Coverage report

  %line %branch
org.apache.turbine.util.template.TemplateSecurityCheck
0% 
0% 

 1  
 package org.apache.turbine.util.template;
 2  
 
 3  
 /*
 4  
  * Copyright 2001-2005 The Apache Software Foundation.
 5  
  *
 6  
  * Licensed under the Apache License, Version 2.0 (the "License")
 7  
  * you may not use this file except in compliance with the License.
 8  
  * You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing, software
 13  
  * distributed under the License is distributed on an "AS IS" BASIS,
 14  
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15  
  * See the License for the specific language governing permissions and
 16  
  * limitations under the License.
 17  
  */
 18  
 
 19  
 import org.apache.turbine.Turbine;
 20  
 import org.apache.turbine.TurbineConstants;
 21  
 import org.apache.turbine.om.security.Permission;
 22  
 import org.apache.turbine.om.security.Role;
 23  
 import org.apache.turbine.services.security.TurbineSecurity;
 24  
 import org.apache.turbine.services.template.TurbineTemplate;
 25  
 import org.apache.turbine.util.RunData;
 26  
 
 27  
 /**
 28  
  * Utility class to help check for proper authorization when using
 29  
  * template screens.  Sample usages:
 30  
  *
 31  
  * <p><pre><code>
 32  
  * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
 33  
  * secCheck.setMessage( "Sorry, you do not have permission to " +
 34  
  *                      "access this area." );
 35  
  * secCheck.setFailTemplate("login.wm");
 36  
  * if ( !secCheck.hasRole("ADMIN") )
 37  
  *     return;
 38  
  * </pre></code>
 39  
  *
 40  
  * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
 41  
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
 42  
  * @version $Id: TemplateSecurityCheck.java 264148 2005-08-29 14:21:04Z henning $
 43  
  */
 44  
 public class TemplateSecurityCheck
 45  
 {
 46  0
     private String message =
 47  
             "Sorry, you do not have permission to access this area.";
 48  0
     private String failScreen = TurbineTemplate.getDefaultScreen();
 49  
     private String failTemplate;
 50  0
     private RunData data = null;
 51  
 
 52  
     /**
 53  
      * Constructor.
 54  
      *
 55  
      * @param data A Turbine RunData object.
 56  
      * @param message A String with the message to display upon
 57  
      * failure.
 58  
      */
 59  
     public TemplateSecurityCheck(RunData data, String message)
 60  0
     {
 61  0
         this.data = data;
 62  0
         this.message = message;
 63  0
     }
 64  
 
 65  
     /**
 66  
      * Generic Constructor.
 67  
      *
 68  
      * @param data A Turbine RunData object.
 69  
      */
 70  
     public TemplateSecurityCheck(RunData data)
 71  0
     {
 72  0
         this.data = data;
 73  0
     }
 74  
 
 75  
     /**
 76  
      * Does the User have this role?
 77  
      *
 78  
      * @param role The role to be checked.
 79  
      * @return Whether the user has the role.
 80  
      * @exception Exception Trouble validating.
 81  
      */
 82  
     public boolean hasRole(Role role)
 83  
         throws Exception
 84  
     {
 85  0
         if (!checkLogin())
 86  
         {
 87  0
             return false;
 88  
         }
 89  
 
 90  0
         if (data.getACL() == null || !data.getACL().hasRole(role))
 91  
         {
 92  0
             data.setScreen(getFailScreen());
 93  0
             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
 94  0
             data.setMessage(getMessage());
 95  0
             return false;
 96  
         }
 97  
 
 98  0
         return true;
 99  
     }
 100  
 
 101  
     /**
 102  
      * Does the User have this permission?
 103  
      *
 104  
      * @param permission The permission to be checked.
 105  
      * @return Whether the user has the permission.
 106  
      * @exception Exception Trouble validating.
 107  
      */
 108  
     public boolean hasPermission(Permission permission)
 109  
         throws Exception
 110  
     {
 111  0
         boolean value = true;
 112  0
         if (data.getACL() == null || !data.getACL().hasPermission(permission))
 113  
         {
 114  0
             data.setScreen(getFailScreen());
 115  0
             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
 116  0
             data.setMessage(getMessage());
 117  0
             value = false;
 118  
         }
 119  
 
 120  0
         return value;
 121  
     }
 122  
 
 123  
     /**
 124  
      * Check that the user has logged in.
 125  
      *
 126  
      * @return True if user has logged in.
 127  
      * @exception Exception, a generic exception.
 128  
      */
 129  
     public boolean checkLogin()
 130  
         throws Exception
 131  
     {
 132  0
         boolean value = true;
 133  
 
 134  
         // Do it like the AccessController
 135  0
         if (!TurbineSecurity.isAnonymousUser(data.getUser())
 136  
             && !data.getUser().hasLoggedIn())
 137  
         {
 138  0
             data.setMessage(Turbine.getConfiguration()
 139  
                 .getString(TurbineConstants.LOGIN_MESSAGE));
 140  
 
 141  0
             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
 142  0
             value = false;
 143  
         }
 144  
 
 145  0
         return value;
 146  
     }
 147  
 
 148  
     /**
 149  
      * Set the message that should be displayed.  This is initialized
 150  
      * in the constructor.
 151  
      *
 152  
      * @param v A String with the message that should be displayed.
 153  
      */
 154  
     public void setMessage(String v)
 155  
     {
 156  0
         this.message = v;
 157  0
     }
 158  
 
 159  
     /**
 160  
      * Get the message that should be displayed.  This is initialized
 161  
      * in the constructor.
 162  
      *
 163  
      * @return A String with the message that should be displayed.
 164  
      */
 165  
     public String getMessage()
 166  
     {
 167  0
         return message;
 168  
     }
 169  
 
 170  
     /**
 171  
      * Get the value of failScreen.
 172  
      *
 173  
      * @return A String with the value of failScreen.
 174  
      */
 175  
     public String getFailScreen()
 176  
     {
 177  0
         return failScreen;
 178  
     }
 179  
 
 180  
     /**
 181  
      * Set the value of failScreen.
 182  
      *
 183  
      * @param v A String with the value of failScreen.
 184  
      */
 185  
     public void setFailScreen(String v)
 186  
     {
 187  0
         this.failScreen = v;
 188  0
     }
 189  
 
 190  
     /**
 191  
      * Get the value of failTemplate.
 192  
      *
 193  
      * @return A String with the value of failTemplate.
 194  
      */
 195  
     public String getFailTemplate()
 196  
     {
 197  0
         return failTemplate;
 198  
     }
 199  
 
 200  
     /**
 201  
      * Set the value of failTemplate.
 202  
      *
 203  
      * @param v A String with the value of failTemplate.
 204  
      */
 205  
     public void setFailTemplate(String v)
 206  
     {
 207  0
         this.failTemplate = v;
 208  0
     }
 209  
 }

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.