in modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/LDAPRealmAuthenticationServicePolicyProvider.java [159:215]
private List<AuthorizationPolicy> findAuthorizationPolicies(Operation op) {
List<AuthorizationPolicy> polices = new ArrayList<AuthorizationPolicy>();
// check explicity added policies first
ConfiguredOperation configuredOperation = findOperation(op);
if (configuredOperation!= null && configuredOperation.getPolicySets().size() > 0) {
for ( PolicySet ps : configuredOperation.getPolicySets()) {
for (Object p : ps.getPolicies()) {
if (p instanceof AuthorizationPolicy) {
polices.add((AuthorizationPolicy)p);
}
}
}
}
// otherwise find applicable policySets
if ( polices.size() == 0) {
// FIXME: How do we get a list of effective policySets for a given operation?
for(Operation operation : operations) {
if (operation!= null && operation.getName() != null && operation.getName().equals(op.getName())) {
for (PolicySet ps : operation.getPolicySets()) {
for (Object p : ps.getPolicies()) {
if (p instanceof AuthorizationPolicy) {
polices.add((AuthorizationPolicy)p);
}
}
}
}
}
if (service instanceof OperationsConfigurator) {
OperationsConfigurator operationsConfigurator = (OperationsConfigurator)service;
for (ConfiguredOperation cop : operationsConfigurator.getConfiguredOperations()) {
if (cop != null && cop.getName() != null && cop.getName().equals(op.getName())) {
for (PolicySet ps : cop.getApplicablePolicySets()) {
for (Object p : ps.getPolicies()) {
if (p instanceof AuthorizationPolicy) {
polices.add((AuthorizationPolicy)p);
}
}
}
}
}
}
List<PolicySet> policySets = service.getPolicySets();
for (PolicySet ps : policySets) {
for (Object p : ps.getPolicies()) {
if (p instanceof AuthorizationPolicy) {
polices.add((AuthorizationPolicy)p);
}
}
}
}
return polices;
}