Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
TemplateSecurityCheck |
|
| 1.8181818181818181;1,818 |
1 | package org.apache.turbine.util.template; | |
2 | ||
3 | ||
4 | /* | |
5 | * Licensed to the Apache Software Foundation (ASF) under one | |
6 | * or more contributor license agreements. See the NOTICE file | |
7 | * distributed with this work for additional information | |
8 | * regarding copyright ownership. The ASF licenses this file | |
9 | * to you under the Apache License, Version 2.0 (the | |
10 | * "License"); you may not use this file except in compliance | |
11 | * with the License. You may obtain a copy of the License at | |
12 | * | |
13 | * http://www.apache.org/licenses/LICENSE-2.0 | |
14 | * | |
15 | * Unless required by applicable law or agreed to in writing, | |
16 | * software distributed under the License is distributed on an | |
17 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
18 | * KIND, either express or implied. See the License for the | |
19 | * specific language governing permissions and limitations | |
20 | * under the License. | |
21 | */ | |
22 | ||
23 | ||
24 | import org.apache.fulcrum.security.entity.Permission; | |
25 | import org.apache.fulcrum.security.entity.Role; | |
26 | import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList; | |
27 | import org.apache.fulcrum.security.model.turbine.TurbineUserManager; | |
28 | import org.apache.turbine.Turbine; | |
29 | import org.apache.turbine.TurbineConstants; | |
30 | import org.apache.turbine.pipeline.PipelineData; | |
31 | import org.apache.turbine.services.TurbineServices; | |
32 | import org.apache.turbine.services.template.TemplateService; | |
33 | import org.apache.turbine.util.RunData; | |
34 | ||
35 | /** | |
36 | * Utility class to help check for proper authorization when using | |
37 | * template screens. Sample usages: | |
38 | * | |
39 | * <pre> | |
40 | * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data ); | |
41 | * secCheck.setMessage( "Sorry, you do not have permission to " + | |
42 | * "access this area." ); | |
43 | * secCheck.setFailTemplate("login.wm"); | |
44 | * if ( !secCheck.hasRole("ADMIN") ) | |
45 | * return; | |
46 | * </pre> | |
47 | * | |
48 | * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a> | |
49 | * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> | |
50 | * @version $Id: TemplateSecurityCheck.java 1854797 2019-03-04 20:41:39Z tv $ | |
51 | */ | |
52 | public class TemplateSecurityCheck | |
53 | { | |
54 | 0 | private String message = "Sorry, you do not have permission to access this area."; |
55 | private String failScreen; | |
56 | private String failTemplate; | |
57 | ||
58 | /* The RunData object. */ | |
59 | private final RunData data; | |
60 | ||
61 | /** | |
62 | * Constructor. | |
63 | * | |
64 | * @param pipelineData A Turbine PipelineData object. | |
65 | * @param message A String with the message to display upon | |
66 | * failure. | |
67 | */ | |
68 | public TemplateSecurityCheck(PipelineData pipelineData, String message) | |
69 | { | |
70 | 0 | this(pipelineData); |
71 | 0 | setMessage(message); |
72 | 0 | } |
73 | ||
74 | /** | |
75 | * Generic Constructor. | |
76 | * | |
77 | * @param pipelineData A Turbine PipelineData object. | |
78 | */ | |
79 | public TemplateSecurityCheck(PipelineData pipelineData) | |
80 | 0 | { |
81 | 0 | this.data = pipelineData.getRunData(); |
82 | 0 | TemplateService templateService = (TemplateService)TurbineServices.getInstance() |
83 | 0 | .getService(TemplateService.SERVICE_NAME); |
84 | 0 | this.failScreen = templateService.getDefaultScreen(); |
85 | 0 | } |
86 | ||
87 | /** | |
88 | * Does the User have this role? | |
89 | * | |
90 | * @param role The role to be checked. | |
91 | * @return Whether the user has the role. | |
92 | * @throws Exception Trouble validating. | |
93 | */ | |
94 | public boolean hasRole(Role role) | |
95 | throws Exception | |
96 | { | |
97 | 0 | if (!checkLogin()) |
98 | { | |
99 | 0 | return false; |
100 | } | |
101 | ||
102 | 0 | TurbineAccessControlList acl = data.getACL(); |
103 | 0 | if (acl == null || !acl.hasRole(role)) |
104 | { | |
105 | 0 | data.setScreen(getFailScreen()); |
106 | 0 | data.getTemplateInfo().setScreenTemplate(getFailTemplate()); |
107 | 0 | data.setMessage(getMessage()); |
108 | 0 | return false; |
109 | } | |
110 | ||
111 | 0 | return true; |
112 | } | |
113 | ||
114 | /** | |
115 | * Does the User have this permission? | |
116 | * | |
117 | * @param permission The permission to be checked. | |
118 | * @return Whether the user has the permission. | |
119 | * @throws Exception Trouble validating. | |
120 | */ | |
121 | public boolean hasPermission(Permission permission) | |
122 | throws Exception | |
123 | { | |
124 | 0 | boolean value = true; |
125 | 0 | TurbineAccessControlList acl = data.getACL(); |
126 | 0 | if (acl == null || !acl.hasPermission(permission)) |
127 | { | |
128 | 0 | data.setScreen(getFailScreen()); |
129 | 0 | data.getTemplateInfo().setScreenTemplate(getFailTemplate()); |
130 | 0 | data.setMessage(getMessage()); |
131 | 0 | value = false; |
132 | } | |
133 | ||
134 | 0 | return value; |
135 | } | |
136 | ||
137 | /** | |
138 | * Check that the user has logged in. | |
139 | * | |
140 | * @return True if user has logged in. | |
141 | * @throws Exception a generic exception. | |
142 | */ | |
143 | public boolean checkLogin() | |
144 | throws Exception | |
145 | { | |
146 | 0 | boolean value = true; |
147 | ||
148 | // Do it like the AccessController | |
149 | TurbineUserManager userManager = | |
150 | (TurbineUserManager)TurbineServices | |
151 | 0 | .getInstance() |
152 | 0 | .getService(TurbineUserManager.ROLE); |
153 | ||
154 | 0 | if (!userManager.isAnonymousUser(data.getUser()) |
155 | 0 | && !data.getUser().hasLoggedIn()) |
156 | { | |
157 | 0 | data.setMessage(Turbine.getConfiguration() |
158 | 0 | .getString(TurbineConstants.LOGIN_MESSAGE)); |
159 | ||
160 | 0 | data.getTemplateInfo().setScreenTemplate(getFailTemplate()); |
161 | 0 | value = false; |
162 | } | |
163 | ||
164 | 0 | return value; |
165 | } | |
166 | ||
167 | /** | |
168 | * Set the message that should be displayed. This is initialized | |
169 | * in the constructor. | |
170 | * | |
171 | * @param v A String with the message that should be displayed. | |
172 | */ | |
173 | public void setMessage(String v) | |
174 | { | |
175 | 0 | this.message = v; |
176 | 0 | } |
177 | ||
178 | /** | |
179 | * Get the message that should be displayed. This is initialized | |
180 | * in the constructor. | |
181 | * | |
182 | * @return A String with the message that should be displayed. | |
183 | */ | |
184 | public String getMessage() | |
185 | { | |
186 | 0 | return message; |
187 | } | |
188 | ||
189 | /** | |
190 | * Get the value of failScreen. | |
191 | * | |
192 | * @return A String with the value of failScreen. | |
193 | */ | |
194 | public String getFailScreen() | |
195 | { | |
196 | 0 | return failScreen; |
197 | } | |
198 | ||
199 | /** | |
200 | * Set the value of failScreen. | |
201 | * | |
202 | * @param v A String with the value of failScreen. | |
203 | */ | |
204 | public void setFailScreen(String v) | |
205 | { | |
206 | 0 | this.failScreen = v; |
207 | 0 | } |
208 | ||
209 | /** | |
210 | * Get the value of failTemplate. | |
211 | * | |
212 | * @return A String with the value of failTemplate. | |
213 | */ | |
214 | public String getFailTemplate() | |
215 | { | |
216 | 0 | return failTemplate; |
217 | } | |
218 | ||
219 | /** | |
220 | * Set the value of failTemplate. | |
221 | * | |
222 | * @param v A String with the value of failTemplate. | |
223 | */ | |
224 | public void setFailTemplate(String v) | |
225 | { | |
226 | 0 | this.failTemplate = v; |
227 | 0 | } |
228 | } |