private Annotation getSecurityAnnotation()

in tobago-core/src/main/java/org/apache/myfaces/tobago/internal/util/AuthorizationHelper.java [116:199]

• 71 lines of code
• 16 McCabe index (conditional complexity)

  private Annotation getSecurityAnnotation(
      final FacesContext facesContext, final UIComponent component, final String expressionFull) {

    final String expression = skipParameterPart(expressionFull);

    Annotation securityAnnotation = null;

    if (cache.containsKey(expression)) {
      final Object obj = cache.get(expression);
      if (obj instanceof Annotation) {
        securityAnnotation = (Annotation) obj;
      }
    } else {
      final Matcher matcher = PATTERN.matcher(expression);
      if (matcher.matches()) {
        final String beanString = matcher.group(1);
        final String methodString = matcher.group(2);

        final Object bean = getBean(facesContext, beanString);
        if (bean != null) {
          // try first from method
          final List<Method> methods = findMethods(bean, methodString);
          switch (methods.size()) {
            case 0:
              LOG.error("No Method '" + methodString + "' in class " + bean.getClass());
              break;
            case 1:
              securityAnnotation = getSecurityAnnotations(methods.get(0));
              break;
            default:
              LOG.warn("Method name ambiguous '" + methodString + "' in class " + bean.getClass()
                  + ". Found " + methods.size() + " but only 1 is supported, yet.");
          }
          // if not set, try from class
          if (securityAnnotation == null) {
            securityAnnotation = getSecurityAnnotations(bean.getClass());
          }
        }
      }
      if (securityAnnotation == null) {
        securityAnnotation = NULL_VALUE;
      }

      cache.put(expression, securityAnnotation);
      if (LOG.isInfoEnabled()) {
        LOG.info("Security annotation '{}' saved for expression '{}'", securityAnnotation, expression);
      }
    }

    if (securityAnnotation == NULL_VALUE && expression.contains(CC_ATTRS)) {

      UIComponent compositeComponent = getParentCompositeComponent(component);
      if (compositeComponent != null) {
        final int attrNameStart = expression.indexOf(CC_ATTRS) + CC_ATTRS.length();
        final int attrNameEnd = expression.substring(attrNameStart).contains(".")
            ? attrNameStart + expression.substring(attrNameStart).indexOf(".")
            : attrNameStart + expression.substring(attrNameStart).indexOf("}");
        final String attrName = expression.substring(attrNameStart, attrNameEnd);

        ValueExpression valueExpression = compositeComponent.getValueExpression(attrName);
        if (valueExpression != null) {
          final String ccExpression = valueExpression.getExpressionString();
          final int bracketStart = ccExpression.indexOf('{');
          final int bracketEnd = ccExpression.indexOf("}");
          final String trimmedCcExpression = ccExpression.substring(bracketStart + 1, bracketEnd).trim();

          return getSecurityAnnotation(facesContext, component,
              expression.replace(CC_ATTRS + attrName, trimmedCcExpression));
        }

        MethodExpression methodExpression = (MethodExpression) compositeComponent.getAttributes().get(attrName);
        if (methodExpression != null) {
          return getSecurityAnnotation(facesContext, component,
              methodExpression.getExpressionString().replaceAll(" ", ""));
        }

        return securityAnnotation;
      } else {
        return securityAnnotation;
      }
    } else {
      return securityAnnotation;
    }
  }