Coverage Report - org.apache.turbine.modules.actions.AccessController
 
Classes in this File Line Coverage Branch Coverage Complexity
AccessController
100%
16/16
66%
4/6
2,5
 
 1  
 package org.apache.turbine.modules.actions;
 2  
 
 3  
 /*
 4  
  * Licensed to the Apache Software Foundation (ASF) under one
 5  
  * or more contributor license agreements.  See the NOTICE file
 6  
  * distributed with this work for additional information
 7  
  * regarding copyright ownership.  The ASF licenses this file
 8  
  * to you under the Apache License, Version 2.0 (the
 9  
  * "License"); you may not use this file except in compliance
 10  
  * with the License.  You may obtain a copy of the License at
 11  
  *
 12  
  *   http://www.apache.org/licenses/LICENSE-2.0
 13  
  *
 14  
  * Unless required by applicable law or agreed to in writing,
 15  
  * software distributed under the License is distributed on an
 16  
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 17  
  * KIND, either express or implied.  See the License for the
 18  
  * specific language governing permissions and limitations
 19  
  * under the License.
 20  
  */
 21  
 
 22  
 import org.apache.commons.logging.Log;
 23  
 import org.apache.commons.logging.LogFactory;
 24  
 
 25  
 import org.apache.turbine.modules.Action;
 26  
 import org.apache.turbine.services.security.TurbineSecurity;
 27  
 import org.apache.turbine.util.RunData;
 28  
 import org.apache.turbine.util.security.AccessControlList;
 29  
 import org.apache.turbine.util.security.TurbineSecurityException;
 30  
 
 31  
 import org.apache.turbine.om.security.User;
 32  
 import org.apache.turbine.pipeline.PipelineData;
 33  
 
 34  
 /**
 35  
  * This action doPerforms an Access Control List and places it into
 36  
  * the RunData object, so it is easily available to modules.  The ACL
 37  
  * is also placed into the session.  Modules can null out the ACL to
 38  
  * force it to be rebuilt based on more information.
 39  
  *
 40  
  * <p>
 41  
  *
 42  
  * Turbine uses a User-Role-Permission arrangement for access control.
 43  
  * Users are assigned Roles.  Roles are assigned Permissions.  Turbine
 44  
  * modules then check the Permission required for an action or
 45  
  * information with the set of Permissions currently associated with
 46  
  * the session (which are dependent on the user associated with the
 47  
  * session.)
 48  
  *
 49  
  * <p>
 50  
  *
 51  
  * The criteria for assigning Roles/Permissions is application
 52  
  * dependent, in some cases an application may change a User's Roles
 53  
  * during the session.  To achieve flexibility, the ACL takes an
 54  
  * Object parameter, which the application can use to doPerform the
 55  
  * ACL.
 56  
  *
 57  
  * <p>
 58  
  *
 59  
  * This action is special in that it should only be executed by the
 60  
  * Turbine servlet.
 61  
  *
 62  
  * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
 63  
  * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
 64  
  * @author <a href="quintonm@bellsouth.net">Quinton McCombs</a>
 65  
  * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
 66  
  * @version $Id: AccessController.java 1066529 2011-02-02 17:01:46Z ludwig $
 67  
  */
 68  4
 public class AccessController
 69  
         extends Action
 70  
 {
 71  
 
 72  
     /** Logging */
 73  4
     private static Log log = LogFactory.getLog(AccessController.class);
 74  
 
 75  
     /**
 76  
      * If there is a user and the user is logged in, doPerform will
 77  
      * set the RunData ACL.  The list is first sought from the current
 78  
      * session, otherwise it is loaded through
 79  
      * <code>TurbineSecurity.getACL()</code> and added to the current
 80  
      * session.
 81  
      * @deprecated Use PipelineData version instead.
 82  
      * @see org.apache.turbine.services.security.TurbineSecurity
 83  
      * @param data Turbine information.
 84  
      * @exception TurbineSecurityException problem with the security service.
 85  
      */
 86  
     @Deprecated
 87  
     @Override
 88  
     public void doPerform(RunData data)
 89  
             throws TurbineSecurityException
 90  
     {
 91  4
         User user = data.getUser();
 92  
 
 93  4
         if (!TurbineSecurity.isAnonymousUser(user)
 94  
             && user.hasLoggedIn())
 95  
         {
 96  2
             log.debug("Fetching ACL for " + user.getName());
 97  2
             AccessControlList acl = (AccessControlList)
 98  
                     data.getSession().getAttribute(
 99  
                             AccessControlList.SESSION_KEY);
 100  2
             if (acl == null)
 101  
             {
 102  2
                 log.debug("No ACL found in Session, building fresh ACL");
 103  2
                 acl = TurbineSecurity.getACL(user);
 104  2
                 data.getSession().setAttribute(
 105  
                         AccessControlList.SESSION_KEY, acl);
 106  
 
 107  2
                 log.debug("ACL is " + acl);
 108  
             }
 109  2
             data.setACL(acl);
 110  
         }
 111  4
     }
 112  
 
 113  
     /**
 114  
      * If there is a user and the user is logged in, doPerform will
 115  
      * set the RunData ACL.  The list is first sought from the current
 116  
      * session, otherwise it is loaded through
 117  
      * <code>TurbineSecurity.getACL()</code> and added to the current
 118  
      * session.
 119  
      *
 120  
      * @see org.apache.turbine.services.security.TurbineSecurity
 121  
      * @param data Turbine information.
 122  
      * @exception TurbineSecurityException problem with the security service.
 123  
      */
 124  
     @Override
 125  
     public void doPerform(PipelineData pipelineData)
 126  
             throws TurbineSecurityException
 127  
     {
 128  4
         RunData data = getRunData(pipelineData);
 129  4
         doPerform(data);
 130  4
     }
 131  
 }