Using Java Annotations for Access Control && Authorization
Code samples https://github.com/amrish7/android-annotations
Annotations introduced with JDK 1.5 is used to provide syntactic metadata to your classes. At PayPal, I have seen it widely used for reporting purposes, namely, for counting the number of times a specific method has been invoked, among others. There are many more use cases for annotations that are overlooked and this article will cover one such use as a validator to help write better code.
Following is the a common way of providing access/validations to your methods
The repetitive validator logic within each method introduces code-smell from duplicity and it should be avoided. With a little help from ANNOTATIONS and DYNAMIC PROXIES, here is how the same class would look like
As the validations are baked into the annotations, the above refactor makes your class readable, smaller and easier to test. You could in fact go a step further and pull the ‘annotations’ and ‘throw-definitions’ fully into an interface and leave them out of the concrete classes.
Code samples + Demo
In this example, you will see ANNOTATIONS & DYNAMIC PROXIES in action (The code sample is intentionally kept simple in order to get only the idea across).
The first thing to define is an empty annotation that could be used to flag a method for validation
public @interface MyValidator {}Next, define the interface
public interface ICardGame {
void initialize();
@MyValidator
void start() throws GameNotStartedException;
}…and here is the implementation of the ICardGame interface
public class Poker implements ICardGame {
public static boolean initialized = false; @Override
public void initialize() {
initialized = true;
} @Override
public void start() {
// Game start logic goes here
}
}
So far, we have decorated the Interface with the required annotations and implemented the interface. The missing parts are the logic to intercept calls to start() and perform the validations. Here is where dynamic proxies come in handy.
Following parts assume that you have some background on Dynamic Proxy API’s introduced in Java 1.3. If not, this article should help you with it
The Proxy does a couple of things. Firstly, invoke() method intercepts every method defined in ICardGame.java and secondly, it searches for annotation decorations and performs the actual validations
I next define a BUILDER that returns an instance of Poker class wrapped with the Dynamic Proxy
ICardGame instance retrieved through PokerGameBuilder.getPokerGame() will have all the wirings in place to do the validations.
You are all set

A working Android sample with all these validations could be found here
