AuthzImpl xref

View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.velocity;
17  
18  import org.acegisecurity.acl.AclManager;
19  
20  import org.acegisecurity.taglibs.authz.AclTag;
21  import org.acegisecurity.taglibs.authz.AuthenticationTag;
22  import org.acegisecurity.taglibs.authz.AuthorizeTag;
23  
24  import org.springframework.context.ApplicationContext;
25  
26  import javax.servlet.jsp.JspException;
27  import javax.servlet.jsp.PageContext;
28  import javax.servlet.jsp.tagext.Tag;
29  
30  
31  /**
32   * I decided to wrap several JSP tag in one class, so I have to using inner class to wrap these JSP tag.  To using
33   * this class, you need to inject Spring Context via SetAppCtx() method. AclTag need Spring Context to get AclManger
34   * bean.
35   */
36  public class AuthzImpl implements Authz {
37      //~ Static fields/initializers =====================================================================================
38  
39      static final int ALL_GRANTED = 1;
40      static final int ANY_GRANTED = 2;
41      static final int NONE_GRANTED = 3;
42  
43      //~ Instance fields ================================================================================================
44  
45      private ApplicationContext appCtx;
46  
47      //~ Methods ========================================================================================================
48  
49      public boolean allGranted(String roles) {
50          return ifGranted(roles, ALL_GRANTED);
51      }
52  
53      public boolean anyGranted(String roles) {
54          return ifGranted(roles, ANY_GRANTED);
55      }
56  
57      public ApplicationContext getAppCtx() {
58          return appCtx;
59      }
60  
61      /**
62       * implementation of AuthenticationTag
63       *
64       * @return DOCUMENT ME!
65       *
66       * @throws IllegalArgumentException DOCUMENT ME!
67       */
68      public String getPrincipal() {
69          MyAuthenticationTag authenticationTag = new MyAuthenticationTag();
70  
71          authenticationTag.setOperation("username");
72  
73          try {
74              authenticationTag.doStartTag();
75          } catch (JspException je) {
76              je.printStackTrace();
77              throw new IllegalArgumentException(je.getMessage());
78          }
79  
80          return authenticationTag.getLastMessage();
81      }
82  
83      /**
84       * implementation of AclTag
85       *
86       * @param domainObject DOCUMENT ME!
87       * @param permissions DOCUMENT ME!
88       *
89       * @return DOCUMENT ME!
90       *
91       * @throws IllegalArgumentException DOCUMENT ME!
92       */
93      public boolean hasPermission(Object domainObject, String permissions) {
94          MyAclTag aclTag = new MyAclTag();
95          aclTag.setPageContext(null);
96          aclTag.setContext(getAppCtx());
97          aclTag.setDomainObject(domainObject);
98          aclTag.setHasPermission(permissions);
99  
100         int result = -1;
101 
102         try {
103             result = aclTag.doStartTag();
104         } catch (JspException je) {
105             throw new IllegalArgumentException(je.getMessage());
106         }
107 
108         if (Tag.EVAL_BODY_INCLUDE == result) {
109             return true;
110         } else {
111             return false;
112         }
113     }
114 
115     /**
116      * implementation of AuthorizeTag
117      *
118      * @param roles DOCUMENT ME!
119      * @param grantType DOCUMENT ME!
120      *
121      * @return DOCUMENT ME!
122      *
123      * @throws IllegalArgumentException DOCUMENT ME!
124      */
125     private boolean ifGranted(String roles, int grantType) {
126         AuthorizeTag authorizeTag = new AuthorizeTag();
127 
128         int result = -1;
129 
130         try {
131             switch (grantType) {
132             case ALL_GRANTED:
133                 authorizeTag.setIfAllGranted(roles);
134 
135                 break;
136 
137             case ANY_GRANTED:
138                 authorizeTag.setIfAnyGranted(roles);
139 
140                 break;
141 
142             case NONE_GRANTED:
143                 authorizeTag.setIfNotGranted(roles);
144 
145                 break;
146 
147             default:
148                 throw new IllegalArgumentException("invalid granted type : " + grantType + " role=" + roles);
149             }
150 
151             result = authorizeTag.doStartTag();
152         } catch (JspException je) {
153             throw new IllegalArgumentException(je.getMessage());
154         }
155 
156         if (Tag.EVAL_BODY_INCLUDE == result) {
157             return true;
158         } else {
159             return false;
160         }
161     }
162 
163     public boolean noneGranted(String roles) {
164         return ifGranted(roles, NONE_GRANTED);
165     }
166 
167     /**
168      * test case can use this class to mock application context with aclManager bean in it.
169      *
170      * @param appCtx DOCUMENT ME!
171      */
172     public void setAppCtx(ApplicationContext appCtx) {
173         this.appCtx = appCtx;
174     }
175 
176     //~ Inner Classes ==================================================================================================
177 
178     /**
179      * AclTag need to access the application context via the <code> WebApplicationContextUtils</code> and
180      * locate an {@link AclManager}. WebApplicationContextUtils get application context via ServletContext. I decided
181      * to let the Authz provide the Spring application context.
182      */
183     private class MyAclTag extends AclTag {
184         private static final long serialVersionUID = 6752340622125924108L;
185         ApplicationContext context;
186 
187         protected ApplicationContext getContext(PageContext pageContext) {
188             return context;
189         }
190 
191         protected void setContext(ApplicationContext context) {
192             this.context = context;
193         }
194     }
195 
196     /**
197      * it must output somthing to JSP page, so have to override the writeMessage method to avoid JSP related
198      * operation. Get Idea from Acegi Test class.
199      */
200     private class MyAuthenticationTag extends AuthenticationTag {
201         private static final long serialVersionUID = -1094246833893599161L;
202         String lastMessage = null;
203 
204         public String getLastMessage() {
205             return lastMessage;
206         }
207 
208         protected void writeMessage(String msg) throws JspException {
209             lastMessage = msg;
210         }
211     }
212 }