org.apache.turbine.util
Class SecurityCheck

java.lang.Object
  org.apache.turbine.util.SecurityCheck

public class SecurityCheck

extends java.lang.Object

Utility for doing security checks in Screens and Actions. Sample usage:

  SecurityCheck mycheck =
    new SecurityCheck(data, "Unauthorized to do this!", "WrongPermission");
  if (!mycheck.hasPermission("add_user");
    return;
 

Version:

$Id: SecurityCheck.java 534527 2007-05-02 16:10:59Z tv $

Author:

Dave Bryson, Jürgen Hoffmann

Constructor Summary

SecurityCheck(RunData data, java.lang.String message, java.lang.String failedScreen)
Constructor.

SecurityCheck(RunData data, java.lang.String message, java.lang.String failedScreen, boolean initialize)
Constructor.

Method Summary

java.lang.String	getFailScreen() Get the screen that should be displayed.
java.lang.String	getMessage() Get the message that should be displayed.
boolean	hasPermission(Permission permission) Does the user have this permission?
boolean	hasPermission(java.lang.String permission) Does the user have this permission?
boolean	hasRole(Role role) Does the user have this role?
boolean	hasRole(java.lang.String role) Does the user have this role?

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityCheck

public SecurityCheck(RunData data,
                     java.lang.String message,
                     java.lang.String failedScreen)

Constructor.

Parameters:

data - A Turbine RunData object.

message - The message to display upon failure.

failedScreen - The screen to redirect to upon failure.

SecurityCheck

public SecurityCheck(RunData data,
                     java.lang.String message,
                     java.lang.String failedScreen,
                     boolean initialize)

Constructor.

Parameters:

data - A Turbine RunData object.

message - The message to display upon failure.

failedScreen - The screen to redirect to upon failure.

initialize - if a non-existing Permission or Role should be created.

Method Detail

hasRole

public boolean hasRole(Role role)
                throws java.lang.Exception

Does the user have this role?

Parameters:

role - A Role.

Returns:

True if the user has this role.

Throws:

Exception, - a generic exception.

java.lang.Exception

hasRole

public boolean hasRole(java.lang.String role)
                throws java.lang.Exception

Does the user have this role?

Parameters:

role - A String.

Returns:

True if the user has this role.

Throws:

Exception, - a generic exception.

java.lang.Exception

hasPermission

public boolean hasPermission(Permission permission)
                      throws java.lang.Exception

Does the user have this permission?

Parameters:

permission - A Permission.

Returns:

True if the user has this permission.

Throws:

Exception, - a generic exception.

java.lang.Exception

hasPermission

public boolean hasPermission(java.lang.String permission)
                      throws java.lang.Exception

Does the user have this permission? If initialze is set to true The permission will be created and granted to the first available Role of the user, that the SecurityCheck is running against. If the User has no Roles, the first Role via TurbineSecurity is granted the permission.

Parameters:

permission - A String.

Returns:

True if the user has this permission.

Throws:

Exception, - a generic exception.

java.lang.Exception

getMessage

public java.lang.String getMessage()

Get the message that should be displayed. This is initialized in the constructor.

Returns:

A String.

getFailScreen

public java.lang.String getFailScreen()

Get the screen that should be displayed. This is initialized in the constructor.

Returns:

A String.