View Javadoc
1 package org.apache.turbine.util; 2 3 /* ==================================================================== 4 * The Apache Software License, Version 1.1 5 * 6 * Copyright (c) 2001 The Apache Software Foundation. All rights 7 * reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. The end-user documentation included with the redistribution, 22 * if any, must include the following acknowledgment: 23 * "This product includes software developed by the 24 * Apache Software Foundation (http://www.apache.org/)." 25 * Alternately, this acknowledgment may appear in the software itself, 26 * if and wherever such third-party acknowledgments normally appear. 27 * 28 * 4. The names "Apache" and "Apache Software Foundation" and 29 * "Apache Turbine" must not be used to endorse or promote products 30 * derived from this software without prior written permission. For 31 * written permission, please contact apache@apache.org. 32 * 33 * 5. Products derived from this software may not be called "Apache", 34 * "Apache Turbine", nor may "Apache" appear in their name, without 35 * prior written permission of the Apache Software Foundation. 36 * 37 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 38 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 39 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 40 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 43 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 44 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 46 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 47 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 48 * SUCH DAMAGE. 49 * ==================================================================== 50 * 51 * This software consists of voluntary contributions made by many 52 * individuals on behalf of the Apache Software Foundation. For more 53 * information on the Apache Software Foundation, please see 54 * <http://www.apache.org/>;. 55 */ 56 57 import org.apache.turbine.om.security.Permission; 58 import org.apache.turbine.om.security.Role; 59 import org.apache.turbine.services.security.TurbineSecurity; 60 61 /*** 62 * Utility for doing security checks in Screens and Actions. 63 * 64 * Sample usage:<br> 65 * 66 * <code> 67 * SecurityCheck mycheck = 68 * new SecurityCheck(data, "Unauthorized to do this!", "WrongPermission"); 69 * if ( !mycheck.hasPermission("add_user"); 70 * return; 71 *</code> 72 * 73 * @author <a href="mailto:mbryson@mindspring.com">Dave Bryson</a> 74 * @version $Id: SecurityCheck.java,v 1.1.1.1 2001/08/16 05:09:41 jvanzyl Exp $ 75 */ 76 public class SecurityCheck 77 { 78 private String message; 79 private String failScreen; 80 private RunData data = null; 81 82 /*** 83 * Constructor. 84 * 85 * @param data A Turbine RunData object. 86 * @param message The message to display upon failure. 87 * @param failedScreen The screen to redirect to upon failure. 88 */ 89 public SecurityCheck(RunData data, 90 String message, 91 String failedScreen) 92 { 93 this.data=data; 94 this.message=message; 95 this.failScreen=failedScreen; 96 } 97 98 /*** 99 * Does the user have this role? 100 * 101 * @param role A Role. 102 * @return True if the user has this role. 103 * @exception Exception, a generic exception. 104 */ 105 public boolean hasRole(Role role) 106 throws Exception 107 { 108 boolean value = false; 109 if ( data.getACL() == null || 110 !data.getACL().hasRole(role) ) 111 { 112 data.setScreen(failScreen); 113 data.setMessage(message); 114 } 115 else 116 { 117 value = true; 118 } 119 return value; 120 } 121 122 /*** 123 * Does the user have this role? 124 * 125 * @param role A String. 126 * @return True if the user has this role. 127 * @exception Exception, a generic exception. 128 */ 129 public boolean hasRole(String role) 130 throws Exception 131 { 132 return hasRole( TurbineSecurity.getRole(role) ); 133 } 134 135 /*** 136 * Does the user have this permission? 137 * 138 * @param permission A Permission. 139 * @return True if the user has this permission. 140 * @exception Exception, a generic exception. 141 */ 142 public boolean hasPermission(Permission permission) 143 throws Exception 144 { 145 boolean value = false; 146 if ( data.getACL() == null || 147 !data.getACL().hasPermission(permission) ) 148 { 149 data.setScreen(failScreen); 150 data.setMessage(message); 151 } 152 else 153 { 154 value = true; 155 } 156 return value; 157 } 158 159 /*** 160 * Does the user have this permission? 161 * 162 * @param permission A String. 163 * @return True if the user has this permission. 164 * @exception Exception, a generic exception. 165 */ 166 public boolean hasPermission(String permission) 167 throws Exception 168 { 169 return hasPermission( TurbineSecurity.getPermission(permission) ); 170 } 171 172 /*** 173 * Get the message that should be displayed. This is initialized 174 * in the constructor. 175 * 176 * @return A String. 177 */ 178 public String getMessage() 179 { 180 return message; 181 } 182 183 /*** 184 * Get the screen that should be displayed. This is initialized 185 * in the constructor. 186 * 187 * @return A String. 188 */ 189 public String getFailScreen() 190 { 191 return failScreen; 192 } 193 }

This page was automatically generated by Maven