click-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sa...@apache.org
Subject svn commit: r1034985 - in /click/trunk/click/extras: src/org/apache/click/extras/control/ src/org/apache/click/extras/security/ test/org/apache/click/extras/control/ test/org/apache/click/extras/security/
Date Sun, 14 Nov 2010 11:47:38 GMT
Author: sabob
Date: Sun Nov 14 11:47:38 2010
New Revision: 1034985

URL: http://svn.apache.org/viewvc?rev=1034985&view=rev
Log:
added support for Menus that do not have roles defined. CLK-724

Added:
    click/trunk/click/extras/test/org/apache/click/extras/security/
    click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java
Modified:
    click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java
    click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
    click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
    click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java

Modified: click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java (original)
+++ click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java Sun Nov 14 11:47:38
2010
@@ -861,8 +861,13 @@ public class Menu extends AbstractContro
      * menus have the user in one of their menu roles. Otherwise the method will
      * return false.
      * <p/>
-     * This method internally uses the <tt>HttpServletRequest</tt> function <tt>isUserInRole(rolename)</tt>,
-     * where the rolenames are derived from the {@link #getRoles()} property.
+     * This method internally uses the
+     * {@link org.apache.click.extras.security.AccessController#hasAccess(javax.servlet.http.HttpServletRequest,
java.lang.String) AccessController#hasAccess(HttpServletRequest request, String roleName)}
+     * method where the rolenames are derived from the {@link #getRoles()} property.
+     * <p/>
+     * If no {@link #getRoles()} are defined the AccessController are invoked
+     * with a <tt>null</tt> argument to determine whether access is permitted
to
+     * menus without roles.
      *
      * @return true if the user is in one of the menu roles, or false otherwise
      * @throws IllegalStateException if the menu accessController is not defined
@@ -875,11 +880,16 @@ public class Menu extends AbstractContro
 
         HttpServletRequest request = getContext().getRequest();
 
-        for (int i = 0, size = getRoles().size(); i < size; i++) {
-            String rolename = getRoles().get(i);
-            if (getAccessController().hasAccess(request, rolename)) {
-                return true;
+        if (hasRoles()) {
+            for (int i = 0, size = getRoles().size(); i < size; i++) {
+                String rolename = getRoles().get(i);
+                if (getAccessController().hasAccess(request, rolename)) {
+                    return true;
+                }
             }
+        } else {
+            // Check access for menus without roles. CLK-724
+            return getAccessController().hasAccess(request, null);
         }
 
         return false;
@@ -1290,11 +1300,7 @@ public class Menu extends AbstractContro
      */
     protected boolean canRender(Menu menu, int depth) {
         // TODO add and check visible property
-        if (menu.hasRoles()) {
-            return menu.isUserInRoles();
-        } else {
-            return true;
-        }
+        return menu.isUserInRoles();
     }
 
     /**

Modified: click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java (original)
+++ click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java Sun
Nov 14 11:47:38 2010
@@ -30,6 +30,10 @@ public interface AccessController {
     /**
      * Return true if the user request has access to the specified security
      * resource (role, permission, authority).
+     * <p/>
+     * <b>Please note:</b> this method must cater for a <tt>null</tt>
resource
+     * argument. The given resource can be <tt>null</tt> for anonymous or public
+     * resources and allows this implementation to allow or deny access.
      *
      * @param request the user request
      * @param resource the security resource (role, permission, authority)

Modified: click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
(original)
+++ click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
Sun Nov 14 11:47:38 2010
@@ -31,6 +31,9 @@ public class RoleAccessController implem
 
     /**
      * Return true if the user is in the specified security access role.
+     * <p/>
+     * <b>Please note:</b> if role is <tt>null</tt> this method returns
true,
+     * meaning user has access to resources without roles defined.
      *
      * @see AccessController#hasAccess(HttpServletRequest, String)
      *
@@ -39,7 +42,11 @@ public class RoleAccessController implem
      * @return true if the user is in the specified role
      */
     public boolean hasAccess(HttpServletRequest request, String role) {
-        return request.isUserInRole(role);
+        if (role == null) {
+            return true;
+        } else {
+            return request.isUserInRole(role);
+        }
     }
 
 }

Modified: click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java (original)
+++ click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java Sun Nov 14
11:47:38 2010
@@ -18,9 +18,13 @@
  */
 package org.apache.click.extras.control;
 
+import java.util.Collections;
 import junit.framework.TestCase;
 import org.apache.click.MockContext;
 import org.apache.click.Page;
+import org.apache.click.extras.security.RoleAccessController;
+import org.apache.click.servlet.MockPrincipal;
+import org.apache.click.servlet.MockRequest;
 
 public class MenuTest extends TestCase {
 
@@ -57,6 +61,44 @@ public class MenuTest extends TestCase {
         assertEquals("Root Title", menu.getTitle());
     }
 
+    /**
+     * Check that menu without any roles defined (it's public) can be viewed by
+     * the user.
+     *
+     * CLK-724
+     */
+    public void testAccessForMenuWithoutRoles() {
+        // Setup
+        Menu menu = new Menu("menu");
+        RoleAccessController controller = new RoleAccessController();
+        menu.setAccessController(controller);
+
+        MockRequest request = new MockRequest();
+        String role = "userRole";
+        MockPrincipal principal = new MockPrincipal("bob", role);
+        request.setUserPrincipal(principal);
+
+        // Perform tests
+        assertTrue(menu.isUserInRoles());
+    }
+
+    public void testAccessForMenu() {
+        // Setup
+        Menu menu = new Menu("menu");
+        String role = "userRole";
+        menu.setRoles(Collections.singletonList(role));
+
+        RoleAccessController controller = new RoleAccessController();
+        menu.setAccessController(controller);
+
+        MockContext context = MockContext.initContext();
+        MockPrincipal principal = new MockPrincipal("bob", role);
+        context.getMockRequest().setUserPrincipal(principal);
+
+        // Perform tests
+        assertTrue(menu.isUserInRoles());
+    }
+
     public class MyMenu extends Menu {
         private static final long serialVersionUID = 1L;
 

Added: click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java?rev=1034985&view=auto
==============================================================================
--- click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java
(added)
+++ click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java
Sun Nov 14 11:47:38 2010
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.click.extras.security;
+
+import junit.framework.TestCase;
+import org.apache.click.servlet.MockPrincipal;
+import org.apache.click.servlet.MockRequest;
+
+/**
+ * Provides tests for RoleAccessController.
+ */
+public class RoleAccessControllerTest extends TestCase {
+
+    /**
+     * Sanity test for hasAccess.
+     */
+    public void testHasAccess() {
+        // Setup
+        RoleAccessController controller = new RoleAccessController();
+        MockRequest request = new MockRequest();
+        String role = "userRole";
+        MockPrincipal principal = new MockPrincipal("bob", role);
+        request.setUserPrincipal(principal);
+
+        // Perform tests
+        assertTrue(controller.hasAccess(request, role));
+    }
+
+    /**
+     * Check that hasAccess handles and null roles and allows access by default.
+     *
+     * CLK-724
+     */
+    public void testNullRoles() {
+        // Setup
+        RoleAccessController controller = new RoleAccessController();
+        MockRequest request = new MockRequest();
+        String role = "userRole";
+        MockPrincipal principal = new MockPrincipal("bob", role);
+        request.setUserPrincipal(principal);
+
+        role = null;
+
+        // Perform tests
+        assertTrue(controller.hasAccess(request, role));
+    }
+}



Mime
View raw message