Source Code Cross Referenced for VelocitySecureAction.java in  » Web-Framework » TURBINE » org » apache » turbine » modules » actions » Java Source Code / Java DocumentationJava Source Code and Java Documentation

01:        package org.apache.turbine.modules.actions;
02:
03:        /*
04:         * Licensed to the Apache Software Foundation (ASF) under one
05:         * or more contributor license agreements.  See the NOTICE file
06:         * distributed with this work for additional information
07:         * regarding copyright ownership.  The ASF licenses this file
08:         * to you under the Apache License, Version 2.0 (the
09:         * "License"); you may not use this file except in compliance
10:         * with the License.  You may obtain a copy of the License at
11:         *
12:         *   http://www.apache.org/licenses/LICENSE-2.0
13:         *
14:         * Unless required by applicable law or agreed to in writing,
15:         * software distributed under the License is distributed on an
16:         * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17:         * KIND, either express or implied.  See the License for the
18:         * specific language governing permissions and limitations
19:         * under the License.
20:         */
21:
22:        import org.apache.turbine.util.RunData;
23:        import org.apache.velocity.context.Context;
24:
25:        /**
26:         * VelocitySecure action.
27:         *
28:         * Always performs a Security Check that you've defined before
29:         * executing the doBuildtemplate().  You should extend this class and
30:         * add the specific security check needed.  If you have a number of
31:         * screens that need to perform the same check, you could make a base
32:         * screen by extending this class and implementing the isAuthorized().
33:         * Then each action that needs to perform the same check could extend
34:         * your base action.
35:         *
36:         * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
37:         * @author <a href="mailto:jon@latchkey.com">Jon S. Stevens</a>
38:         * @author <a href="mailto:jvanzyl@periapt.com">Jason van Zyl</a>
39:         * @version $Id: VelocitySecureAction.java 534527 2007-05-02 16:10:59Z tv $
40:         */
41:        public abstract class VelocitySecureAction extends VelocityAction {
42:            /**
43:             * Implement this to add information to the context.
44:             *
45:             * @param data Turbine information.
46:             * @param context Context for web pages.
47:             * @throws Exception a generic exception.
48:             */
49:            public abstract void doPerform(RunData data, Context context)
50:                    throws Exception;
51:
52:            /**
53:             * This method overrides the method in WebMacroSiteAction to
54:             * perform a security check first.
55:             *
56:             * @param data Turbine information.
57:             * @throws Exception a generic exception.
58:             */
59:            protected void perform(RunData data) throws Exception {
60:                if (isAuthorized(data)) {
61:                    super .perform(data);
62:                }
63:            }
64:
65:            /**
66:             * Implement this method to perform the security check needed.
67:             * You should set the template in this method that you want the
68:             * user to be sent to if they're unauthorized.
69:             *
70:             * @param data Turbine information.
71:             * @return True if the user is authorized to access the screen.
72:             * @throws Exception a generic exception.
73:             */
74:            protected abstract boolean isAuthorized(RunData data)
75:                    throws Exception;
76:        }