1 package org.apache.turbine.util.template;
2
3
4 /*
5 * Licensed to the Apache Software Foundation (ASF) under one
6 * or more contributor license agreements. See the NOTICE file
7 * distributed with this work for additional information
8 * regarding copyright ownership. The ASF licenses this file
9 * to you under the Apache License, Version 2.0 (the
10 * "License"); you may not use this file except in compliance
11 * with the License. You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing,
16 * software distributed under the License is distributed on an
17 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
18 * KIND, either express or implied. See the License for the
19 * specific language governing permissions and limitations
20 * under the License.
21 */
22
23
24 import org.apache.fulcrum.security.entity.Permission;
25 import org.apache.fulcrum.security.entity.Role;
26 import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
27 import org.apache.fulcrum.security.model.turbine.TurbineUserManager;
28 import org.apache.turbine.Turbine;
29 import org.apache.turbine.TurbineConstants;
30 import org.apache.turbine.services.TurbineServices;
31 import org.apache.turbine.services.template.TurbineTemplate;
32 import org.apache.turbine.util.RunData;
33
34 /**
35 * Utility class to help check for proper authorization when using
36 * template screens. Sample usages:
37 *
38 * <p><pre><code>
39 * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
40 * secCheck.setMessage( "Sorry, you do not have permission to " +
41 * "access this area." );
42 * secCheck.setFailTemplate("login.wm");
43 * if ( !secCheck.hasRole("ADMIN") )
44 * return;
45 * </pre></code>
46 *
47 * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
48 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
49 * @version $Id: TemplateSecurityCheck.java 1524160 2013-09-17 18:37:14Z tv $
50 */
51 public class TemplateSecurityCheck
52 {
53 private String message =
54 "Sorry, you do not have permission to access this area.";
55 private String failScreen = TurbineTemplate.getDefaultScreen();
56 private String failTemplate;
57 private RunData data = null;
58
59 /**
60 * Constructor.
61 *
62 * @param data A Turbine RunData object.
63 * @param message A String with the message to display upon
64 * failure.
65 */
66 public TemplateSecurityCheck(RunData data, String message)
67 {
68 this.data = data;
69 this.message = message;
70 }
71
72 /**
73 * Generic Constructor.
74 *
75 * @param data A Turbine RunData object.
76 */
77 public TemplateSecurityCheck(RunData data)
78 {
79 this.data = data;
80 }
81
82 /**
83 * Does the User have this role?
84 *
85 * @param role The role to be checked.
86 * @return Whether the user has the role.
87 * @exception Exception Trouble validating.
88 */
89 public boolean hasRole(Role role)
90 throws Exception
91 {
92 if (!checkLogin())
93 {
94 return false;
95 }
96
97 TurbineAccessControlList acl = data.getACL();
98 if (acl == null || !acl.hasRole(role))
99 {
100 data.setScreen(getFailScreen());
101 data.getTemplateInfo().setScreenTemplate(getFailTemplate());
102 data.setMessage(getMessage());
103 return false;
104 }
105
106 return true;
107 }
108
109 /**
110 * Does the User have this permission?
111 *
112 * @param permission The permission to be checked.
113 * @return Whether the user has the permission.
114 * @exception Exception Trouble validating.
115 */
116 public boolean hasPermission(Permission permission)
117 throws Exception
118 {
119 boolean value = true;
120 TurbineAccessControlList acl = data.getACL();
121 if (acl == null || !acl.hasPermission(permission))
122 {
123 data.setScreen(getFailScreen());
124 data.getTemplateInfo().setScreenTemplate(getFailTemplate());
125 data.setMessage(getMessage());
126 value = false;
127 }
128
129 return value;
130 }
131
132 /**
133 * Check that the user has logged in.
134 *
135 * @return True if user has logged in.
136 * @exception Exception, a generic exception.
137 */
138 public boolean checkLogin()
139 throws Exception
140 {
141 boolean value = true;
142
143 // Do it like the AccessController
144 TurbineUserManager userManager =
145 (TurbineUserManager)TurbineServices
146 .getInstance()
147 .getService(TurbineUserManager.ROLE);
148
149 if (!userManager.isAnonymousUser(data.getUser())
150 && !data.getUser().hasLoggedIn())
151 {
152 data.setMessage(Turbine.getConfiguration()
153 .getString(TurbineConstants.LOGIN_MESSAGE));
154
155 data.getTemplateInfo().setScreenTemplate(getFailTemplate());
156 value = false;
157 }
158
159 return value;
160 }
161
162 /**
163 * Set the message that should be displayed. This is initialized
164 * in the constructor.
165 *
166 * @param v A String with the message that should be displayed.
167 */
168 public void setMessage(String v)
169 {
170 this.message = v;
171 }
172
173 /**
174 * Get the message that should be displayed. This is initialized
175 * in the constructor.
176 *
177 * @return A String with the message that should be displayed.
178 */
179 public String getMessage()
180 {
181 return message;
182 }
183
184 /**
185 * Get the value of failScreen.
186 *
187 * @return A String with the value of failScreen.
188 */
189 public String getFailScreen()
190 {
191 return failScreen;
192 }
193
194 /**
195 * Set the value of failScreen.
196 *
197 * @param v A String with the value of failScreen.
198 */
199 public void setFailScreen(String v)
200 {
201 this.failScreen = v;
202 }
203
204 /**
205 * Get the value of failTemplate.
206 *
207 * @return A String with the value of failTemplate.
208 */
209 public String getFailTemplate()
210 {
211 return failTemplate;
212 }
213
214 /**
215 * Set the value of failTemplate.
216 *
217 * @param v A String with the value of failTemplate.
218 */
219 public void setFailTemplate(String v)
220 {
221 this.failTemplate = v;
222 }
223 }