View Javadoc
1   package org.apache.turbine.util.template;
2   
3   
4   /*
5    * Licensed to the Apache Software Foundation (ASF) under one
6    * or more contributor license agreements.  See the NOTICE file
7    * distributed with this work for additional information
8    * regarding copyright ownership.  The ASF licenses this file
9    * to you under the Apache License, Version 2.0 (the
10   * "License"); you may not use this file except in compliance
11   * with the License.  You may obtain a copy of the License at
12   *
13   *   http://www.apache.org/licenses/LICENSE-2.0
14   *
15   * Unless required by applicable law or agreed to in writing,
16   * software distributed under the License is distributed on an
17   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
18   * KIND, either express or implied.  See the License for the
19   * specific language governing permissions and limitations
20   * under the License.
21   */
22  
23  
24  import org.apache.fulcrum.security.entity.Permission;
25  import org.apache.fulcrum.security.entity.Role;
26  import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
27  import org.apache.fulcrum.security.model.turbine.TurbineUserManager;
28  import org.apache.turbine.Turbine;
29  import org.apache.turbine.TurbineConstants;
30  import org.apache.turbine.services.TurbineServices;
31  import org.apache.turbine.services.template.TemplateService;
32  import org.apache.turbine.util.RunData;
33  
34  /**
35   * Utility class to help check for proper authorization when using
36   * template screens.  Sample usages:
37   *
38   * <p><pre>
39   * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
40   * secCheck.setMessage( "Sorry, you do not have permission to " +
41   *                      "access this area." );
42   * secCheck.setFailTemplate("login.wm");
43   * if ( !secCheck.hasRole("ADMIN") )
44   *     return;
45   * </pre>
46   *
47   * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
48   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
49   * @version $Id: TemplateSecurityCheck.java 1773378 2016-12-09 13:19:59Z tv $
50   */
51  public class TemplateSecurityCheck
52  {
53      private String message = "Sorry, you do not have permission to access this area.";
54      private String failScreen;
55      private String failTemplate;
56      private RunData data = null;
57  
58      /**
59       * Constructor.
60       *
61       * @param data A Turbine RunData object.
62       * @param message A String with the message to display upon
63       * failure.
64       */
65      public TemplateSecurityCheck(RunData data, String message)
66      {
67          this(data);
68          this.message = message;
69      }
70  
71      /**
72       * Generic Constructor.
73       *
74       * @param data A Turbine RunData object.
75       */
76      public TemplateSecurityCheck(RunData data)
77      {
78          this.data = data;
79          TemplateService templateService = (TemplateService)TurbineServices.getInstance().getService(TemplateService.SERVICE_NAME);
80          this.failScreen = templateService.getDefaultScreen();
81      }
82  
83      /**
84       * Does the User have this role?
85       *
86       * @param role The role to be checked.
87       * @return Whether the user has the role.
88       * @throws Exception Trouble validating.
89       */
90      public boolean hasRole(Role role)
91          throws Exception
92      {
93          if (!checkLogin())
94          {
95              return false;
96          }
97  
98          TurbineAccessControlList acl = data.getACL();
99          if (acl == null || !acl.hasRole(role))
100         {
101             data.setScreen(getFailScreen());
102             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
103             data.setMessage(getMessage());
104             return false;
105         }
106 
107         return true;
108     }
109 
110     /**
111      * Does the User have this permission?
112      *
113      * @param permission The permission to be checked.
114      * @return Whether the user has the permission.
115      * @throws Exception Trouble validating.
116      */
117     public boolean hasPermission(Permission permission)
118         throws Exception
119     {
120         boolean value = true;
121         TurbineAccessControlList acl = data.getACL();
122         if (acl == null || !acl.hasPermission(permission))
123         {
124             data.setScreen(getFailScreen());
125             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
126             data.setMessage(getMessage());
127             value = false;
128         }
129 
130         return value;
131     }
132 
133     /**
134      * Check that the user has logged in.
135      *
136      * @return True if user has logged in.
137      * @throws Exception a generic exception.
138      */
139     public boolean checkLogin()
140         throws Exception
141     {
142         boolean value = true;
143 
144         // Do it like the AccessController
145         TurbineUserManager userManager =
146         	(TurbineUserManager)TurbineServices
147         		.getInstance()
148         		.getService(TurbineUserManager.ROLE);
149 
150         if (!userManager.isAnonymousUser(data.getUser())
151             && !data.getUser().hasLoggedIn())
152         {
153             data.setMessage(Turbine.getConfiguration()
154                 .getString(TurbineConstants.LOGIN_MESSAGE));
155 
156             data.getTemplateInfo().setScreenTemplate(getFailTemplate());
157             value = false;
158         }
159 
160         return value;
161     }
162 
163     /**
164      * Set the message that should be displayed.  This is initialized
165      * in the constructor.
166      *
167      * @param v A String with the message that should be displayed.
168      */
169     public void setMessage(String v)
170     {
171         this.message = v;
172     }
173 
174     /**
175      * Get the message that should be displayed.  This is initialized
176      * in the constructor.
177      *
178      * @return A String with the message that should be displayed.
179      */
180     public String getMessage()
181     {
182         return message;
183     }
184 
185     /**
186      * Get the value of failScreen.
187      *
188      * @return A String with the value of failScreen.
189      */
190     public String getFailScreen()
191     {
192         return failScreen;
193     }
194 
195     /**
196      * Set the value of failScreen.
197      *
198      * @param v A String with the value of failScreen.
199      */
200     public void setFailScreen(String v)
201     {
202         this.failScreen = v;
203     }
204 
205     /**
206      * Get the value of failTemplate.
207      *
208      * @return A String with the value of failTemplate.
209      */
210     public String getFailTemplate()
211     {
212         return failTemplate;
213     }
214 
215     /**
216      * Set the value of failTemplate.
217      *
218      * @param v A String with the value of failTemplate.
219      */
220     public void setFailTemplate(String v)
221     {
222         this.failTemplate = v;
223     }
224 }