click-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From med...@apache.org
Subject svn commit: r768527 - in /incubator/click/trunk/click/extras/src/org/apache/click/extras: control/Menu.java security/ security/AccessController.java security/RoleAccessController.java security/package.html spring/package.html
Date Sat, 25 Apr 2009 13:48:44 GMT
Author: medgar
Date: Sat Apr 25 13:48:43 2009
New Revision: 768527

URL: http://svn.apache.org/viewvc?rev=768527&view=rev
Log:
CLK-406

Added:
    incubator/click/trunk/click/extras/src/org/apache/click/extras/security/
    incubator/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
    incubator/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
    incubator/click/trunk/click/extras/src/org/apache/click/extras/security/package.html
Modified:
    incubator/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java
    incubator/click/trunk/click/extras/src/org/apache/click/extras/spring/package.html

Modified: incubator/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java?rev=768527&r1=768526&r2=768527&view=diff
==============================================================================
--- incubator/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java (original)
+++ incubator/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java Sat Apr
25 13:48:43 2009
@@ -25,9 +25,12 @@
 import java.util.StringTokenizer;
 
 import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
 
 import org.apache.click.Context;
 import org.apache.click.control.AbstractControl;
+import org.apache.click.extras.security.AccessController;
+import org.apache.click.extras.security.RoleAccessController;
 import org.apache.click.service.ConfigService;
 import org.apache.click.util.ClickUtils;
 import org.apache.click.util.HtmlStringBuffer;
@@ -197,6 +200,9 @@
 
     // ----------------------------------------------------- Instance Variables
 
+    /** The menu security access controller. */
+    protected AccessController accessController;
+
     /** The list of submenu items. */
     protected List children = new ArrayList();
 
@@ -242,7 +248,7 @@
     // ----------------------------------------------------------- Constructors
 
     /**
-     * Create a root Menu instance.
+     * Create a new Menu instance.
      */
     public Menu() {
     }
@@ -259,12 +265,18 @@
     /**
      * Create a Menu from the given menu-item XML Element.
      *
-     * @param menuElement the menu-item XML Element.
+     * @param menuElement the menu-item XML Element
+     * @param accessController the menu access controller
      */
-    protected Menu(Element menuElement) {
+    protected Menu(Element menuElement, AccessController accessController) {
         if (menuElement == null) {
             throw new IllegalArgumentException("Null menuElement parameter");
         }
+        if (accessController == null) {
+            throw new IllegalArgumentException("Null accessController parameter");
+        }
+
+        setAccessController(accessController);
 
         setLabel(menuElement.getAttribute("label"));
 
@@ -314,7 +326,8 @@
         for (int i = 0, size = childElements.getLength(); i < size; i++) {
             Node node = childElements.item(i);
             if (node instanceof Element) {
-                getChildren().add(new Menu((Element) node));
+                Menu childMenu = new Menu((Element) node, accessController);
+                getChildren().add(childMenu);
             }
         }
     }
@@ -322,19 +335,37 @@
     // ---------------------------------------------------- Constructor Methods
 
     /**
-     * Return root menu item defined in the WEB-INF/menu.xml file or menu.xml in
-     * the root classpath.
+     * Return root menu item defined in the WEB-INF/menu.xml or classpath
+     * menu.xml, and which uses JEE Role Based Access Control (RBAController).
+     *
+     * @see RoleAccessController
      *
      * @return the root menu item defined in the WEB-INF/menu.xml file or menu.xml
      * in the root classpath
      */
     public static Menu getRootMenu() {
+        return getRootMenu(new RoleAccessController());
+    }
+
+    /**
+     * Return root menu item defined in the WEB-INF/menu.xml or classpath
+     * menu.xml, and which uses the provided AccessController.
+     *
+     * @param accessController the menu access controller
+     * @return the root menu item defined in the WEB-INF/menu.xml file or menu.xml
+     * in the root classpath
+     */
+    public static Menu getRootMenu(AccessController accessController) {
+        if (accessController == null) {
+            throw new IllegalArgumentException("Null accessController parameter");
+        }
+
         // If menu is cached return it
         if (rootMenu != null) {
             return rootMenu;
         }
 
-        Menu loadedMenu = loadRootMenu();
+        Menu loadedMenu = loadRootMenu(accessController);
 
         ServletContext servletContext = Context.getThreadLocalContext().getServletContext();
         ConfigService configService = ClickUtils.getConfigService(servletContext);
@@ -350,6 +381,24 @@
     // ------------------------------------------------------ Public Attributes
 
     /**
+     * Return the menu access controller.
+     *
+     * @return the menu access controller
+     */
+    public AccessController getAccessController() {
+        return accessController;
+    }
+
+    /**
+     * Set the menu access controller.
+     *
+     * @param accessController the menu access controller
+     */
+    public void setAccessController(AccessController accessController) {
+        this.accessController = accessController;
+    }
+
+    /**
      * Return list of of submenu items.
      *
      * @return the list of submenu items
@@ -541,10 +590,11 @@
      * @return true if the user is in one of the menu roles, or false otherwise
      */
     public boolean isUserInRoles() {
-        Context context = getContext();
+        HttpServletRequest request = getContext().getRequest();
+
         for (Iterator i = getRoles().iterator(); i.hasNext();) {
             String rolename = (String) i.next();
-            if (context.getRequest().isUserInRole(rolename)) {
+            if (getAccessController().hasAccess(request, rolename)) {
                 return true;
             }
         }
@@ -809,12 +859,18 @@
      * <p/>
      * The returned root menu is always selected.
      *
+     * @param accessController the menu access controller
      * @return a copy of the application's root Menu
      */
-    protected static Menu loadRootMenu() {
+    protected static Menu loadRootMenu(AccessController accessController) {
+        if (accessController == null) {
+            throw new IllegalArgumentException("Null accessController parameter");
+        }
+
         Context context = Context.getThreadLocalContext();
 
         Menu menu = new Menu("rootMenu");
+        menu.setAccessController(accessController);
 
         ServletContext servletContext = context.getServletContext();
         InputStream inputStream =
@@ -837,7 +893,8 @@
         for (int i = 0; i < list.getLength(); i++) {
             Node node = list.item(i);
             if (node instanceof Element) {
-                menu.getChildren().add(new Menu((Element) node));
+                Menu childMenu = new Menu((Element) node, accessController);
+                menu.getChildren().add(childMenu);
             }
         }
 

Added: incubator/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java?rev=768527&view=auto
==============================================================================
--- incubator/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
(added)
+++ incubator/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
Sat Apr 25 13:48:43 2009
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.click.extras.security;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Provides an interface for controlling request access to security
+ * resources. A security resource is an abstract term which may refer to a
+ * role, permission or authority.
+ *
+ * @author Malcolm Edgar
+ */
+public interface AccessController {
+
+    /**
+     * Return true if the user request has access to the specified security
+     * resource (role, permission, authority).
+     *
+     * @param request the user request
+     * @param resource the security resource (role, permission, authority)
+     * @return true if the specified user request has access to the security
+     *         resource
+     */
+    public boolean hasAccess(HttpServletRequest request, String resource);
+
+}

Added: incubator/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java?rev=768527&view=auto
==============================================================================
--- incubator/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
(added)
+++ incubator/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
Sat Apr 25 13:48:43 2009
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.click.extras.security;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Provides a Role based access controller class. This access controller uses the
+ * JEE servlet container to determine whether an authenticated user has access
+ * to a specified role.
+ *
+ * @author Malcolm Edgar
+ */
+public class RoleAccessController implements AccessController {
+
+    /**
+     * Return true if the user is in the specified security access role.
+     *
+     * @see AccessController#hasAccess(HttpServletRequest, String)
+     *
+     * @param request the user request
+     * @param role the security access role to check
+     * @return true if the user is in the specified role
+     */
+    public boolean hasAccess(HttpServletRequest request, String role) {
+        return request.isUserInRole(role);
+    }
+
+}

Added: incubator/click/trunk/click/extras/src/org/apache/click/extras/security/package.html
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/extras/src/org/apache/click/extras/security/package.html?rev=768527&view=auto
==============================================================================
--- incubator/click/trunk/click/extras/src/org/apache/click/extras/security/package.html (added)
+++ incubator/click/trunk/click/extras/src/org/apache/click/extras/security/package.html Sat
Apr 25 13:48:43 2009
@@ -0,0 +1,3 @@
+<body>
+Provides security access control classes.
+</body>
\ No newline at end of file

Modified: incubator/click/trunk/click/extras/src/org/apache/click/extras/spring/package.html
URL: http://svn.apache.org/viewvc/incubator/click/trunk/click/extras/src/org/apache/click/extras/spring/package.html?rev=768527&r1=768526&r2=768527&view=diff
==============================================================================
--- incubator/click/trunk/click/extras/src/org/apache/click/extras/spring/package.html (original)
+++ incubator/click/trunk/click/extras/src/org/apache/click/extras/spring/package.html Sat
Apr 25 13:48:43 2009
@@ -18,5 +18,5 @@
 -->
 
 <body>
-Provides the Spring integration SpringClickServlet.
+Provides Spring integration with the SpringClickServlet and PageScopeResolver classes.
 </body>
\ No newline at end of file



Mime
View raw message