%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.turbine.util.SecurityCheck |
|
|
1 | package org.apache.turbine.util; |
|
2 | ||
3 | /* |
|
4 | * Copyright 2001-2005 The Apache Software Foundation. |
|
5 | * |
|
6 | * Licensed under the Apache License, Version 2.0 (the "License") |
|
7 | * you may not use this file except in compliance with the License. |
|
8 | * You may obtain a copy of the License at |
|
9 | * |
|
10 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
11 | * |
|
12 | * Unless required by applicable law or agreed to in writing, software |
|
13 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
15 | * See the License for the specific language governing permissions and |
|
16 | * limitations under the License. |
|
17 | */ |
|
18 | ||
19 | import org.apache.turbine.om.security.Permission; |
|
20 | import org.apache.turbine.om.security.Role; |
|
21 | import org.apache.turbine.services.security.TurbineSecurity; |
|
22 | ||
23 | /** |
|
24 | * Utility for doing security checks in Screens and Actions. |
|
25 | * |
|
26 | * Sample usage:<br> |
|
27 | * |
|
28 | * <pre><code> |
|
29 | * SecurityCheck mycheck = |
|
30 | * new SecurityCheck(data, "Unauthorized to do this!", "WrongPermission"); |
|
31 | * if (!mycheck.hasPermission("add_user"); |
|
32 | * return; |
|
33 | *</code></pre> |
|
34 | * |
|
35 | * @author <a href="mailto:mbryson@mindspring.com">Dave Bryson</a> |
|
36 | * @version $Id: SecurityCheck.java 264148 2005-08-29 14:21:04Z henning $ |
|
37 | */ |
|
38 | public class SecurityCheck |
|
39 | { |
|
40 | private String message; |
|
41 | private String failScreen; |
|
42 | 0 | private RunData data = null; |
43 | ||
44 | /** |
|
45 | * Constructor. |
|
46 | * |
|
47 | * @param data A Turbine RunData object. |
|
48 | * @param message The message to display upon failure. |
|
49 | * @param failedScreen The screen to redirect to upon failure. |
|
50 | */ |
|
51 | public SecurityCheck(RunData data, |
|
52 | String message, |
|
53 | String failedScreen) |
|
54 | 0 | { |
55 | 0 | this.data = data; |
56 | 0 | this.message = message; |
57 | 0 | this.failScreen = failedScreen; |
58 | 0 | } |
59 | ||
60 | /** |
|
61 | * Does the user have this role? |
|
62 | * |
|
63 | * @param role A Role. |
|
64 | * @return True if the user has this role. |
|
65 | * @exception Exception, a generic exception. |
|
66 | */ |
|
67 | public boolean hasRole(Role role) |
|
68 | throws Exception |
|
69 | { |
|
70 | 0 | boolean value = false; |
71 | 0 | if (data.getACL() == null || |
72 | !data.getACL().hasRole(role)) |
|
73 | { |
|
74 | 0 | data.setScreen(failScreen); |
75 | 0 | data.setMessage(message); |
76 | } |
|
77 | else |
|
78 | { |
|
79 | 0 | value = true; |
80 | } |
|
81 | 0 | return value; |
82 | } |
|
83 | ||
84 | /** |
|
85 | * Does the user have this role? |
|
86 | * |
|
87 | * @param role A String. |
|
88 | * @return True if the user has this role. |
|
89 | * @exception Exception, a generic exception. |
|
90 | */ |
|
91 | public boolean hasRole(String role) |
|
92 | throws Exception |
|
93 | { |
|
94 | 0 | return hasRole(TurbineSecurity.getRoleByName(role)); |
95 | } |
|
96 | ||
97 | /** |
|
98 | * Does the user have this permission? |
|
99 | * |
|
100 | * @param permission A Permission. |
|
101 | * @return True if the user has this permission. |
|
102 | * @exception Exception, a generic exception. |
|
103 | */ |
|
104 | public boolean hasPermission(Permission permission) |
|
105 | throws Exception |
|
106 | { |
|
107 | 0 | boolean value = false; |
108 | 0 | if (data.getACL() == null || |
109 | !data.getACL().hasPermission(permission)) |
|
110 | { |
|
111 | 0 | data.setScreen(failScreen); |
112 | 0 | data.setMessage(message); |
113 | } |
|
114 | else |
|
115 | { |
|
116 | 0 | value = true; |
117 | } |
|
118 | 0 | return value; |
119 | } |
|
120 | ||
121 | /** |
|
122 | * Does the user have this permission? |
|
123 | * |
|
124 | * @param permission A String. |
|
125 | * @return True if the user has this permission. |
|
126 | * @exception Exception, a generic exception. |
|
127 | */ |
|
128 | public boolean hasPermission(String permission) |
|
129 | throws Exception |
|
130 | { |
|
131 | 0 | return hasPermission(TurbineSecurity.getPermissionByName(permission)); |
132 | } |
|
133 | ||
134 | /** |
|
135 | * Get the message that should be displayed. This is initialized |
|
136 | * in the constructor. |
|
137 | * |
|
138 | * @return A String. |
|
139 | */ |
|
140 | public String getMessage() |
|
141 | { |
|
142 | 0 | return message; |
143 | } |
|
144 | ||
145 | /** |
|
146 | * Get the screen that should be displayed. This is initialized |
|
147 | * in the constructor. |
|
148 | * |
|
149 | * @return A String. |
|
150 | */ |
|
151 | public String getFailScreen() |
|
152 | { |
|
153 | 0 | return failScreen; |
154 | } |
|
155 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |