KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > Yasna > forum > tags > AuthorizeTag


1 /**
2  * Copyright (C) 2001 Yasna.com. All rights reserved.
3  *
4  * ===================================================================
5  * The Apache Software License, Version 1.1
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  * notice, this list of conditions and the following disclaimer.
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  * notice, this list of conditions and the following disclaimer in
16  * the documentation and/or other materials provided with the
17  * distribution.
18  *
19  * 3. The end-user documentation included with the redistribution,
20  * if any, must include the following acknowledgment:
21  * "This product includes software developed by
22  * Yasna.com (http://www.yasna.com)."
23  * Alternately, this acknowledgment may appear in the software itself,
24  * if and wherever such third-party acknowledgments normally appear.
25  *
26  * 4. The names "Yazd" and "Yasna.com" must not be used to
27  * endorse or promote products derived from this software without
28  * prior written permission. For written permission, please
29  * contact yazd@yasna.com.
30  *
31  * 5. Products derived from this software may not be called "Yazd",
32  * nor may "Yazd" appear in their name, without prior written
33  * permission of Yasna.com.
34  *
35  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38  * DISCLAIMED. IN NO EVENT SHALL YASNA.COM OR
39  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
46  * SUCH DAMAGE.
47  * ====================================================================
48  *
49  * This software consists of voluntary contributions made by many
50  * individuals on behalf of Yasna.com. For more information
51  * on Yasna.com, please see <http://www.yasna.com>.
52  */

53
54 /**
55  * Copyright (C) 2000 CoolServlets.com. All rights reserved.
56  *
57  * ===================================================================
58  * The Apache Software License, Version 1.1
59  *
60  * Redistribution and use in source and binary forms, with or without
61  * modification, are permitted provided that the following conditions
62  * are met:
63  *
64  * 1. Redistributions of source code must retain the above copyright
65  * notice, this list of conditions and the following disclaimer.
66  *
67  * 2. Redistributions in binary form must reproduce the above copyright
68  * notice, this list of conditions and the following disclaimer in
69  * the documentation and/or other materials provided with the
70  * distribution.
71  *
72  * 3. The end-user documentation included with the redistribution,
73  * if any, must include the following acknowledgment:
74  * "This product includes software developed by
75  * CoolServlets.com (http://www.coolservlets.com)."
76  * Alternately, this acknowledgment may appear in the software itself,
77  * if and wherever such third-party acknowledgments normally appear.
78  *
79  * 4. The names "Jive" and "CoolServlets.com" must not be used to
80  * endorse or promote products derived from this software without
81  * prior written permission. For written permission, please
82  * contact webmaster@coolservlets.com.
83  *
84  * 5. Products derived from this software may not be called "Jive",
85  * nor may "Jive" appear in their name, without prior written
86  * permission of CoolServlets.com.
87  *
88  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
89  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
90  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
91  * DISCLAIMED. IN NO EVENT SHALL COOLSERVLETS.COM OR
92  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
93  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
94  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
95  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
96  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
97  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
98  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
99  * SUCH DAMAGE.
100  * ====================================================================
101  *
102  * This software consists of voluntary contributions made by many
103  * individuals on behalf of CoolServlets.com. For more information
104  * on CoolServlets.com, please see <http://www.coolservlets.com>.
105  */

106
107 package com.Yasna.forum.tags;
108
109 import java.util.*;
110 import javax.servlet.*;
111 import javax.servlet.jsp.*;
112 import javax.servlet.jsp.tagext.*;
113 import javax.servlet.http.*;
114 import com.Yasna.forum.*;
115 import com.Yasna.forum.tags.*;
116
117 /**
118  * JSP Tag <b>authorize</b>, used to authorize a Yazd user session.
119  * <p>
120  * Requires that attribute <b>id</b> be set to the name of a
121  * script variable for later use in JSP to retrieve YazdRequest data
122  * using &lt;jsp:getProperty/&gt;.
123  * <p>
124  * If optional attribute <b>anonymous</b>="true" anonymous users
125  * are allowed to use the JSP page.
126  * <p>
127  * If authorize fails a user error is set, the body of the authorize tag is
128  * included, and the remainder of the page is skipped.
129  * <p>
130  * Retrieves session information for user and will create session information
131  * for a new anonymous user.
132  * <p>
133  * Updates state information about the users session from the following
134  * HTTP input parameters
135  * <p><ul>
136  * <li><b>forum</b> - current forum user is viewing
137  * <li><b>thread</b> - current thread user is viewing
138  * <li><b>message</b> - current message user is viewing
139  * </ul>
140  * <p>
141  * JSP Tag Lib Descriptor
142  * <p><pre>
143  * &lt;name&gt;authorize&lt;/name&gt;
144  * &lt;tagclass&gt;com.Yasna.forum.tags.AuthorizeTag&lt;/tagclass&gt;
145  * &lt;bodycontent&gt;JSP&lt;/bodycontent&gt;
146  * &lt;info&gt;Authorize Yazd user and initialize forum, thread, and message parameters.&lt;/info&gt;
147  * &lt;attribute&gt;
148  * &lt;name&gt;anonymous&lt;/name&gt;
149  * &lt;required&gt;false&lt;/required&gt;
150  * &lt;rtexprvalue&gt;false&lt;/rtexprvalue&gt;
151  * &lt;/attribute&gt;
152  * </pre>
153  *
154  * @see YazdState
155  * @see YazdRequest
156  *
157  * @see ErrorTag
158  * @see ErrorLoopTag
159  *
160  * @author Glenn Nielsen
161  */

162
163 public class AuthorizeTag extends TagSupport
164 {
165   private YazdState js = null;
166   private YazdRequest jr = null;
167   private Authorization auth = null;
168   // Flag indicating anonymous user can view page
169
boolean anonymous = false;
170   // Flag indicating that authorization failed
171
private boolean not_authorized = false;
172
173   /**
174    * Retrieves session information for user and will create session information
175    * for a new anonymous user.
176    *
177    * @throws JspException on system level error
178    *
179    * @return <b>SKIP_BODY</b> if user is authorized for page, <b>EVAL_BODY_INCLUDE</b> if user is not authorized.
180    */

181
182   public final int doStartTag() throws JspException
183   {
184     String JavaDoc tmp;
185
186     // Get user state information, create new if needed
187
js = (YazdState)pageContext.getAttribute("yazdUserState",
188         PageContext.SESSION_SCOPE);
189     if( js == null ) {
190       js = new YazdState();
191       pageContext.setAttribute("yazdUserState",js,PageContext.SESSION_SCOPE);
192     }
193
194     // Initialize user request information
195
jr = (YazdRequest)pageContext.getAttribute("yazdUserRequest",
196                 PageContext.REQUEST_SCOPE);
197     if( jr == null ) {
198       jr = new YazdRequest();
199       pageContext.setAttribute("yazdUserRequest",jr,PageContext.REQUEST_SCOPE);
200     }
201     pageContext.setAttribute(id,jr,PageContext.PAGE_SCOPE);
202     jr.setYazdState(js);
203
204     auth = (Authorization)js.getAuthorization();
205     if( auth == null ) {
206       // Create new authorization for an anonymous user
207
auth = AuthorizationFactory.getAnonymousAuthorization();
208       js.setAuthorization(auth);
209       // Initialize default settings for anonymous user from yazd.tag.properties
210
int val;
211       tmp = TagPropertyManager.getTagProperty(YazdState.MESSAGE_DEPTH);
212       if( tmp != null ) {
213         try {
214           val = Integer.valueOf(tmp).intValue();
215       js.setMessageDepth(val);
216     } catch(NumberFormatException JavaDoc e) {
217     }
218       }
219       tmp = TagPropertyManager.getTagProperty(YazdState.THREAD_DEPTH);
220       if( tmp != null ) {
221         try {
222           val = Integer.valueOf(tmp).intValue();
223           js.setThreadDepth(val);
224         } catch(NumberFormatException JavaDoc e) {
225         }
226       }
227       tmp = TagPropertyManager.getTagProperty(YazdState.ITEMS_PER_PAGE);
228       if( tmp != null ) {
229         try {
230           val = Integer.valueOf(tmp).intValue();
231           js.setItemsPerPage(val);
232         } catch(NumberFormatException JavaDoc e) {
233         }
234       }
235       // See if user has any lastVisit cookies
236
Cookie [] cookies = ((HttpServletRequest)pageContext.getRequest()).getCookies();
237       if( cookies != null && cookies.length > 0 ) {
238     String JavaDoc name;
239     String JavaDoc value;
240         for( int i = 0; i < cookies.length; i++ ) {
241       name = cookies[i].getName();
242       value = cookies[i].getValue();
243       if( name.equals(YazdState.LAST_VISIT) ) {
244         js.setLastVisit(new Date(Long.valueOf(value).longValue()));
245       } else if( name.startsWith(YazdState.LAST_FORUM_VISIT) ) {
246         js.setLastForumVisitDate(name,new Date(Long.valueOf(value).longValue()));
247       }
248     }
249       }
250     }
251
252     // For a logged in user, set the Date of the next LastVisit
253
js.setNextVisit(pageContext);
254
255     // Set the YazdState based on the HTTP parameters
256
ServletRequest req = pageContext.getRequest();
257     tmp = req.getParameter("forum");
258     if( tmp != null && tmp.length() > 0 )
259       js.setForumID(Integer.valueOf(tmp).intValue());
260     tmp = req.getParameter("thread");
261     if( tmp != null && tmp.length() > 0 )
262       js.setThreadID(Integer.valueOf(tmp).intValue());
263     tmp = req.getParameter("message");
264     if( tmp != null && tmp.length() > 0 )
265       js.setMessageID(Integer.valueOf(tmp).intValue());
266     tmp = req.getParameter("parent");
267     if( tmp != null && tmp.length() > 0 )
268       js.setParentID(Integer.valueOf(tmp).intValue());
269
270     // Make sure user is authorized
271
User user;
272     try {
273       user = jr.getProfileManager().getUser(auth.getUserID());
274     } catch( UserNotFoundException ex ) {
275       throw new JspException("authorize tag could not find user with ID: " +
276     auth.getUserID());
277     }
278     if( !anonymous && user.isAnonymous() ) {
279       // User is not authorized to view page
280
not_authorized = true;
281       jr.addError(TagPropertyManager.getTagProperty("yazd.tag.authorize.failed"));
282       return EVAL_BODY_INCLUDE;
283     }
284     // User is authorized for page
285
return SKIP_BODY;
286   }
287
288   /**
289    * Method called at end of authorize Tag
290    *
291    * @return <b>EVAL_PAGE</b> if user authorized to view page, <b>SKIP_PAGE</b> if user is not authorized.
292    */

293   public final int doEndTag() throws JspException
294   {
295     if( not_authorized )
296       return SKIP_PAGE;
297     return EVAL_PAGE;
298   }
299
300   /**
301    * Set a flag indicating whether an anonymous user is authorized to
302    * view page (Optional attribute).
303    */

304   public final void setAnonymous(String JavaDoc a)
305   {
306     if( a.equals("true") )anonymous=true;
307   }
308 }
309
Popular Tags