View Javadoc

1   package org.apache.turbine.util.template;
2   
3   
4   /*
5    * Licensed to the Apache Software Foundation (ASF) under one
6    * or more contributor license agreements.  See the NOTICE file
7    * distributed with this work for additional information
8    * regarding copyright ownership.  The ASF licenses this file
9    * to you under the Apache License, Version 2.0 (the
10   * "License"); you may not use this file except in compliance
11   * with the License.  You may obtain a copy of the License at
12   *
13   *   http://www.apache.org/licenses/LICENSE-2.0
14   *
15   * Unless required by applicable law or agreed to in writing,
16   * software distributed under the License is distributed on an
17   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
18   * KIND, either express or implied.  See the License for the
19   * specific language governing permissions and limitations
20   * under the License.
21   */
22  
23  
24  import org.apache.fulcrum.security.entity.Permission;
25  import org.apache.fulcrum.security.entity.Role;
26  import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
27  import org.apache.fulcrum.security.model.turbine.TurbineUserManager;
28  import org.apache.turbine.Turbine;
29  import org.apache.turbine.TurbineConstants;
30  import org.apache.turbine.services.TurbineServices;
31  import org.apache.turbine.services.template.TurbineTemplate;
32  import org.apache.turbine.util.RunData;
33  
34  /**
35   * Utility class to help check for proper authorization when using
36   * template screens.  Sample usages:
37   *
38   * <p><pre><code>
39   * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
40   * secCheck.setMessage( "Sorry, you do not have permission to " +
41   *                      "access this area." );
42   * secCheck.setFailTemplate("login.wm");
43   * if ( !secCheck.hasRole("ADMIN") )
44   *     return;
45   * </pre></code>
46   *
47   * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
48   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
49   * @version $Id: TemplateSecurityCheck.java 1524160 2013-09-17 18:37:14Z tv $
50   */
51  public class TemplateSecurityCheck
52  {
53      private String message =
54              "Sorry, you do not have permission to access this area.";
55      private String failScreen = TurbineTemplate.getDefaultScreen();
56      private String failTemplate;
57      private RunData data = null;
58  
59      /**
60       * Constructor.
61       *
62       * @param data A Turbine RunData object.
63       * @param message A String with the message to display upon
64       * failure.
65       */
66      public TemplateSecurityCheck(RunData data, String message)
67      {
68          this.data = data;
69          this.message = message;
70      }
71  
72      /**
73       * Generic Constructor.
74       *
75       * @param data A Turbine RunData object.
76       */
77      public TemplateSecurityCheck(RunData data)
78      {
79          this.data = data;
80      }
81  
82      /**
83       * Does the User have this role?
84       *
85       * @param role The role to be checked.
86       * @return Whether the user has the role.
87       * @exception Exception Trouble validating.
88       */
89      public boolean hasRole(Role role)
90          throws Exception
91      {
92          if (!checkLogin())
93          {
94              return false;
95          }
96  
97          TurbineAccessControlList acl = data.getACL();
98          if (acl == null || !acl.hasRole(role))
99          {
100             data.setScreen(getFailScreen());
101             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
102             data.setMessage(getMessage());
103             return false;
104         }
105 
106         return true;
107     }
108 
109     /**
110      * Does the User have this permission?
111      *
112      * @param permission The permission to be checked.
113      * @return Whether the user has the permission.
114      * @exception Exception Trouble validating.
115      */
116     public boolean hasPermission(Permission permission)
117         throws Exception
118     {
119         boolean value = true;
120         TurbineAccessControlList acl = data.getACL();
121         if (acl == null || !acl.hasPermission(permission))
122         {
123             data.setScreen(getFailScreen());
124             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
125             data.setMessage(getMessage());
126             value = false;
127         }
128 
129         return value;
130     }
131 
132     /**
133      * Check that the user has logged in.
134      *
135      * @return True if user has logged in.
136      * @exception Exception, a generic exception.
137      */
138     public boolean checkLogin()
139         throws Exception
140     {
141         boolean value = true;
142 
143         // Do it like the AccessController
144         TurbineUserManager userManager =
145         	(TurbineUserManager)TurbineServices
146         		.getInstance()
147         		.getService(TurbineUserManager.ROLE);
148 
149         if (!userManager.isAnonymousUser(data.getUser())
150             && !data.getUser().hasLoggedIn())
151         {
152             data.setMessage(Turbine.getConfiguration()
153                 .getString(TurbineConstants.LOGIN_MESSAGE));
154 
155             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
156             value = false;
157         }
158 
159         return value;
160     }
161 
162     /**
163      * Set the message that should be displayed.  This is initialized
164      * in the constructor.
165      *
166      * @param v A String with the message that should be displayed.
167      */
168     public void setMessage(String v)
169     {
170         this.message = v;
171     }
172 
173     /**
174      * Get the message that should be displayed.  This is initialized
175      * in the constructor.
176      *
177      * @return A String with the message that should be displayed.
178      */
179     public String getMessage()
180     {
181         return message;
182     }
183 
184     /**
185      * Get the value of failScreen.
186      *
187      * @return A String with the value of failScreen.
188      */
189     public String getFailScreen()
190     {
191         return failScreen;
192     }
193 
194     /**
195      * Set the value of failScreen.
196      *
197      * @param v A String with the value of failScreen.
198      */
199     public void setFailScreen(String v)
200     {
201         this.failScreen = v;
202     }
203 
204     /**
205      * Get the value of failTemplate.
206      *
207      * @return A String with the value of failTemplate.
208      */
209     public String getFailTemplate()
210     {
211         return failTemplate;
212     }
213 
214     /**
215      * Set the value of failTemplate.
216      *
217      * @param v A String with the value of failTemplate.
218      */
219     public void setFailTemplate(String v)
220     {
221         this.failTemplate = v;
222     }
223 }