|
1
9 package org.jboss.portal.core.invocation;
10
11 import org.jboss.portal.common.metadata.MetaData;
12 import org.jboss.portal.common.metadata.MetaDataHolder;
13
14 import org.jboss.portal.server.invocation.Interceptor;
15 import org.jboss.portal.server.invocation.Invocation;
16 import org.jboss.portal.server.invocation.AttachmentKey;
17
18 import org.jboss.portal.server.metadata.InterceptorMetaData;
19
20 import org.jboss.portal.server.output.SecurityErrorResult;
21
22 import org.jboss.portal.server.WindowContext;
23 import org.jboss.portal.server.Window;
24 import org.jboss.portal.server.Instance;
25
26 import org.jboss.portal.core.invocation.CoreAttachmentKey;
27
28 import org.jboss.portal.core.impl.user.UserContextImpl;
29 import org.jboss.portal.core.model.User;
30 import org.jboss.portal.core.model.Role;
31
32 import org.jboss.portal.core.plugins.security.AccessController;
33 import org.jboss.portal.core.plugins.page.Page;
34
35 import java.util.Iterator  ;
36 import java.util.Set ;
37
38
44 public class AccessControlInterceptor
45 implements Interceptor,
46 MetaDataHolder
47 {
48
49 private static final int TYPE_INSTANCE = 0;
50 private static final int TYPE_PAGE = 1;
51
52 private InterceptorMetaData interceptorMD;
53
54 private int type;
55
56 public void setMetaData(MetaData metaData)
57 {
58 this.interceptorMD = (InterceptorMetaData)metaData;
59 String type = interceptorMD.getParamValue("type");
60 if ("instance".equals(type))
61 {
62 this.type = TYPE_INSTANCE;
63 }
64 else if ("page".equals(type))
65 {
66 this.type = TYPE_PAGE;
67 }
68 else
69 {
70 throw new IllegalArgumentException ("No suitable type found");
71 }
72 }
73
74 public MetaData getMetaData()
75 {
76 return interceptorMD;
77 }
78
79 public Object invoke(Invocation invocation)
80 {
81
82 WindowContext ctx = (WindowContext)invocation.getAttachment(AttachmentKey.WINDOW_CONTEXT);
83
84 AccessController ac = null;
85
86 if (type == TYPE_INSTANCE)
87 {
88 Window window = (Window)invocation.getAttachment(AttachmentKey.WINDOW);
89 Instance instance = window.getInstance();
90 ac = (AccessController)instance.getPlugin("AC");
91 }
92 else
93 {
94 Page page = (Page)invocation.getAttachment(CoreAttachmentKey.PAGE);
95 ac = (AccessController)page.getPlugin("AC");
96 }
97
98 boolean authorized = false;
99 if (!ac.isUnchecked())
100 {
101 UserContextImpl uctx = (UserContextImpl)invocation.getAttachment(AttachmentKey.USER_CONTEXT);
102 User user = uctx.getUser();
103 if (user != null)
104 {
105 Set authRoles = ac.getRoles();
106 for (Iterator i = user.getRoles().iterator();i.hasNext();)
107 {
108 Role role = (Role)i.next();
109 String roleName = role.getName();
110 if (authRoles.contains(roleName))
111 {
112 authorized = true;
113 break;
114 }
115 }
116 }
117 }
118 else
119 {
120 authorized = true;
121 }
122
123 if (authorized)
124 {
125 return invocation.invokeNext();
126 }
127 else
128 {
129 return new SecurityErrorResult(ctx, "Not authorized to access");
130 }
131 }
132
133 }
134 |
Popular Tags |
Java API By Example, From Geeks To Geeks.