Menu
I'm looking for a design pattern or a approach to tidy up my code. This is in the context of security and checking permissions for a given subject. Here is a simplified example:
public Pizza bakePizza() throws UnauthorizedException{
if (subject.isPermitted("BAKE_PIZZA")){
return new Pizza();
} else {
throw new UnauthorizedException();
}
}
Is there a way to make this a bit more clean because this can get quite messy when I have a lot of different kinds of methods like this.
660
asked Sep 18 '25 01:09
I think splitting security constraints and bussines logic by using something like the decorator pattern would be a good start.
How about something like this:
// an interface defines the operations
public interface PizzaService {
Pizza bakePizza();
}
// standard implementation that contains the business logic
public class PizzaServiceImpl implements PizzaService {
@Override
public Pizza bakePizza() {
// implementation ..
}
}
// implementation with security constraints that delegates to the real implementation
public class SecurePizzaService implements PizzaService {
private PizzaService service;
public SecurePizzaService(PizzaService service) {
this.service = service;
}
@Override
public Pizza bakePizza() {
if (!subject.isPermitted("BAKE_PIZZA")){
throw new UnauthorizedException();
}
service.bakePizza()
}
}
// usage
PizzaService pizzaService = new SecurePizzaService(new PizzaServiceImpl());
...
Pizza pizza = pizzaService.bakePizza();
This way you could change security constraints without touching business logic and vice versa.
If you have a lot of situations like this you should have a look at AOP frameworks like AspectJ
183
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
