1 package org.apache.turbine.modules.screens;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import org.apache.turbine.services.velocity.TurbineVelocity;
23 import org.apache.turbine.util.RunData;
24
25 import org.apache.velocity.context.Context;
26
27 /***
28 * VelocitySecureScreen
29 *
30 * Always performs a Security Check that you've defined before
31 * executing the doBuildTemplate(). You should extend this class and
32 * add the specific security check needed. If you have a number of
33 * screens that need to perform the same check, you could make a base
34 * screen by extending this class and implementing the isAuthorized().
35 * Then each screen that needs to perform the same check could extend
36 * your base screen.
37 *
38 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
39 * @version $Id: VelocitySecureScreen.java 536036 2007-05-08 00:44:53Z seade $
40 */
41 public abstract class VelocitySecureScreen
42 extends VelocityScreen
43 {
44 /***
45 * Implement this to add information to the context.
46 *
47 * @param data Turbine information.
48 * @param context Context for web pages.
49 * @exception Exception, a generic exception.
50 */
51 protected abstract void doBuildTemplate(RunData data,
52 Context context)
53 throws Exception;
54
55 /***
56 * This method overrides the method in VelocityScreen to
57 * perform a security check first.
58 *
59 * @param data Turbine information.
60 * @exception Exception, a generic exception.
61 */
62 protected void doBuildTemplate(RunData data)
63 throws Exception
64 {
65 if (isAuthorized(data))
66 {
67 doBuildTemplate(data, TurbineVelocity.getContext(data));
68 }
69 }
70
71 /***
72 * Implement this method to perform the security check needed.
73 * You should set the template in this method that you want the
74 * user to be sent to if they're unauthorized.
75 *
76 * @param data Turbine information.
77 * @return True if the user is authorized to access the screen.
78 * @exception Exception, a generic exception.
79 */
80 protected abstract boolean isAuthorized(RunData data)
81 throws Exception;
82 }