TemplateSecurityCheck.java
package org.apache.turbine.util.template;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.fulcrum.security.entity.Permission;
import org.apache.fulcrum.security.entity.Role;
import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
import org.apache.fulcrum.security.model.turbine.TurbineUserManager;
import org.apache.turbine.Turbine;
import org.apache.turbine.TurbineConstants;
import org.apache.turbine.pipeline.PipelineData;
import org.apache.turbine.services.TurbineServices;
import org.apache.turbine.services.template.TemplateService;
import org.apache.turbine.util.RunData;
/**
* Utility class to help check for proper authorization when using
* template screens. Sample usages:
*
* <pre>
* TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
* secCheck.setMessage( "Sorry, you do not have permission to " +
* "access this area." );
* secCheck.setFailTemplate("login.wm");
* if ( !secCheck.hasRole("ADMIN") )
* return;
* </pre>
*
* @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
* @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
* @version $Id$
*/
public class TemplateSecurityCheck
{
private String message = "Sorry, you do not have permission to access this area.";
private String failScreen;
private String failTemplate;
/* The RunData object. */
private final RunData data;
/**
* Constructor.
*
* @param pipelineData A Turbine PipelineData object.
* @param message A String with the message to display upon
* failure.
*/
public TemplateSecurityCheck(PipelineData pipelineData, String message)
{
this(pipelineData);
setMessage(message);
}
/**
* Generic Constructor.
*
* @param pipelineData A Turbine PipelineData object.
*/
public TemplateSecurityCheck(PipelineData pipelineData)
{
this.data = pipelineData.getRunData();
TemplateService templateService = (TemplateService)TurbineServices.getInstance()
.getService(TemplateService.SERVICE_NAME);
this.failScreen = templateService.getDefaultScreen();
}
/**
* Does the User have this role?
*
* @param role The role to be checked.
* @return Whether the user has the role.
* @throws Exception Trouble validating.
*/
public boolean hasRole(Role role)
throws Exception
{
if (!checkLogin())
{
return false;
}
TurbineAccessControlList<?> acl = data.getACL();
if (acl == null || !acl.hasRole(role))
{
data.setScreen(getFailScreen());
data.getTemplateInfo().setScreenTemplate(getFailTemplate());
data.setMessage(getMessage());
return false;
}
return true;
}
/**
* Does the User have this permission?
*
* @param permission The permission to be checked.
* @return Whether the user has the permission.
* @throws Exception Trouble validating.
*/
public boolean hasPermission(Permission permission)
throws Exception
{
boolean value = true;
TurbineAccessControlList<?> acl = data.getACL();
if (acl == null || !acl.hasPermission(permission))
{
data.setScreen(getFailScreen());
data.getTemplateInfo().setScreenTemplate(getFailTemplate());
data.setMessage(getMessage());
value = false;
}
return value;
}
/**
* Check that the user has logged in.
*
* @return True if user has logged in.
* @throws Exception a generic exception.
*/
public boolean checkLogin()
throws Exception
{
boolean value = true;
// Do it like the AccessController
TurbineUserManager userManager =
(TurbineUserManager)TurbineServices
.getInstance()
.getService(TurbineUserManager.ROLE);
if (!userManager.isAnonymousUser(data.getUser())
&& !data.getUser().hasLoggedIn())
{
data.setMessage(Turbine.getConfiguration()
.getString(TurbineConstants.LOGIN_MESSAGE));
data.getTemplateInfo().setScreenTemplate(getFailTemplate());
value = false;
}
return value;
}
/**
* Set the message that should be displayed. This is initialized
* in the constructor.
*
* @param v A String with the message that should be displayed.
*/
public void setMessage(String v)
{
this.message = v;
}
/**
* Get the message that should be displayed. This is initialized
* in the constructor.
*
* @return A String with the message that should be displayed.
*/
public String getMessage()
{
return message;
}
/**
* Get the value of failScreen.
*
* @return A String with the value of failScreen.
*/
public String getFailScreen()
{
return failScreen;
}
/**
* Set the value of failScreen.
*
* @param v A String with the value of failScreen.
*/
public void setFailScreen(String v)
{
this.failScreen = v;
}
/**
* Get the value of failTemplate.
*
* @return A String with the value of failTemplate.
*/
public String getFailTemplate()
{
return failTemplate;
}
/**
* Set the value of failTemplate.
*
* @param v A String with the value of failTemplate.
*/
public void setFailTemplate(String v)
{
this.failTemplate = v;
}
}