Coverage Report - org.apache.turbine.modules.screens.JSONSecureScreen
 
Classes in this File Line Coverage Branch Coverage Complexity
JSONSecureScreen
0%
0/7
0%
0/4
1,5
 
 1  
 package org.apache.turbine.modules.screens;
 2  
 
 3  
 /*
 4  
  * Licensed to the Apache Software Foundation (ASF) under one
 5  
  * or more contributor license agreements.  See the NOTICE file
 6  
  * distributed with this work for additional information
 7  
  * regarding copyright ownership.  The ASF licenses this file
 8  
  * to you under the Apache License, Version 2.0 (the
 9  
  * "License"); you may not use this file except in compliance
 10  
  * with the License.  You may obtain a copy of the License at
 11  
  *
 12  
  *   http://www.apache.org/licenses/LICENSE-2.0
 13  
  *
 14  
  * Unless required by applicable law or agreed to in writing,
 15  
  * software distributed under the License is distributed on an
 16  
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 17  
  * KIND, either express or implied.  See the License for the
 18  
  * specific language governing permissions and limitations
 19  
  * under the License.
 20  
  */
 21  
 
 22  
 import org.apache.turbine.pipeline.PipelineData;
 23  
 import org.apache.turbine.util.RunData;
 24  
 
 25  
 /**
 26  
  * An extension to JSONScreen that performs a Security Check before invoking
 27  
  * doBuildTemplate().  You should extend this class and add the specific
 28  
  * security check needed.  If you have a number of screens that need to perform
 29  
  * the same check, you could make a base screen by extending this class and
 30  
  * implementing the isAuthorized().  Then each screen that needs to perform the
 31  
  * same check could extend your base screen.
 32  
  * 
 33  
  * <p>Typically you would extend this class and override the doOutput() method
 34  
  * to use TurbineJsonRpc to register the POJOs that will provide the functions
 35  
  * you are making available via JSON-RPC.  Use JSONScreen if you <p>do not</b>
 36  
  * need the user to be logged in prior to executing the functions you provide.
 37  
  *
 38  
  * <p>Here is an example from a superclass:
 39  
  * <code>
 40  
  * public void doOutput(RunData data) throws Exception
 41  
  * {
 42  
  *     User user = data.getUser();
 43  
  *
 44  
  *     MySecureJsonFunctions myFunctions
 45  
  *             = new MySecureJsonFunctions(user.getName());
 46  
  *
 47  
  *     // Session specific
 48  
  *     TurbineJsonRpc.registerObject(data.getSession(), "myFunctions", myFunctions);
 49  
  *
 50  
  *     // Global
 51  
  *     //TurbineJsonRpc.registerObjectGlobal("testGlobal", testObject);
 52  
  *
 53  
  *     super.doOutput(data);
 54  
  * }
 55  
  * </code>
 56  
  * 
 57  
  * <p>The class MyFunctions would be something like:
 58  
  * <code>
 59  
  * public class MySecureJsonFunctions
 60  
  * {
 61  
  *     private final String name;
 62  
  *
 63  
  *     public MySecureJsonFunctions(String name)
 64  
  *     {
 65  
  *         this.name = name;
 66  
  *     }
 67  
  *
 68  
  *     private String getName(String clientParameter)
 69  
  *     {
 70  
  *         return "Client " + clientParameter + " says Hello World to " + name;
 71  
  *     }
 72  
  * }
 73  
  * </code>
 74  
  *
 75  
  * @author <a href="mailto:seade@policypoint.net">Scott Eade</a>
 76  
  * @version $Id: JSONSecureScreen.java 958672 2010-06-28 18:42:04Z tv $
 77  
  */
 78  0
 public abstract class JSONSecureScreen extends JSONScreen
 79  
 {
 80  
     /**
 81  
      * This method overrides the method in JSONScreen to perform a security
 82  
      * check prior to producing the output.
 83  
      *
 84  
      * @param data Turbine information.
 85  
      * @exception Exception, a generic exception.
 86  
      * @deprecated Use PipelineData version instead.
 87  
      */
 88  
     protected void doOutput(RunData data) throws Exception
 89  
     {
 90  0
         if (isAuthorized(data))
 91  
         {
 92  0
             super.doOutput(data);
 93  
         }
 94  0
     }
 95  
 
 96  
     /**
 97  
      * Override this method to perform the necessary security checks.
 98  
      *
 99  
      * @param data Turbine information.
 100  
      * @return <code>true</code> if the user is authorized to access the screen.
 101  
      * @exception Exception A generic exception.
 102  
      * @deprecated Use PipelineData version instead.
 103  
      */
 104  
     protected abstract boolean isAuthorized(RunData data)
 105  
             throws Exception;
 106  
 
 107  
     /**
 108  
      * This method overrides the method in JSONScreen to perform a security
 109  
      * check prior to producing the output.
 110  
      *
 111  
      * @param pipelineData Turbine information.
 112  
      * @exception Exception, a generic exception.
 113  
      */
 114  
     protected void doOutput(PipelineData pipelineData) throws Exception
 115  
     {
 116  0
         if (isAuthorized(pipelineData))
 117  
         {
 118  0
             super.doOutput(pipelineData);
 119  
         }
 120  0
     }
 121  
 
 122  
     /**
 123  
      * Override this method to perform the necessary security checks.
 124  
      *
 125  
      * @param pipelineData Turbine information.
 126  
      * @return <code>true</code> if the user is authorized to access the screen.
 127  
      * @exception Exception A generic exception.
 128  
      */
 129  
     protected abstract boolean isAuthorized(PipelineData pipelineData)
 130  
             throws Exception;
 131  
 }