1 19 20 package com.sslexplorer.security.tags; 21 22 import javax.servlet.jsp.tagext.TagSupport ; 23 24 import org.apache.commons.logging.Log; 25 import org.apache.commons.logging.LogFactory; 26 import org.apache.struts.taglib.TagUtils; 27 28 import com.sslexplorer.policyframework.NoPermissionException; 29 import com.sslexplorer.policyframework.Permission; 30 import com.sslexplorer.policyframework.Resource; 31 import com.sslexplorer.policyframework.ResourceUtil; 32 import com.sslexplorer.security.LogonControllerFactory; 33 import com.sslexplorer.security.SessionInfo; 34 35 public class CheckManageResourceTag extends TagSupport { 36 37 final static Log log = LogFactory.getLog(CheckManageResourceTag.class); 38 39 boolean required = true; 40 Resource resource; 41 String resourceName; 42 String resourceProperty; 43 String resourceScope; 44 Permission[] permissions; 45 46 public CheckManageResourceTag() { 47 } 48 49 public int doStartTag() { 50 51 SessionInfo session = null; 52 try { 53 session = LogonControllerFactory.getInstance().getSessionInfo(pageContext.getSession()); 54 if (session== null) { 55 return required ? SKIP_BODY : EVAL_BODY_INCLUDE; 56 } else { 57 if(resource == null) { 58 if(resourceName == null) { 59 throw new Exception ("Must supply either a resource object or a bean name / property that contains the resource."); 60 } 61 resource = (Resource)TagUtils.getInstance().lookup(pageContext, resourceName, resourceProperty, resourceScope); 62 if(resource == null) { 63 throw new Exception ("No resource under bean name " + resourceName + "/" + resourceProperty + "/" + resourceScope); 64 } 65 } 66 boolean ok = false; 67 try { 68 ResourceUtil.checkResourceManagementRights(resource, session, permissions); 69 ok = true; 70 } 71 catch(NoPermissionException npe) { 72 } 73 return required ? ( ok ? EVAL_BODY_INCLUDE : SKIP_BODY ) : ( ok ? SKIP_BODY : EVAL_BODY_INCLUDE ); 74 } 75 } catch (Exception e) { 76 log.error("Failed to test manageabilitiy of resource.", e); 77 } 78 return SKIP_BODY; 79 } 80 81 public void setResource(Resource resource) { 82 this.resource = resource; 83 } 84 85 public void setName(String name) { 86 this.resourceName = name; 87 } 88 89 public void setScope(String scope) { 90 this.resourceScope = scope; 91 } 92 93 public void setProperty(String property) { 94 this.resourceProperty = property; 95 } 96 97 public void setRequired(boolean required) { 98 this.required = required; 99 } 100 101 public void setPermission(Permission permission) { 102 this.permissions = new Permission[] { permission }; 103 } 104 105 public void setPermissions(Permission[] permissions) { 106 this.permissions = permissions; 107 } 108 109 114 public void release() { 115 required = true; 116 permissions = null; 117 resourceName = null; 118 resourceProperty = null; 119 resource = null; 120 super.release(); 121 } 122 } | Popular Tags |