001    package org.apache.turbine.util.template;
002    
003    
004    /*
005     * Licensed to the Apache Software Foundation (ASF) under one
006     * or more contributor license agreements.  See the NOTICE file
007     * distributed with this work for additional information
008     * regarding copyright ownership.  The ASF licenses this file
009     * to you under the Apache License, Version 2.0 (the
010     * "License"); you may not use this file except in compliance
011     * with the License.  You may obtain a copy of the License at
012     *
013     *   http://www.apache.org/licenses/LICENSE-2.0
014     *
015     * Unless required by applicable law or agreed to in writing,
016     * software distributed under the License is distributed on an
017     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
018     * KIND, either express or implied.  See the License for the
019     * specific language governing permissions and limitations
020     * under the License.
021     */
022    
023    
024    import org.apache.turbine.Turbine;
025    import org.apache.turbine.TurbineConstants;
026    import org.apache.turbine.om.security.Permission;
027    import org.apache.turbine.om.security.Role;
028    import org.apache.turbine.services.security.TurbineSecurity;
029    import org.apache.turbine.services.template.TurbineTemplate;
030    import org.apache.turbine.util.RunData;
031    
032    /**
033     * Utility class to help check for proper authorization when using
034     * template screens.  Sample usages:
035     *
036     * <p><pre><code>
037     * TemplateSecurityCheck secCheck = new TemplateSecurityCheck( data );
038     * secCheck.setMessage( "Sorry, you do not have permission to " +
039     *                      "access this area." );
040     * secCheck.setFailTemplate("login.wm");
041     * if ( !secCheck.hasRole("ADMIN") )
042     *     return;
043     * </pre></code>
044     *
045     * @author <a href="mbryson@mont.mindspring.com">Dave Bryson</a>
046     * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
047     * @version $Id: TemplateSecurityCheck.java 615328 2008-01-25 20:25:05Z tv $
048     */
049    public class TemplateSecurityCheck
050    {
051        private String message =
052                "Sorry, you do not have permission to access this area.";
053        private String failScreen = TurbineTemplate.getDefaultScreen();
054        private String failTemplate;
055        private RunData data = null;
056    
057        /**
058         * Constructor.
059         *
060         * @param data A Turbine RunData object.
061         * @param message A String with the message to display upon
062         * failure.
063         */
064        public TemplateSecurityCheck(RunData data, String message)
065        {
066            this.data = data;
067            this.message = message;
068        }
069    
070        /**
071         * Generic Constructor.
072         *
073         * @param data A Turbine RunData object.
074         */
075        public TemplateSecurityCheck(RunData data)
076        {
077            this.data = data;
078        }
079    
080        /**
081         * Does the User have this role?
082         *
083         * @param role The role to be checked.
084         * @return Whether the user has the role.
085         * @exception Exception Trouble validating.
086         */
087        public boolean hasRole(Role role)
088            throws Exception
089        {
090            if (!checkLogin())
091            {
092                return false;
093            }
094    
095            if (data.getACL() == null || !data.getACL().hasRole(role))
096            {
097                data.setScreen(getFailScreen());
098                data.getTemplateInfo().setScreenTemplate(getFailTemplate());
099                data.setMessage(getMessage());
100                return false;
101            }
102    
103            return true;
104        }
105    
106        /**
107         * Does the User have this permission?
108         *
109         * @param permission The permission to be checked.
110         * @return Whether the user has the permission.
111         * @exception Exception Trouble validating.
112         */
113        public boolean hasPermission(Permission permission)
114            throws Exception
115        {
116            boolean value = true;
117            if (data.getACL() == null || !data.getACL().hasPermission(permission))
118            {
119                data.setScreen(getFailScreen());
120                data.getTemplateInfo().setScreenTemplate(getFailTemplate());
121                data.setMessage(getMessage());
122                value = false;
123            }
124    
125            return value;
126        }
127    
128        /**
129         * Check that the user has logged in.
130         *
131         * @return True if user has logged in.
132         * @exception Exception, a generic exception.
133         */
134        public boolean checkLogin()
135            throws Exception
136        {
137            boolean value = true;
138    
139            // Do it like the AccessController
140            if (!TurbineSecurity.isAnonymousUser(data.getUser())
141                && !data.getUser().hasLoggedIn())
142            {
143                data.setMessage(Turbine.getConfiguration()
144                    .getString(TurbineConstants.LOGIN_MESSAGE));
145    
146                data.getTemplateInfo().setScreenTemplate(getFailTemplate());
147                value = false;
148            }
149    
150            return value;
151        }
152    
153        /**
154         * Set the message that should be displayed.  This is initialized
155         * in the constructor.
156         *
157         * @param v A String with the message that should be displayed.
158         */
159        public void setMessage(String v)
160        {
161            this.message = v;
162        }
163    
164        /**
165         * Get the message that should be displayed.  This is initialized
166         * in the constructor.
167         *
168         * @return A String with the message that should be displayed.
169         */
170        public String getMessage()
171        {
172            return message;
173        }
174    
175        /**
176         * Get the value of failScreen.
177         *
178         * @return A String with the value of failScreen.
179         */
180        public String getFailScreen()
181        {
182            return failScreen;
183        }
184    
185        /**
186         * Set the value of failScreen.
187         *
188         * @param v A String with the value of failScreen.
189         */
190        public void setFailScreen(String v)
191        {
192            this.failScreen = v;
193        }
194    
195        /**
196         * Get the value of failTemplate.
197         *
198         * @return A String with the value of failTemplate.
199         */
200        public String getFailTemplate()
201        {
202            return failTemplate;
203        }
204    
205        /**
206         * Set the value of failTemplate.
207         *
208         * @param v A String with the value of failTemplate.
209         */
210        public void setFailTemplate(String v)
211        {
212            this.failTemplate = v;
213        }
214    }