1 /*
2 * $Id: RoleSecurityTagSupport.java 527536 2007-04-11 15:44:51Z apetrelli $
3 *
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
19 * under the License.
20 */
21 package org.apache.tiles.jsp.taglib;
22
23 import org.apache.commons.logging.Log;
24 import org.apache.commons.logging.LogFactory;
25 import org.apache.tiles.TilesException;
26
27 import javax.servlet.http.HttpServletRequest;
28 import javax.servlet.jsp.JspException;
29 import javax.servlet.jsp.tagext.BodyTagSupport;
30 import java.io.IOException;
31
32 /**
33 * Base tag for the tiles tags which provides standard support for security.
34 *
35 * @since Tiles 2.0
36 * @version $Rev: 527536 $ $Date: 2007-04-11 17:44:51 +0200 (Wed, 11 Apr 2007) $
37 */
38 public abstract class RoleSecurityTagSupport extends BodyTagSupport {
39
40 /**
41 * The log instance for this tag.
42 */
43 private static final Log LOG = LogFactory.getLog(RoleSecurityTagSupport.class);
44
45 /**
46 * The role to check. If the user is in the specified role, the tag is taken
47 * into account; otherwise, the tag is ignored (skipped).
48 */
49 private String role;
50
51 /**
52 * Returns the role to check. If the user is in the specified role, the tag is
53 * taken into account; otherwise, the tag is ignored (skipped).
54 *
55 * @return The role to check.
56 */
57 public String getRole() {
58 return role;
59 }
60
61 /**
62 * Sets the role to check. If the user is in the specified role, the tag is
63 * taken into account; otherwise, the tag is ignored (skipped).
64 *
65 * @param role The role to check.
66 */
67 public void setRole(String role) {
68 this.role = role;
69 }
70
71 /** {@inheritDoc} */
72 public int doEndTag() throws JspException {
73 try {
74 if (isAccessAllowed()) {
75 execute();
76 }
77 } catch (TilesException e) {
78 String message = "Error executing tag: " + e.getMessage();
79 LOG.error(message, e);
80 throw new JspException(message, e);
81 } catch (IOException io) {
82 String message = "IO Error executing tag: " + io.getMessage();
83 LOG.error(message, io);
84 throw new JspException(message, io);
85 }
86
87 return EVAL_PAGE;
88 }
89
90
91
92 /** {@inheritDoc} */
93 public void release() {
94 super.release();
95 this.role = null;
96 }
97
98 /**
99 * Executes the tag. It is called inside {@link #doEndTag()}.
100 *
101 * @throws TilesException If something goews wrong during the use of Tiles.
102 * @throws JspException If something goes wrong during rendering.
103 * @throws IOException If something goes wrong during writing content.
104 */
105 protected abstract void execute() throws TilesException, JspException, IOException;
106
107 /**
108 * Checks if the user is inside the specified role.
109 *
110 * @return <code>true</code> if the user is allowed to have the tag
111 * rendered.
112 */
113 protected boolean isAccessAllowed() {
114 HttpServletRequest req = (HttpServletRequest) pageContext.getRequest();
115 return (role == null || req.isUserInRole(role));
116 }
117 }
Save This Page