Added pluggable mechanism for feature-level access control.

git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@1874 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
Michael Bayne
2002-10-31 21:32:39 +00:00
parent bb22856f76
commit 35f3173694
2 changed files with 45 additions and 1 deletions
@@ -0,0 +1,21 @@
//
// $Id: AccessControl.java,v 1.1 2002/10/31 21:32:39 mdb Exp $
package com.threerings.crowd.server;
import com.threerings.crowd.data.BodyObject;
/**
* Used to ratify access control on a feature by feature basis.
*/
public interface AccessControl
{
/**
* Checks to see if the specified user has access to the feature with
* the specified name. Features are named according to their
* containing package, e.g. <code>crowd.chat.broadcast</code>.
*
* @param user the user requesting the feature.
* @param feature the string identifying the feature.
*/
public boolean checkAccess (BodyObject user, String feature);
}
@@ -1,5 +1,5 @@
//
// $Id: CrowdServer.java,v 1.14 2002/10/21 20:56:20 mdb Exp $
// $Id: CrowdServer.java,v 1.15 2002/10/31 21:32:39 mdb Exp $
package com.threerings.crowd.server;
@@ -20,6 +20,12 @@ public class CrowdServer extends PresentsServer
/** The place registry. */
public static PlaceRegistry plreg;
/** An object that is used to ratify access control on an action by
* action basis. Systems will want to override {@link
* #createAccessControl} to provide an implementation that will
* enforce their access control requirements. */
public static AccessControl actrl;
/**
* Initializes all of the server services and prepares for operation.
*/
@@ -38,12 +44,29 @@ public class CrowdServer extends PresentsServer
// create our place registry
plreg = new PlaceRegistry(invmgr, omgr);
// create our access control implementation
actrl = createAccessControl();
// initialize the chat services
ChatProvider.init(invmgr, omgr);
Log.info("Crowd server initialized.");
}
/**
* Creates the {@link AccessControl} instance used to limit access to
* system features. The default implementation refuses access to
* everything.
*/
protected AccessControl createAccessControl ()
{
return new AccessControl() {
public boolean checkAccess (BodyObject user, String feature) {
return false;
}
};
}
/**
* Enumerates the body objects for all active users on the server.
* This should only be called from the dobjmgr thread. The caller had