git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-library@174481 82a268e6-3cf1-43bd-a215-b396298e98cf

.classpath

@@ -22,7 +22,7 @@
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>

.settings/org.eclipse.jdt.core.prefs

@@ -1,12 +1,12 @@
 eclipse.preferences.version=1
 org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
 org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
-org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.compliance=1.8
 org.eclipse.jdt.core.compiler.debug.lineNumber=generate
 org.eclipse.jdt.core.compiler.debug.localVariable=generate
 org.eclipse.jdt.core.compiler.debug.sourceFile=generate
 org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
 org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
 org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
-org.eclipse.jdt.core.compiler.source=1.7
+org.eclipse.jdt.core.compiler.source=1.8

pom.xml

@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.gcube.common</groupId>
 	<artifactId>common-authorization</artifactId>
-	<version>2.1.1-SNAPSHOT</version>
+	<version>2.1.3-SNAPSHOT</version>
 	<name>authorization service common library</name>
 
 	<parent>

src/main/java/org/gcube/common/authorization/library/annotations/AuthorizationControl.java

@@ -13,5 +13,6 @@ import org.gcube.common.authorization.library.policies.Action;
 @Target(ElementType.METHOD)
 public @interface AuthorizationControl {
 	
-	Action[] check() default {Action.ALL}; 
+	Action[] actions() default {Action.ALL}; 
+	String[] allowed() default {}; 
 }

src/main/java/org/gcube/common/authorization/library/aspect/AuthorizationAspect.java

@@ -2,6 +2,7 @@
 package org.gcube.common.authorization.library.aspect;
 
 import java.lang.reflect.Method;
+import java.util.Arrays;
 
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
@@ -9,6 +10,7 @@ import org.aspectj.lang.annotation.Before;
 import org.aspectj.lang.annotation.Pointcut;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.gcube.common.authorization.library.annotations.AuthorizationControl;
+import org.gcube.common.authorization.library.provider.AuthorizationProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -16,7 +18,7 @@ import org.slf4j.LoggerFactory;
 public class AuthorizationAspect {
 
 	Logger log = LoggerFactory.getLogger(AuthorizationAspect.class);
-	
+		
 	@Pointcut("@annotation(org.gcube.common.authorization.library.annotations.AuthorizationControl)")
 	public void authorizationEntyPoint() {
 	}
@@ -30,7 +32,10 @@ public class AuthorizationAspect {
 		MethodSignature signature = (MethodSignature) joinPoint.getSignature();
 	    Method method = signature.getMethod();
 		AuthorizationControl authAnn = (AuthorizationControl) method.getAnnotation(AuthorizationControl.class);
-		log.info("aspect before with annotation {} and value {} in method {}", authAnn.annotationType(), authAnn.check(), method.getName());
+		log.info("aspect before with annotation {} and value {} in method {}", authAnn.annotationType(), authAnn.actions(), authAnn.allowed(), method.getName());
+		String userId = AuthorizationProvider.instance.get().getClient().getId();
+		if (authAnn.allowed().length!=0 && !Arrays.asList(authAnn.allowed()).contains(userId))
+				throw new RuntimeException("user not allowed to call method "+method.getName());
 	}
 	
 }