Security role used in method permission element must be defined in the
roles element of the deployment descriptor.
Result result = getInitializedResult();
ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
Map permissionedMethods = descriptor.getPermissionedMethodsByPermission();
boolean oneFailed = false;
if (permissionedMethods.size() >0) {
for (Iterator e = permissionedMethods.keySet().iterator(); e.hasNext();) {
MethodPermission nextPermission = (MethodPermission) e.next();
if (nextPermission.isRoleBased()) {
if (!descriptor.getEjbBundleDescriptor().getRoles().contains(nextPermission.getRole())) {
oneFailed =true;
result.addErrorDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.addErrorDetails
(smh.getLocalString
(getClass().getName() + ".failed",
"Error: Method permissions role [ {0} ] must be one of the roles defined in bean [ {1} ]",
new Object[] {nextPermission.getRole().getName(), descriptor.getName()}));
} else {
result.addGoodDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.addGoodDetails
(smh.getLocalString
(getClass().getName() + ".passed",
"Valid: Method permissions role [ {0} ] is defined as one of the roles defined in bean [ {1} ]",
new Object[] {nextPermission.getRole().getName(), descriptor.getName()}));
}
} else {
addNaDetails(result, compName);
result.notApplicable(smh.getLocalString
(getClass().getName() + ".notApplicable1",
"There are no role based method-permissions within this bean [ {0} ]",
new Object[] {descriptor.getName()}));
}
}
if (oneFailed) {
result.setStatus(Result.FAILED);
} else {
if(result.getStatus() != Result.NOT_APPLICABLE)
result.setStatus(Result.PASSED);
}
} else {
result.addNaDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.notApplicable(smh.getLocalString
(getClass().getName() + ".notApplicable",
"There are no <method-permission> elements within this bean [ {0} ]",
new Object[] {descriptor.getName()}));
}
return result;