Filed Under: Flex
While coding Ezmo we had a need for implementing some kind of policy architecture which would help us have a bit more structure on who gets to see what components and also a bit more structure on the general flow of the application. What conditions are required for a certain policy to be implemented.
The basic scenario is that you have a User object which has one or more Roles which in some cases determines if a policy applies or not. Say for instance that you have a user who has an Administrator role, then he should see the debug console in the application. How would we do this in a neat way in order to not duplicate too much code and not have tons of boiler plate code?
I wanted the policy logic to be in simple classes which needed to be very flexbile. In my sample you loose some of the security of type safety as the apply method in the Policy interface takes in an object as a parameter, but I think the benefits of having very flexible arguments makes up for the lack of compile time feedback.
Policy interface
Simple interface which all policy classes must implement. The apply method returns true is the policy applies to the given input criteria.
public interface Policy {
function apply(criteria:Object) :Boolean;
}PolicyManager
In order to have a simple unified way of using the policies I implemented a manager class which has one static method, applies, which executes the input polciy class with the given criteria. This class checks that the input policy is indeed is a class implementing the correct interface.
The reason why you can not pass in a Policy object into the applies method is that I wanted to call this method without having to instantiate the policy classes when calling the manager.
public class PolicyManager {public static function applies(policy:Class, criteria:Object):Boolean {var description:XML = describeType(policy);var typeName:String = description.@name.toXMLString();var inferfaceName:String= description.factory.implementsInterface.@type.toXMLString();if (-1 != inferfaceName.indexOf("Policy")) {var passedInClass:Class = getDefinitionByName(typeName) as Class;var policyInstance:Policy = new passedInClass();return policyInstance.apply(criteria);}throw new Error("Passed in class does not implement the Policy interface");} }
Here is how it would look if you where to use this way of implementing policies. You could also use this in a binding expression in MXML.
if (PolicyManager.applies(PriviledgedUser, user)) {//.... }
Here is how the PrivilidgedUser policy might look like:
public class PriviledgedUser implements Policy {public function apply(obj:Object):Boolean {if (obj is User) {return User(obj).role == "Administrator";}throw new Error("Invalid arugment, must be a User class");} }
This is one way of doing this and you might think that this is really too much code for solving something that could be done with just a simple if-statement. Which would be true of course if you only applied your policies in one place and never had to maintain the code. I think for larger applications doing something similar will be beneficial.
This article is also published as a recipe in the Adobe Flex Cookbook.
Subscribe to comments feed (this is global, not just for this entry)
Being a Java developer my preferred tool for building applications is Maven. Adobe does not seem to know of this tool which as been the industry standard for some years time and therefor there are no official Maven plug-ins for building Flex applications. I have used Israfil and Flex Mojos for some time and my [...]
I’ve been playing around with the beta of FlexUnit 4 and I must say that it is exceeding my expectations. The single most painful thing to do in FlexUnit is to perform unit testing of user interactions. With the amount of code and pain involved in doing so not many people used the framework. However [...]
I’ve written about how much I think Cairngorm should be put to sleep, but having a big mouth sometimes has the downside that you might have to your money where your mouth is. Allistar challenged everyone who’d been complaining about Cairngorm to step up and join the Cairngorm Committee, so I did.
Just this evening [...]
[...] writing my first article about Implementing Policy Based Security In Action Script 3 I have had the opportunity to create a live demo with source code available for [...]
July 10th, 2008 at 8:39 pm