1 16 package dlog4j.security; 17 18 import javax.servlet.http.HttpServletRequest ; 19 import javax.servlet.jsp.JspException ; 20 import javax.servlet.jsp.tagext.TagSupport ; 21 22 import dlog4j.formbean.UserForm; 23 import web.security.Operation; 24 import web.security.Privilege; 25 import web.security.Range; 26 import web.security.Resource; 27 import web.security.impl.PrivilegeImpl; 28 29 33 public class CanAccessTag extends TagSupport { 34 35 protected String resource; 36 protected String operation; 37 protected String range; 38 39 public int doStartTag() throws JspException { 40 UserForm user = UserForm.getLoginUser((HttpServletRequest )pageContext.getRequest()); 41 if(user==null) 42 return SKIP_BODY; 43 DlogRole role = user.getRole(); 44 if(role==null) 45 return SKIP_BODY; 46 return role.canDo(getPrivilege())?EVAL_BODY_INCLUDE:SKIP_BODY; 47 } 48 49 protected Privilege getPrivilege() { 50 try{ 51 SecurityConfig sc = SecurityConfig.getConfig(); 52 Resource res = sc.getResourceByName(resource); 53 Operation opt = sc.getOperationByName(operation); 54 Range rng = sc.getRangeByName(range); 55 return new PrivilegeImpl(res,opt,rng); 56 }catch(Exception e){ 57 pageContext.getServletContext().log("",e); 58 } 59 return null; 60 } 61 public String getOperation() { 62 return operation; 63 } 64 public void setOperation(String operation) { 65 this.operation = operation; 66 } 67 public String getRange() { 68 return range; 69 } 70 public void setRange(String range) { 71 this.range = range; 72 } 73 public String getResource() { 74 return resource; 75 } 76 public void setResource(String resource) { 77 this.resource = resource; 78 } 79 } 80 | Popular Tags |