001package org.apache.turbine.util.template; 002 003 004/* 005 * Licensed to the Apache Software Foundation (ASF) under one 006 * or more contributor license agreements. See the NOTICE file 007 * distributed with this work for additional information 008 * regarding copyright ownership. The ASF licenses this file 009 * to you under the Apache License, Version 2.0 (the 010 * "License"); you may not use this file except in compliance 011 * with the License. You may obtain a copy of the License at 012 * 013 * http://www.apache.org/licenses/LICENSE-2.0 014 * 015 * Unless required by applicable law or agreed to in writing, 016 * software distributed under the License is distributed on an 017 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 018 * KIND, either express or implied. See the License for the 019 * specific language governing permissions and limitations 020 * under the License. 021 */ 022 023 024import org.apache.fulcrum.security.entity.Permission; 025import org.apache.fulcrum.security.entity.Role; 026import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList; 027import org.apache.fulcrum.security.model.turbine.TurbineUserManager; 028import org.apache.turbine.Turbine; 029import org.apache.turbine.TurbineConstants; 030import org.apache.turbine.pipeline.PipelineData; 031import org.apache.turbine.services.TurbineServices; 032import org.apache.turbine.services.template.TemplateService; 033import org.apache.turbine.util.RunData; 034 035/** 036 * Utility class to help check for proper authorization when using 037 * template screens. Sample usages: 038 * 039 * <pre> 040 * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data ); 041 * secCheck.setMessage( "Sorry, you do not have permission to " + 042 * "access this area." ); 043 * secCheck.setFailTemplate("login.wm"); 044 * if ( !secCheck.hasRole("ADMIN") ) 045 * return; 046 * </pre> 047 * 048 * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a> 049 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> 050 * @version $Id$ 051 */ 052public class TemplateSecurityCheck 053{ 054 private String message = "Sorry, you do not have permission to access this area."; 055 private String failScreen; 056 private String failTemplate; 057 058 /* The RunData object. */ 059 private final RunData data; 060 061 /** 062 * Constructor. 063 * 064 * @param pipelineData A Turbine PipelineData object. 065 * @param message A String with the message to display upon 066 * failure. 067 */ 068 public TemplateSecurityCheck(PipelineData pipelineData, String message) 069 { 070 this(pipelineData); 071 setMessage(message); 072 } 073 074 /** 075 * Generic Constructor. 076 * 077 * @param pipelineData A Turbine PipelineData object. 078 */ 079 public TemplateSecurityCheck(PipelineData pipelineData) 080 { 081 this.data = pipelineData.getRunData(); 082 TemplateService templateService = (TemplateService)TurbineServices.getInstance() 083 .getService(TemplateService.SERVICE_NAME); 084 this.failScreen = templateService.getDefaultScreen(); 085 } 086 087 /** 088 * Does the User have this role? 089 * 090 * @param role The role to be checked. 091 * @return Whether the user has the role. 092 * @throws Exception Trouble validating. 093 */ 094 public boolean hasRole(Role role) 095 throws Exception 096 { 097 if (!checkLogin()) 098 { 099 return false; 100 } 101 102 TurbineAccessControlList<?> acl = data.getACL(); 103 if (acl == null || !acl.hasRole(role)) 104 { 105 data.setScreen(getFailScreen()); 106 data.getTemplateInfo().setScreenTemplate(getFailTemplate()); 107 data.setMessage(getMessage()); 108 return false; 109 } 110 111 return true; 112 } 113 114 /** 115 * Does the User have this permission? 116 * 117 * @param permission The permission to be checked. 118 * @return Whether the user has the permission. 119 * @throws Exception Trouble validating. 120 */ 121 public boolean hasPermission(Permission permission) 122 throws Exception 123 { 124 boolean value = true; 125 TurbineAccessControlList<?> acl = data.getACL(); 126 if (acl == null || !acl.hasPermission(permission)) 127 { 128 data.setScreen(getFailScreen()); 129 data.getTemplateInfo().setScreenTemplate(getFailTemplate()); 130 data.setMessage(getMessage()); 131 value = false; 132 } 133 134 return value; 135 } 136 137 /** 138 * Check that the user has logged in. 139 * 140 * @return True if user has logged in. 141 * @throws Exception a generic exception. 142 */ 143 public boolean checkLogin() 144 throws Exception 145 { 146 boolean value = true; 147 148 // Do it like the AccessController 149 TurbineUserManager userManager = 150 (TurbineUserManager)TurbineServices 151 .getInstance() 152 .getService(TurbineUserManager.ROLE); 153 154 if (!userManager.isAnonymousUser(data.getUser()) 155 && !data.getUser().hasLoggedIn()) 156 { 157 data.setMessage(Turbine.getConfiguration() 158 .getString(TurbineConstants.LOGIN_MESSAGE)); 159 160 data.getTemplateInfo().setScreenTemplate(getFailTemplate()); 161 value = false; 162 } 163 164 return value; 165 } 166 167 /** 168 * Set the message that should be displayed. This is initialized 169 * in the constructor. 170 * 171 * @param v A String with the message that should be displayed. 172 */ 173 public void setMessage(String v) 174 { 175 this.message = v; 176 } 177 178 /** 179 * Get the message that should be displayed. This is initialized 180 * in the constructor. 181 * 182 * @return A String with the message that should be displayed. 183 */ 184 public String getMessage() 185 { 186 return message; 187 } 188 189 /** 190 * Get the value of failScreen. 191 * 192 * @return A String with the value of failScreen. 193 */ 194 public String getFailScreen() 195 { 196 return failScreen; 197 } 198 199 /** 200 * Set the value of failScreen. 201 * 202 * @param v A String with the value of failScreen. 203 */ 204 public void setFailScreen(String v) 205 { 206 this.failScreen = v; 207 } 208 209 /** 210 * Get the value of failTemplate. 211 * 212 * @return A String with the value of failTemplate. 213 */ 214 public String getFailTemplate() 215 { 216 return failTemplate; 217 } 218 219 /** 220 * Set the value of failTemplate. 221 * 222 * @param v A String with the value of failTemplate. 223 */ 224 public void setFailTemplate(String v) 225 { 226 this.failTemplate = v; 227 } 228}