in core/impl/src/main/java/org/apache/myfaces/extensions/cdi/core/impl/util/SecurityUtils.java [57:111]
public static void invokeVoters(InvocationContext invocationContext,
BeanManager beanManager,
AccessDecisionVoterContext voterContext,
List<Class<? extends AccessDecisionVoter>> accessDecisionVoters,
Class<? extends ViewConfig> errorView)
{
if(accessDecisionVoters == null)
{
return;
}
AccessDecisionState voterState = AccessDecisionState.VOTE_IN_PROGRESS;
try
{
if(voterContext instanceof EditableAccessDecisionVoterContext)
{
((EditableAccessDecisionVoterContext)voterContext).setState(voterState);
}
Set<SecurityViolation> violations;
AccessDecisionVoter voter;
for(Class<? extends AccessDecisionVoter> voterClass : accessDecisionVoters)
{
voter = CodiUtils.getContextualReferenceByClass(beanManager, voterClass);
violations = voter.checkPermission(invocationContext);
if(violations != null && violations.size() > 0)
{
if(voterContext instanceof EditableAccessDecisionVoterContext)
{
voterState = AccessDecisionState.VIOLATION_FOUND;
for(SecurityViolation securityViolation : violations)
{
((EditableAccessDecisionVoterContext) voterContext).addViolation(securityViolation);
}
}
throw new AccessDeniedException(violations, errorView);
}
}
}
finally
{
if(voterContext instanceof EditableAccessDecisionVoterContext)
{
if(AccessDecisionState.VOTE_IN_PROGRESS.equals(voterState))
{
voterState = AccessDecisionState.NO_VIOLATION_FOUND;
}
((EditableAccessDecisionVoterContext)voterContext).setState(voterState);
}
}
}