View Javadoc

1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  package org.cateproject.view.authz;
16  
17  import org.springframework.security.taglibs.authz.AccessControlListTag;
18  import org.springframework.security.taglibs.authz.AuthenticationTag;
19  import org.springframework.security.taglibs.authz.AuthorizeTag;
20  import org.springframework.security.taglibs.velocity.Authz;
21  
22  import org.springframework.context.ApplicationContext;
23  
24  import javax.servlet.jsp.JspException;
25  import javax.servlet.jsp.PageContext;
26  import javax.servlet.jsp.tagext.Tag;
27  
28  
29  /**
30   * I decided to wrap several JSP tag in one class, so I have to using inner class to wrap these JSP tag.  To using
31   * this class, you need to inject Spring Context via SetAppCtx() method. AclTag need Spring Context to get AclManger
32   * bean.
33   */
34  public class AuthzImpl implements Authz {
35      //~ Static fields/initializers =====================================================================================
36  
37      static final int ALL_GRANTED = 1;
38      static final int ANY_GRANTED = 2;
39      static final int NONE_GRANTED = 3;
40  
41      //~ Instance fields ================================================================================================
42  
43      private ApplicationContext appCtx;
44  
45      //~ Methods ========================================================================================================
46  
47      public boolean allGranted(String roles) {
48          return ifGranted(roles, ALL_GRANTED);
49      }
50  
51      public boolean anyGranted(String roles) {
52          return ifGranted(roles, ANY_GRANTED);
53      }
54  
55      public ApplicationContext getAppCtx() {
56          return appCtx;
57      }
58  
59      /**
60       * implementation of AuthenticationTag
61       *
62       * @return DOCUMENT ME!
63       *
64       * @throws IllegalArgumentException DOCUMENT ME!
65       */
66      public String getPrincipal() {
67          MyAuthenticationTag authenticationTag = new MyAuthenticationTag();
68  
69          authenticationTag.setProperty("name");
70  
71          try {
72              authenticationTag.doStartTag();
73              authenticationTag.doEndTag();
74          } catch (JspException je) {
75              je.printStackTrace();
76              return null;
77          }
78  
79          return authenticationTag.getLastMessage();
80      }
81  
82      /**
83       * implementation of AclTag
84       *
85       * @param domainObject DOCUMENT ME!
86       * @param permissions DOCUMENT ME!
87       *
88       * @return DOCUMENT ME!
89       *
90       * @throws IllegalArgumentException DOCUMENT ME!
91       */
92      public boolean hasPermission(Object domainObject, String permissions) {
93          MyAclTag aclTag = new MyAclTag();
94          aclTag.setPageContext(null);
95          aclTag.setContext(getAppCtx());
96          aclTag.setDomainObject(domainObject);
97          aclTag.setHasPermission(permissions);
98  
99          int result = -1;
100 
101         try {
102             result = aclTag.doStartTag();
103         } catch (JspException je) {
104             throw new IllegalArgumentException(je.getMessage());
105         }
106 
107         if (Tag.EVAL_BODY_INCLUDE == result) {
108             return true;
109         } else {
110             return false;
111         }
112     }
113 
114     /**
115      * implementation of AuthorizeTag
116      *
117      * @param roles DOCUMENT ME!
118      * @param grantType DOCUMENT ME!
119      *
120      * @return DOCUMENT ME!
121      *
122      * @throws IllegalArgumentException DOCUMENT ME!
123      */
124     private boolean ifGranted(String roles, int grantType) {
125         AuthorizeTag authorizeTag = new AuthorizeTag();
126 
127         int result = -1;
128 
129         try {
130             switch (grantType) {
131             case ALL_GRANTED:
132                 authorizeTag.setIfAllGranted(roles);
133 
134                 break;
135 
136             case ANY_GRANTED:
137                 authorizeTag.setIfAnyGranted(roles);
138 
139                 break;
140 
141             case NONE_GRANTED:
142                 authorizeTag.setIfNotGranted(roles);
143 
144                 break;
145 
146             default:
147                 throw new IllegalArgumentException("invalid granted type : " + grantType + " role=" + roles);
148             }
149 
150             result = authorizeTag.doStartTag();
151         } catch (JspException je) {
152             throw new IllegalArgumentException(je.getMessage());
153         }
154 
155         if (Tag.EVAL_BODY_INCLUDE == result) {
156             return true;
157         } else {
158             return false;
159         }
160     }
161 
162     public boolean noneGranted(String roles) {
163         return ifGranted(roles, NONE_GRANTED);
164     }
165 
166     /**
167      * test case can use this class to mock application context with aclManager bean in it.
168      *
169      * @param appCtx DOCUMENT ME!
170      */
171     public void setAppCtx(ApplicationContext appCtx) {
172         this.appCtx = appCtx;
173     }
174 
175     //~ Inner Classes ==================================================================================================
176 
177     /**
178      * AclTag need to access the application context via the <code> WebApplicationContextUtils</code> and
179      * locate an {@link AclManager}. WebApplicationContextUtils get application context via ServletContext. I decided
180      * to let the Authz provide the Spring application context.
181      */
182     private class MyAclTag extends AccessControlListTag {
183         private static final long serialVersionUID = 6752340622125924108L;
184         ApplicationContext context;
185 
186         protected ApplicationContext getContext(PageContext pageContext) {
187             return context;
188         }
189 
190         protected void setContext(ApplicationContext context) {
191             this.context = context;
192         }
193     }
194 
195     /**
196      * it must output somthing to JSP page, so have to override the writeMessage method to avoid JSP related
197      * operation. Get Idea from Acegi Test class.
198      */
199     private class MyAuthenticationTag extends AuthenticationTag {
200         private static final long serialVersionUID = -1094246833893599161L;
201         String lastMessage = null;
202 
203         public String getLastMessage() {
204             return lastMessage;
205         }
206 
207         protected void writeMessage(String msg) throws JspException {
208             lastMessage = msg;
209         }
210     }
211 }