[jboss-svn-commits] JBL Code SVN: r5073 - in labs/jbossforums/trunk/forums/src: main/org/jboss/portlet/forums/auth resources/portal-forums-war/WEB-INF resources/portal-forums-war/views/forums
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Jul 13 14:17:52 EDT 2006
Author: sohil.shah at jboss.com
Date: 2006-07-13 14:17:50 -0400 (Thu, 13 Jul 2006)
New Revision: 5073
Added:
labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLChooseTagHandler.java
labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLOtherwiseTagHandler.java
labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLWhenTagHandler.java
Modified:
labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml
labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml
labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/forums/viewforum_body.xhtml
Log:
Authorization support for conditional UI usecases - http://jira.jboss.com/jira/browse/JBFORUMS-95
Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLChooseTagHandler.java
===================================================================
--- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLChooseTagHandler.java 2006-07-13 14:12:45 UTC (rev 5072)
+++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLChooseTagHandler.java 2006-07-13 18:17:50 UTC (rev 5073)
@@ -0,0 +1,119 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.portlet.forums.auth;
+
+//core java
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.StringTokenizer;
+
+
+//jsf
+import javax.faces.context.FacesContext;
+import javax.faces.FacesException;
+import javax.faces.component.UIComponent;
+
+//logging
+import org.apache.log4j.Logger;
+import org.jboss.portlet.forums.ui.PortalUtil;
+
+//servlet
+import javax.el.ELException;
+import javax.el.ExpressionFactory;
+import javax.el.ValueExpression;
+
+
+//facelets
+import com.sun.facelets.FaceletContext;
+import com.sun.facelets.tag.TagConfig;
+import com.sun.facelets.tag.TagHandler;
+import com.sun.facelets.tag.TagException;
+import com.sun.facelets.tag.TagAttribute;
+import com.sun.facelets.el.ELAdaptor;
+
+
+/**
+ *
+ * @author Sohil Shah - sohil.shah at jboss.com - Mar 29, 2006
+ *
+ */
+public class ACLChooseTagHandler extends TagHandler
+{
+ /**
+ *
+ */
+ private static final Logger log = Logger.getLogger(ACLChooseTagHandler.class);
+
+ /**
+ *
+ */
+ private ACLWhenTagHandler when = null;
+ private ACLOtherwiseTagHandler otherwise = null;
+
+
+ /**
+ * @param config
+ */
+ public ACLChooseTagHandler(TagConfig config)
+ {
+ super(config);
+
+ //setup when tag handler
+ Iterator itr = this.findNextByType(ACLWhenTagHandler.class);
+ if(itr!=null && itr.hasNext())
+ {
+ this.when = (ACLWhenTagHandler)itr.next();
+ }
+ else
+ {
+ throw new TagException(this.tag, "isAllowedChoose Tag must have a isAllowedWhen Tag");
+ }
+
+ //setup otherwise tag handler
+ Iterator itr2 = this.findNextByType(ACLOtherwiseTagHandler.class);
+ if(itr2!=null && itr2.hasNext())
+ {
+ this.otherwise = (ACLOtherwiseTagHandler)itr2.next();
+ }
+ }
+
+ /**
+ * Threadsafe Method for controlling evaluation of
+ * its child tags, represented by "nextHandler"
+ */
+ public void apply(FaceletContext ctx, UIComponent parent)
+ throws IOException,FacesException,ELException
+ {
+ if(this.when.isAllowed(ctx))
+ {
+ this.when.apply(ctx,parent);
+ return;
+ }
+ else
+ {
+ if(this.otherwise!=null)
+ {
+ this.otherwise.apply(ctx,parent);
+ }
+ }
+ }
+}
Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLOtherwiseTagHandler.java
===================================================================
--- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLOtherwiseTagHandler.java 2006-07-13 14:12:45 UTC (rev 5072)
+++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLOtherwiseTagHandler.java 2006-07-13 18:17:50 UTC (rev 5073)
@@ -0,0 +1,82 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.portlet.forums.auth;
+
+//core java
+import java.io.IOException;
+import java.util.StringTokenizer;
+
+
+//jsf
+import javax.faces.context.FacesContext;
+import javax.faces.FacesException;
+import javax.faces.component.UIComponent;
+
+//logging
+import org.apache.log4j.Logger;
+import org.jboss.portlet.forums.ui.PortalUtil;
+
+//servlet
+import javax.el.ELException;
+import javax.el.ExpressionFactory;
+import javax.el.ValueExpression;
+
+
+//facelets
+import com.sun.facelets.FaceletContext;
+import com.sun.facelets.tag.TagConfig;
+import com.sun.facelets.tag.TagHandler;
+import com.sun.facelets.tag.TagAttribute;
+import com.sun.facelets.el.ELAdaptor;
+
+
+/**
+ *
+ * @author Sohil Shah - sohil.shah at jboss.com - Mar 29, 2006
+ *
+ */
+public class ACLOtherwiseTagHandler extends TagHandler
+{
+ /**
+ *
+ */
+ private static final Logger log = Logger.getLogger(ACLOtherwiseTagHandler.class);
+
+
+ /**
+ * @param config
+ */
+ public ACLOtherwiseTagHandler(TagConfig config)
+ {
+ super(config);
+ }
+
+ /**
+ * Threadsafe Method for controlling evaluation of
+ * its child tags, represented by "nextHandler"
+ */
+ public void apply(FaceletContext ctx, UIComponent parent)
+ throws IOException,FacesException,ELException
+ {
+ this.nextHandler.apply(ctx,parent);
+ }
+}
Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLWhenTagHandler.java
===================================================================
--- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLWhenTagHandler.java 2006-07-13 14:12:45 UTC (rev 5072)
+++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLWhenTagHandler.java 2006-07-13 18:17:50 UTC (rev 5073)
@@ -0,0 +1,178 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.portlet.forums.auth;
+
+//core java
+import java.io.IOException;
+import java.util.StringTokenizer;
+
+
+//jsf
+import javax.faces.context.FacesContext;
+import javax.faces.FacesException;
+import javax.faces.component.UIComponent;
+
+//logging
+import org.apache.log4j.Logger;
+import org.jboss.portlet.forums.ui.PortalUtil;
+
+//servlet
+import javax.el.ELException;
+import javax.el.ExpressionFactory;
+import javax.el.ValueExpression;
+
+
+//facelets
+import com.sun.facelets.FaceletContext;
+import com.sun.facelets.tag.TagConfig;
+import com.sun.facelets.tag.TagHandler;
+import com.sun.facelets.tag.TagAttribute;
+import com.sun.facelets.el.ELAdaptor;
+
+
+/**
+ *
+ * @author Sohil Shah - sohil.shah at jboss.com - Mar 29, 2006
+ *
+ */
+public class ACLWhenTagHandler extends TagHandler
+{
+ /**
+ *
+ */
+ private static final Logger log = Logger.getLogger(ACLWhenTagHandler.class);
+
+ //possible attributes
+ private TagAttribute fragment = null; //required
+ private TagAttribute contextData = null; //optional
+
+ /**
+ * @param config
+ */
+ public ACLWhenTagHandler(TagConfig config)
+ {
+ super(config);
+
+ // helper method for getting a required attribute
+ this.fragment = this.getRequiredAttribute("fragment");
+
+ // helper method, optional attribute
+ this.contextData = this.getAttribute("contextData");
+ }
+
+ /**
+ * Threadsafe Method for controlling evaluation of
+ * its child tags, represented by "nextHandler"
+ */
+ public void apply(FaceletContext ctx, UIComponent parent)
+ throws IOException,FacesException,ELException
+ {
+ FacesContext facesContext = ctx.getFacesContext();
+ this.nextHandler.apply(ctx,parent);
+ }
+
+ /**
+ *
+ *
+ */
+ public boolean isAllowed(FaceletContext ctx)
+ {
+ boolean isAllowed = false;
+
+ FacesContext facesContext = ctx.getFacesContext();
+
+ //make sure an authorization provider has been hooked in
+ boolean skipAuth = false;
+ try
+ {
+ if(Authorization.getProvider()==null)
+ {
+ //no authorization will be enforced
+ skipAuth = true;
+ }
+ }
+ catch(Exception e)
+ {
+ log.error(this,e);
+ //something went wrong in the Authorization system
+ skipAuth = true;
+ }
+
+ if(skipAuth)
+ {
+ isAllowed = true;
+ return isAllowed;
+ }
+
+ //an authorization provider is hooked in....go ahead and perform authorization
+ try
+ {
+ String resource = this.fragment.getValue();
+ String contextStr = null;
+
+ if(this.contextData!=null)
+ {
+ contextStr = this.contextData.getValue();
+ }
+
+ //resourcesetup
+ Object[] runtime = null;
+ if(contextStr!=null && contextStr.trim().length()>0)
+ {
+ StringTokenizer st = new StringTokenizer(contextStr,",");
+ runtime = new Object[st.countTokens()];
+ int i=0;
+ while(st.hasMoreTokens())
+ {
+ String parameter = st.nextToken();
+ Object parameterValue = null;
+
+ //evaluate this expression to a value
+ ExpressionFactory f = ctx.getExpressionFactory();
+ ValueExpression expr = f.createValueExpression(ctx,parameter,Object.class);
+ parameterValue = expr.getValue(ELAdaptor.getELContext(facesContext));
+
+ runtime[i++] = parameterValue;
+ }
+ }
+
+ //check access here
+ JSFUIContext securityContext = new JSFUIContext(PortalUtil.getUser(),facesContext);
+ securityContext.setFragment(resource);
+ securityContext.setContextData(runtime);
+
+ //feed this context to the Authorization system which will decide whether
+ //access should be granted or not
+ isAllowed = Authorization.getProvider().hasAccess(securityContext);
+ }
+ catch(NoSuchMethodException nsme)
+ {
+ throw new FacesException(nsme);
+ }
+ catch(Exception e)
+ {
+ throw new FacesException(e);
+ }
+
+ return isAllowed;
+ }
+}
Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml
===================================================================
--- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml 2006-07-13 14:12:45 UTC (rev 5072)
+++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml 2006-07-13 18:17:50 UTC (rev 5073)
@@ -8,11 +8,11 @@
<!-- general application configuration -->
<application>
<!-- jbossportal-facelets integration -->
- <property-resolver>org.jboss.portal.faces.el.DelegatingPropertyResolver</property-resolver>
- <view-handler>com.sun.facelets.FaceletPortletViewHandler</view-handler>
+ <!--property-resolver>org.jboss.portal.faces.el.DelegatingPropertyResolver</property-resolver>
+ <view-handler>com.sun.facelets.FaceletPortletViewHandler</view-handler-->
<!-- standalone facelets integration -->
- <!--view-handler>com.sun.facelets.FaceletViewHandler</view-handler-->
+ <view-handler>com.sun.facelets.FaceletViewHandler</view-handler>
<!-- custom action listener with integrated authorization checking -->
<action-listener>org.jboss.portlet.forums.auth.AuthorizationListener</action-listener>
@@ -28,10 +28,10 @@
<!-- phase listeners -->
<!-- remove this in portal-environment -->
- <!--lifecycle>
+ <lifecycle>
<phase-listener>org.jboss.portlet.forums.ui.event.BeginTransactionListener</phase-listener>
<phase-listener>org.jboss.portlet.forums.ui.event.EndTransactionListener</phase-listener>
- </lifecycle-->
+ </lifecycle>
<!-- configuration for the shared EmptyController -->
Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml
===================================================================
--- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml 2006-07-13 14:12:45 UTC (rev 5072)
+++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml 2006-07-13 18:17:50 UTC (rev 5073)
@@ -145,5 +145,19 @@
<tag>
<tag-name>isAllowed</tag-name>
<handler-class>org.jboss.portlet.forums.auth.ACLTagHandler</handler-class>
- </tag>
+ </tag>
+
+ <!-- conditional access control tag -->
+ <tag>
+ <tag-name>isAllowedChoose</tag-name>
+ <handler-class>org.jboss.portlet.forums.auth.ACLChooseTagHandler</handler-class>
+ </tag>
+ <tag>
+ <tag-name>isAllowedWhen</tag-name>
+ <handler-class>org.jboss.portlet.forums.auth.ACLWhenTagHandler</handler-class>
+ </tag>
+ <tag>
+ <tag-name>isAllowedOtherwise</tag-name>
+ <handler-class>org.jboss.portlet.forums.auth.ACLOtherwiseTagHandler</handler-class>
+ </tag>
</facelet-taglib>
\ No newline at end of file
Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/forums/viewforum_body.xhtml
===================================================================
--- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/forums/viewforum_body.xhtml 2006-07-13 14:12:45 UTC (rev 5072)
+++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/forums/viewforum_body.xhtml 2006-07-13 18:17:50 UTC (rev 5073)
@@ -642,25 +642,53 @@
<td align="right">
<span class="gensmall">
<!-- a list of allowed actions on this forum for this user -->
- <span class="gensmall">
- <forums:isAllowed fragment="acl://newTopic">
- You <b>can</b> post new topics in this forum <br/>
- </forums:isAllowed>
- <forums:isAllowed fragment="acl://managePoll">
- You <b>can</b> create polls in this forum <br/>
- </forums:isAllowed>
- <forums:isAllowed fragment="acl://votePoll">
- You <b>can</b> vote in polls in this forum <br/>
- </forums:isAllowed>
- <!-- TODO: insert link to moderator control panel if user is allowed to moderate this forum -->
- <forums:isAllowed fragment="acl://moderateForum" contextData="#{forum.forum}">
- You <b>can</b>
- <h:outputLink value="#{forums:outputLink(shared.links['moderator'],true)}">
- <f:param name="f" value="#{forum.forum.id}"/>
- moderate
- </h:outputLink>
- this forum <b/>
- </forums:isAllowed>
+ <span class="gensmall">
+ <!-- post new topics link -->
+ <forums:isAllowedChoose>
+ <forums:isAllowedWhen fragment="acl://newTopic">
+ You <b>can</b> post new topics in this forum <br/>
+ </forums:isAllowedWhen>
+ <forums:isAllowedOtherwise>
+ You <b>cannot</b> post new topics in this forum <br/>
+ </forums:isAllowedOtherwise>
+ </forums:isAllowedChoose>
+
+ <!-- manage poll link -->
+ <forums:isAllowedChoose>
+ <forums:isAllowedWhen fragment="acl://managePoll">
+ You <b>can</b> create polls in this forum <br/>
+ </forums:isAllowedWhen>
+ <forums:isAllowedOtherwise>
+ You <b>cannot</b> create polls in this forum <br/>
+ </forums:isAllowedOtherwise>
+ </forums:isAllowedChoose>
+
+ <!-- votePoll link -->
+ <forums:isAllowedChoose>
+ <forums:isAllowedWhen fragment="acl://votePoll">
+ You <b>can</b> vote in polls in this forum <br/>
+ </forums:isAllowedWhen>
+ <forums:isAllowedOtherwise>
+ You <b>cannot</b> vote in polls in this forum <br/>
+ </forums:isAllowedOtherwise>
+ </forums:isAllowedChoose>
+
+ <!-- moderate forum link -->
+ <forums:isAllowedChoose>
+ <forums:isAllowedWhen fragment="acl://moderateForum" contextData="#{forum.forum}">
+ You <b>can</b>
+ <h:outputLink value="#{forums:outputLink(shared.links['moderator'],true)}">
+ <f:param name="f" value="#{forum.forum.id}"/>
+ moderate
+ </h:outputLink>
+ this forum <b/>
+ </forums:isAllowedWhen>
+ <forums:isAllowedOtherwise>
+ You <b>cannot</b>
+ moderate
+ this forum <b/>
+ </forums:isAllowedOtherwise>
+ </forums:isAllowedChoose>
</span>
<ui:include src="/views/jumpbox.xhtml"/>
</span>
More information about the jboss-svn-commits
mailing list