Coverage Report - org.apache.turbine.modules.actions.AccessController
 
Classes in this File Line Coverage Branch Coverage Complexity
AccessController
100%
17/17
66%
4/6
0
 
 1   
 package org.apache.turbine.modules.actions;
 2   
 
 3   
 import org.apache.fulcrum.security.acl.AccessControlList;
 4   
 import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
 5   
 import org.apache.fulcrum.security.util.FulcrumSecurityException;
 6   
 import org.apache.logging.log4j.LogManager;
 7   
 
 8   
 /*
 9   
  * Licensed to the Apache Software Foundation (ASF) under one
 10   
  * or more contributor license agreements.  See the NOTICE file
 11   
  * distributed with this work for additional information
 12   
  * regarding copyright ownership.  The ASF licenses this file
 13   
  * to you under the Apache License, Version 2.0 (the
 14   
  * "License"); you may not use this file except in compliance
 15   
  * with the License.  You may obtain a copy of the License at
 16   
  *
 17   
  *   http://www.apache.org/licenses/LICENSE-2.0
 18   
  *
 19   
  * Unless required by applicable law or agreed to in writing,
 20   
  * software distributed under the License is distributed on an
 21   
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 22   
  * KIND, either express or implied.  See the License for the
 23   
  * specific language governing permissions and limitations
 24   
  * under the License.
 25   
  */
 26   
 
 27   
 import org.apache.logging.log4j.Logger;
 28   
 import org.apache.turbine.Turbine;
 29   
 import org.apache.turbine.TurbineConstants;
 30   
 import org.apache.turbine.annotation.TurbineService;
 31   
 import org.apache.turbine.modules.Action;
 32   
 import org.apache.turbine.om.security.User;
 33   
 import org.apache.turbine.pipeline.PipelineData;
 34   
 import org.apache.turbine.services.security.SecurityService;
 35   
 import org.apache.turbine.util.RunData;
 36   
 
 37   
 /**
 38   
  * This action doPerforms an Access Control List and places it into
 39   
  * the RunData object, so it is easily available to modules.  The ACL
 40   
  * is also placed into the session.  Modules can null out the ACL to
 41   
  * force it to be rebuilt based on more information.
 42   
  *
 43   
  * <p>
 44   
  *
 45   
  * Turbine uses a User-Role-Permission arrangement for access control.
 46   
  * Users are assigned Roles.  Roles are assigned Permissions.  Turbine
 47   
  * modules then check the Permission required for an action or
 48   
  * information with the set of Permissions currently associated with
 49   
  * the session (which are dependent on the user associated with the
 50   
  * session.)
 51   
  *
 52   
  * <p>
 53   
  *
 54   
  * The criteria for assigning Roles/Permissions is application
 55   
  * dependent, in some cases an application may change a User's Roles
 56   
  * during the session.  To achieve flexibility, the ACL takes an
 57   
  * Object parameter, which the application can use to doPerform the
 58   
  * ACL.
 59   
  *
 60   
  * <p>
 61   
  *
 62   
  * This action is special in that it should only be executed by the
 63   
  * Turbine servlet.
 64   
  *
 65   
  * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
 66   
  * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
 67   
  * @author <a href="quintonm@bellsouth.net">Quinton McCombs</a>
 68   
  * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
 69   
  * @version $Id: AccessController.java 1854797 2019-03-04 20:41:39Z tv $
 70   
  */
 71  6 
 public class AccessController implements Action
 72   
 {
 73   
     /** Logging */
 74  6 
     private static final Logger log = LogManager.getLogger(AccessController.class);
 75   
 
 76   
     /** Injected service instance */
 77   
     @TurbineService
 78   
     private SecurityService security;
 79   
 
 80   
     /**
 81   
      * If there is a user and the user is logged in, doPerform will
 82   
      * set the RunData ACL.  The list is first sought from the current
 83   
      * session, otherwise it is loaded through
 84   
      * <code>link {@link SecurityService#getACL(User)}</code> and added to the current
 85   
      * session.
 86   
      *
 87   
      * @param pipelineData Turbine information.
 88   
      * @throws FulcrumSecurityException problem with the security service.
 89   
      */
 90   
     @Override
 91   
     public void doPerform(PipelineData pipelineData)
 92   
             throws FulcrumSecurityException
 93   
     {
 94  6 
         RunData data = pipelineData.getRunData();
 95  6 
         User user = data.getUser();
 96   
 
 97  6 
         if (!security.isAnonymousUser(user)
 98  3 
             && user.hasLoggedIn())
 99   
         {
 100  3 
             log.debug("Fetching ACL for {}", user::getName);
 101  3 
             AccessControlList acl = (AccessControlList)
 102  3 
                     data.getSession().getAttribute(
 103   
                             TurbineConstants.ACL_SESSION_KEY);
 104  3 
             if (acl == null)
 105   
             {
 106  3 
                 log.debug("No ACL found in Session, building fresh ACL");
 107  3 
                 acl = security.getACL(user);
 108  3 
                 data.getSession().setAttribute(
 109   
                         TurbineConstants.ACL_SESSION_KEY, acl);
 110   
 
 111  3 
                 log.debug("ACL is {}", acl);
 112   
             }
 113  3 
             data.setACL(acl);
 114   
         }
 115   
 
 116   
         // Comply with Turbine 4.0 standards
 117  6 
         pipelineData.get(Turbine.class).put(TurbineAccessControlList.class, data.getACL());
 118  6 
     }
 119   
 }
Report generated by Cobertura 2.1.1 on 18.06.19 13:28.