new AuthorizationResult( true, permission, null );
                        }
                    }
                }
            }

            return new AuthorizationResult( false, null, new NotAuthorizedException( "no matching permissions" ) );
        }
        catch ( PermissionEvaluationException pe )
        {
            return new AuthorizationResult( false, null, pe );
        }
        catch ( RbacObjectNotFoundException nfe )
        {
            return new AuthorizationResult( false, null, nfe );
        }
        catch ( UserNotFoundException ne )
        {
            return new AuthorizationResult( false, null,
                                            new NotAuthorizedException( "no matching permissions, guest not found" ) );
        }
        catch ( RbacManagerException rme )
        {
            return new AuthorizationResult( false, null, rme );
        }
        catch ( UserManagerException e )
        {
            return new AuthorizationResult( false, null, e );
        }
    }