AuthzImpl xref

View Javadoc

1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.velocity;
17  
18  import org.acegisecurity.acl.AclManager;
19  
20  import org.acegisecurity.taglibs.authz.AclTag;
21  import org.acegisecurity.taglibs.authz.AuthenticationTag;
22  import org.acegisecurity.taglibs.authz.AuthorizeTag;
23  
24  import org.springframework.context.ApplicationContext;
25  
26  import javax.servlet.jsp.JspException;
27  import javax.servlet.jsp.PageContext;
28  import javax.servlet.jsp.tagext.Tag;
29  
30  
31  /***
32   * I decided to wrap several JSP tag in one class, so I have to using inner
33   * class to wrap these JSP tag.  To using this class, you need to inject
34   * Spring Context via SetAppCtx() method. AclTag need Spring Context to get
35   * AclManger bean.
36   */
37  public class AuthzImpl implements Authz {
38      //~ Static fields/initializers =============================================
39  
40      static final int ALL_GRANTED = 1;
41      static final int ANY_GRANTED = 2;
42      static final int NONE_GRANTED = 3;
43  
44      //~ Instance fields ========================================================
45  
46      private ApplicationContext appCtx;
47  
48      //~ Methods ================================================================
49  
50      public boolean allGranted(String roles) {
51          return ifGranted(roles, ALL_GRANTED);
52      }
53  
54      public boolean anyGranted(String roles) {
55          return ifGranted(roles, ANY_GRANTED);
56      }
57  
58      public ApplicationContext getAppCtx() {
59          return appCtx;
60      }
61  
62      /***
63       * implementation of AuthenticationTag
64       *
65       * @return DOCUMENT ME!
66       *
67       * @throws IllegalArgumentException DOCUMENT ME!
68       */
69      public String getPrincipal() {
70          MyAuthenticationTag authenticationTag = new MyAuthenticationTag();
71  
72          authenticationTag.setOperation("username");
73  
74          try {
75              authenticationTag.doStartTag();
76          } catch (JspException je) {
77              je.printStackTrace();
78              throw new IllegalArgumentException(je.getMessage());
79          }
80  
81          return authenticationTag.getLastMessage();
82      }
83  
84      /***
85       * implementation of AclTag
86       *
87       * @param domainObject DOCUMENT ME!
88       * @param permissions DOCUMENT ME!
89       *
90       * @return DOCUMENT ME!
91       *
92       * @throws IllegalArgumentException DOCUMENT ME!
93       */
94      public boolean hasPermission(Object domainObject, String permissions) {
95          MyAclTag aclTag = new MyAclTag();
96          aclTag.setPageContext(null);
97          aclTag.setContext(getAppCtx());
98          aclTag.setDomainObject(domainObject);
99          aclTag.setHasPermission(permissions);
100 
101         int result = -1;
102 
103         try {
104             result = aclTag.doStartTag();
105         } catch (JspException je) {
106             throw new IllegalArgumentException(je.getMessage());
107         }
108 
109         if (Tag.EVAL_BODY_INCLUDE == result) {
110             return true;
111         } else {
112             return false;
113         }
114     }
115 
116     /***
117      * implementation of AuthorizeTag
118      *
119      * @param roles DOCUMENT ME!
120      * @param grantType DOCUMENT ME!
121      *
122      * @return DOCUMENT ME!
123      *
124      * @throws IllegalArgumentException DOCUMENT ME!
125      */
126     private boolean ifGranted(String roles, int grantType) {
127         AuthorizeTag authorizeTag = new AuthorizeTag();
128 
129         int result = -1;
130 
131         try {
132             switch (grantType) {
133             case ALL_GRANTED:
134                 authorizeTag.setIfAllGranted(roles);
135 
136                 break;
137 
138             case ANY_GRANTED:
139                 authorizeTag.setIfAnyGranted(roles);
140 
141                 break;
142 
143             case NONE_GRANTED:
144                 authorizeTag.setIfNotGranted(roles);
145 
146                 break;
147 
148             default:
149                 throw new IllegalArgumentException("invalid granted type : "
150                     + grantType + " role=" + roles);
151             }
152 
153             result = authorizeTag.doStartTag();
154         } catch (JspException je) {
155             throw new IllegalArgumentException(je.getMessage());
156         }
157 
158         if (Tag.EVAL_BODY_INCLUDE == result) {
159             return true;
160         } else {
161             return false;
162         }
163     }
164 
165     public boolean noneGranted(String roles) {
166         return ifGranted(roles, NONE_GRANTED);
167     }
168 
169     /***
170      * test case can use this class to mock application context with aclManager
171      * bean in it.
172      *
173      * @param appCtx DOCUMENT ME!
174      */
175     public void setAppCtx(ApplicationContext appCtx) {
176         this.appCtx = appCtx;
177     }
178 
179     //~ Inner Classes ==========================================================
180 
181     /***
182      * AclTag need to access the application context via the <code>
183      * WebApplicationContextUtils</code> and locate an {@link AclManager}.
184      * WebApplicationContextUtils get application context via ServletContext.
185      * I decided to let the Authz provide the Spring application context.
186      */
187     private class MyAclTag extends AclTag {
188         private static final long serialVersionUID = 6752340622125924108L;
189         ApplicationContext context;
190 
191         protected ApplicationContext getContext(PageContext pageContext) {
192             return context;
193         }
194 
195         protected void setContext(ApplicationContext context) {
196             this.context = context;
197         }
198     }
199 
200     /***
201      * it must output somthing to JSP page, so have to override the
202      * writeMessage method to avoid JSP related operation. Get Idea from Acegi
203      * Test class.
204      */
205     private class MyAuthenticationTag extends AuthenticationTag {
206         private static final long serialVersionUID = -1094246833893599161L;
207         String lastMessage = null;
208 
209         public String getLastMessage() {
210             return lastMessage;
211         }
212 
213         protected void writeMessage(String msg) throws JspException {
214             lastMessage = msg;
215         }
216     }
217 }