kings13y · February 1, 2011 20:52
diff --git a/AuthznIntent.scala b/AuthznIntent.scala
 object AuthznIntent {

 	// AuthorizationRequest is a template for a Rule in the system (basically, a rule with no actions on the Rule result)
 	// By default the example is referencing variables as per entities that exist in the JAAS model, namely having the  'Principal' variable act as the identity of the caller and a number of subjects, aka user credentials, which would be associated with the Princicpal.
 	// The requestor id is also acting as the users token for service innvocation (aka a session scoped token), and the account Id represents the entity on which we
 	// are perfroming the action
 	case class AuthorizationRequest(requestorId: String, operationName: String, principal: String, subjects: Set[String], accountId: String)

 	// The expected response from the operation. Rules could be enacted before calling the action (preventative rules) or after (filtering rules)
 	case class PayloadResponse(var attribA : String = "a", var attribB : String = "b", var attribC : String = "c")

 	// An authorization test, and a set of functions to be applied on success/failure. In truth, there'd be conditions where an Auth Exception would
 	// be thrown for an Auth Failure, but it's (probably) more interesting to deal with the attribute filtering use case.
 	case class Rule(test: AuthorizationRequest => Boolean, trueActions: Set[PayloadResponse => Unit], falseActions: Set[PayloadResponse => Unit])

 	// Lets assume that the client makes two request: a VALID one for theie own account; and an INVALID one for another account
 	val authReq1 = new AuthorizationRequest("1", "doSomething", "B2C", Set("a"), "1")
 	val authReq2 = new AuthorizationRequest("1", "doSomething", "B2C", Set("a"), "2")

 	// If the rule passes/succeeds/isTRUE, do nothing, on failure, filter/nill out attribute A from the response
 	val rule1 = Rule(((x: AuthorizationRequest) => (x.requestorId == x.accountId)), Set(), Set(((y: PayloadResponse) => (y.attribA = ""))))

 	// Method to test and apply the result of a permission test
 	def applyPermissions(authReq: AuthorizationRequest) = {

 		var payloadResponse = new PayloadResponse()

 		// Inner method so we could recurse over a List of rules to apply
 		def applyRule(rule: Rule) {
 			if(rule.test(authReq)) {
 				println("rule determined to be TRUE") 
 				rule.trueActions.foreach(action => action(payloadResponse))
 			} else {
 				println("rule determined to be FALSE")
 				rule.falseActions.foreach(action => action(payloadResponse))
 			}
 		}

 		applyRule(rule1)

 		// return the payload
 		payloadResponse
 } 

 	def main(args: Array[String]) {
 		println("Running tests...")
 		println(applyPermissions(authReq1))
 		println(applyPermissions(authReq2))
 		println("..tests complete")

 	}
 }
	object AuthznIntent {

	// AuthorizationRequest is a template for a Rule in the system (basically, a rule with no actions on the Rule result)
	// By default the example is referencing variables as per entities that exist in the JAAS model, namely having the 'Principal' variable act as the identity of the caller and a number of subjects, aka user credentials, which would be associated with the Princicpal.
	// The requestor id is also acting as the users token for service innvocation (aka a session scoped token), and the account Id represents the entity on which we
	// are perfroming the action
	case class AuthorizationRequest(requestorId: String, operationName: String, principal: String, subjects: Set[String], accountId: String)

	// The expected response from the operation. Rules could be enacted before calling the action (preventative rules) or after (filtering rules)
	case class PayloadResponse(var attribA : String = "a", var attribB : String = "b", var attribC : String = "c")

	// An authorization test, and a set of functions to be applied on success/failure. In truth, there'd be conditions where an Auth Exception would
	// be thrown for an Auth Failure, but it's (probably) more interesting to deal with the attribute filtering use case.
	case class Rule(test: AuthorizationRequest => Boolean, trueActions: Set[PayloadResponse => Unit], falseActions: Set[PayloadResponse => Unit])

	// Lets assume that the client makes two request: a VALID one for theie own account; and an INVALID one for another account
	val authReq1 = new AuthorizationRequest("1", "doSomething", "B2C", Set("a"), "1")
	val authReq2 = new AuthorizationRequest("1", "doSomething", "B2C", Set("a"), "2")

	// If the rule passes/succeeds/isTRUE, do nothing, on failure, filter/nill out attribute A from the response
	val rule1 = Rule(((x: AuthorizationRequest) => (x.requestorId == x.accountId)), Set(), Set(((y: PayloadResponse) => (y.attribA = ""))))

	// Method to test and apply the result of a permission test
	def applyPermissions(authReq: AuthorizationRequest) = {

	var payloadResponse = new PayloadResponse()

	// Inner method so we could recurse over a List of rules to apply
	def applyRule(rule: Rule) {
	if(rule.test(authReq)) {
	println("rule determined to be TRUE")
	rule.trueActions.foreach(action => action(payloadResponse))
	} else {
	println("rule determined to be FALSE")
	rule.falseActions.foreach(action => action(payloadResponse))
	}
	}

	applyRule(rule1)

	// return the payload
	payloadResponse
	}

	def main(args: Array[String]) {
	println("Running tests...")
	println(applyPermissions(authReq1))
	println(applyPermissions(authReq2))
	println("..tests complete")

	}
	}