001: package org.apache.turbine.util.template;
002:
003: /*
004: * Licensed to the Apache Software Foundation (ASF) under one
005: * or more contributor license agreements. See the NOTICE file
006: * distributed with this work for additional information
007: * regarding copyright ownership. The ASF licenses this file
008: * to you under the Apache License, Version 2.0 (the
009: * "License"); you may not use this file except in compliance
010: * with the License. You may obtain a copy of the License at
011: *
012: * http://www.apache.org/licenses/LICENSE-2.0
013: *
014: * Unless required by applicable law or agreed to in writing,
015: * software distributed under the License is distributed on an
016: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017: * KIND, either express or implied. See the License for the
018: * specific language governing permissions and limitations
019: * under the License.
020: */
021:
022: import org.apache.turbine.Turbine;
023: import org.apache.turbine.TurbineConstants;
024: import org.apache.turbine.om.security.Permission;
025: import org.apache.turbine.om.security.Role;
026: import org.apache.turbine.services.security.TurbineSecurity;
027: import org.apache.turbine.services.template.TurbineTemplate;
028: import org.apache.turbine.util.RunData;
029:
030: /**
031: * Utility class to help check for proper authorization when using
032: * template screens. Sample usages:
033: *
034: * <p><pre><code>
035: * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
036: * secCheck.setMessage( "Sorry, you do not have permission to " +
037: * "access this area." );
038: * secCheck.setFailTemplate("login.wm");
039: * if ( !secCheck.hasRole("ADMIN") )
040: * return;
041: * </pre></code>
042: *
043: * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
044: * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
045: * @version $Id: TemplateSecurityCheck.java 534527 2007-05-02 16:10:59Z tv $
046: */
047: public class TemplateSecurityCheck {
048: private String message = "Sorry, you do not have permission to access this area.";
049: private String failScreen = TurbineTemplate.getDefaultScreen();
050: private String failTemplate;
051: private RunData data = null;
052:
053: /**
054: * Constructor.
055: *
056: * @param data A Turbine RunData object.
057: * @param message A String with the message to display upon
058: * failure.
059: */
060: public TemplateSecurityCheck(RunData data, String message) {
061: this .data = data;
062: this .message = message;
063: }
064:
065: /**
066: * Generic Constructor.
067: *
068: * @param data A Turbine RunData object.
069: */
070: public TemplateSecurityCheck(RunData data) {
071: this .data = data;
072: }
073:
074: /**
075: * Does the User have this role?
076: *
077: * @param role The role to be checked.
078: * @return Whether the user has the role.
079: * @exception Exception Trouble validating.
080: */
081: public boolean hasRole(Role role) throws Exception {
082: if (!checkLogin()) {
083: return false;
084: }
085:
086: if (data.getACL() == null || !data.getACL().hasRole(role)) {
087: data.setScreen(getFailScreen());
088: data.getTemplateInfo().setScreenTemplate(getFailTemplate());
089: data.setMessage(getMessage());
090: return false;
091: }
092:
093: return true;
094: }
095:
096: /**
097: * Does the User have this permission?
098: *
099: * @param permission The permission to be checked.
100: * @return Whether the user has the permission.
101: * @exception Exception Trouble validating.
102: */
103: public boolean hasPermission(Permission permission)
104: throws Exception {
105: boolean value = true;
106: if (data.getACL() == null
107: || !data.getACL().hasPermission(permission)) {
108: data.setScreen(getFailScreen());
109: data.getTemplateInfo().setScreenTemplate(getFailTemplate());
110: data.setMessage(getMessage());
111: value = false;
112: }
113:
114: return value;
115: }
116:
117: /**
118: * Check that the user has logged in.
119: *
120: * @return True if user has logged in.
121: * @exception Exception, a generic exception.
122: */
123: public boolean checkLogin() throws Exception {
124: boolean value = true;
125:
126: // Do it like the AccessController
127: if (!TurbineSecurity.isAnonymousUser(data.getUser())
128: && !data.getUser().hasLoggedIn()) {
129: data.setMessage(Turbine.getConfiguration().getString(
130: TurbineConstants.LOGIN_MESSAGE));
131:
132: data.getTemplateInfo().setScreenTemplate(getFailTemplate());
133: value = false;
134: }
135:
136: return value;
137: }
138:
139: /**
140: * Set the message that should be displayed. This is initialized
141: * in the constructor.
142: *
143: * @param v A String with the message that should be displayed.
144: */
145: public void setMessage(String v) {
146: this .message = v;
147: }
148:
149: /**
150: * Get the message that should be displayed. This is initialized
151: * in the constructor.
152: *
153: * @return A String with the message that should be displayed.
154: */
155: public String getMessage() {
156: return message;
157: }
158:
159: /**
160: * Get the value of failScreen.
161: *
162: * @return A String with the value of failScreen.
163: */
164: public String getFailScreen() {
165: return failScreen;
166: }
167:
168: /**
169: * Set the value of failScreen.
170: *
171: * @param v A String with the value of failScreen.
172: */
173: public void setFailScreen(String v) {
174: this .failScreen = v;
175: }
176:
177: /**
178: * Get the value of failTemplate.
179: *
180: * @return A String with the value of failTemplate.
181: */
182: public String getFailTemplate() {
183: return failTemplate;
184: }
185:
186: /**
187: * Set the value of failTemplate.
188: *
189: * @param v A String with the value of failTemplate.
190: */
191: public void setFailTemplate(String v) {
192: this.failTemplate = v;
193: }
194: }
|