1 12 13 package com.openedit.modules.admin; 14 15 import java.util.ArrayList ; 16 import java.util.Iterator ; 17 import java.util.List ; 18 19 import org.apache.commons.logging.Log; 20 import org.apache.commons.logging.LogFactory; 21 22 import com.openedit.OpenEditException; 23 import com.openedit.WebPageRequest; 24 import com.openedit.config.Configuration; 25 import com.openedit.page.Page; 26 import com.openedit.page.PageSettings; 27 import com.openedit.page.manage.PageManager; 28 import com.openedit.util.PathUtilities; 29 import com.openedit.util.strainer.Filter; 30 import com.openedit.util.strainer.FilterException; 31 32 33 48 public class AllowViewing 49 { 50 protected static final String DEFAULT_LOGIN_PATH = "/openedit/authentication/logon.html"; 51 protected static final String DEFAULT_ADMIN_PERMISSION = "oe.administration"; 52 53 private static final Log log = LogFactory.getLog(AllowViewing.class); 54 55 protected String fieldLoginPath; 56 protected List fieldExcludes; 57 protected PageManager fieldPageManager; 58 59 60 63 public void execute( WebPageRequest inReq ) throws OpenEditException 64 { 65 Page page = (Page) inReq.getPage(); String requestPath = page.getPath(); 67 68 if (!inExcludeList(requestPath)) 69 { 70 Filter filter = inReq.getPage().getViewFilter(); 71 if ( (filter != null) ) 72 { 73 if ( !filter.passes( inReq )) 74 { 75 log.error("No permission for " + page.getPath() + " sending redirect"); 76 inReq.putPageValue("oe-exception", "You do not have permission to view "+ page.getPath() ); 77 78 inReq.putSessionValue("originalEntryPage",inReq.getContentPage().getPath() ); 80 81 inReq.redirect( getLoginPath() ); 82 } 83 } 84 else 85 { 86 log.info("No view restrictions have been set for " + requestPath); 87 } 88 } 89 90 } 91 92 99 protected boolean inExcludeList(String inPath) 100 { 101 for (Iterator iter = getExcludes().iterator(); iter.hasNext();) 102 { 103 String path = (String )iter.next(); 104 105 if (PathUtilities.match(inPath, path)) 106 { 107 log.debug( 108 "Excluded path " + inPath + " from " + getClass().getName() + 109 " because it matched " + path); 110 111 return true; 112 } 113 } 114 if ( inPath.equals( getLoginPath() ) ) 115 { 116 return true; 117 } 118 String relative = PathUtilities.resolveRelativePath(getLoginPath(), inPath); 119 if ( inPath.equals( relative ) ) 120 { 121 return true; 122 } 123 return false; 124 } 125 128 public void configure( Configuration inElement, PageSettings inSettings ) 129 { 130 fieldLoginPath = inElement.getChildValue( "login-path" ); 131 fieldLoginPath = inSettings.replaceProperty(fieldLoginPath); 132 133 for (Iterator iter = inElement.getChildren("exclude").iterator(); iter.hasNext();) 134 { 135 Configuration excludeElem = (Configuration) iter.next(); 136 String path = excludeElem.getValue(); 137 path = inSettings.replaceProperty(path); 138 getExcludes().add( path ); 139 } 140 } 141 142 protected String getLoginPath() 143 { 144 if (fieldLoginPath == null) 145 { 146 fieldLoginPath = DEFAULT_LOGIN_PATH; 147 } 148 return fieldLoginPath; 149 } 150 151 protected List getExcludes() 152 { 153 if (fieldExcludes == null) 154 { 155 fieldExcludes = new ArrayList (); 156 } 157 return fieldExcludes; 158 } 159 public PageManager getPageManager() 160 { 161 return fieldPageManager; 162 } 163 public void setPageManager( PageManager pageManager ) 164 { 165 fieldPageManager = pageManager; 166 } 167 168 178 protected boolean userPassesFilter( Filter inFilter ) 179 throws OpenEditException 180 { 181 try 182 { 183 return ((inFilter == null) || inFilter.passes( this )); 184 } 185 catch (FilterException fe) 186 { 187 throw new OpenEditException(fe); 188 } 189 } 190 191 } 192 | Popular Tags |