You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tiles.apache.org by ap...@apache.org on 2007/07/13 21:28:25 UTC
svn commit: r556114 - in
/tiles/framework/branches/TILES_2_0_X/tiles-core/src:
main/java/org/apache/tiles/impl/ main/resources/org/apache/tiles/resources/
test/java/org/apache/tiles/impl/
Author: apetrelli
Date: Fri Jul 13 12:28:24 2007
New Revision: 556114
URL: http://svn.apache.org/viewvc?view=rev&rev=556114
Log:
TILES-185
Merge from trunk to branch TILES_2_0_X.
Now the Attribute.role property is evaluated during rendering.
Added test case.
Modified:
tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/java/org/apache/tiles/impl/BasicTilesContainer.java
tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/resources/org/apache/tiles/resources/tiles-config_2_0.dtd
tiles/framework/branches/TILES_2_0_X/tiles-core/src/test/java/org/apache/tiles/impl/BasicTilesContainerTest.java
Modified: tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/java/org/apache/tiles/impl/BasicTilesContainer.java
URL: http://svn.apache.org/viewvc/tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/java/org/apache/tiles/impl/BasicTilesContainer.java?view=diff&rev=556114&r1=556113&r2=556114
==============================================================================
--- tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/java/org/apache/tiles/impl/BasicTilesContainer.java (original)
+++ tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/java/org/apache/tiles/impl/BasicTilesContainer.java Fri Jul 13 12:28:24 2007
@@ -437,6 +437,12 @@
throw new TilesException("Cannot render a null attribute");
}
+ if (!isPermitted(request, attr.getRole())) {
+ LOG.info("Access to attribute '" + attr.getName()
+ + "' denied. User not in role '" + attr.getRole());
+ return;
+ }
+
AttributeType type = attr.getType();
if (type == null) {
type = calculateType(attr, request);
Modified: tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/resources/org/apache/tiles/resources/tiles-config_2_0.dtd
URL: http://svn.apache.org/viewvc/tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/resources/org/apache/tiles/resources/tiles-config_2_0.dtd?view=diff&rev=556114&r1=556113&r2=556114
==============================================================================
--- tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/resources/org/apache/tiles/resources/tiles-config_2_0.dtd (original)
+++ tiles/framework/branches/TILES_2_0_X/tiles-core/src/main/resources/org/apache/tiles/resources/tiles-config_2_0.dtd Fri Jul 13 12:28:24 2007
@@ -147,6 +147,12 @@
be specified with this tag attribute, or in the body of the tag.
-->
<!ATTLIST put-attribute value CDATA #IMPLIED>
+<!--
+@attr role Security role name that is allowed access to this attribute
+ object. The attribute is inserted only if the role name is
+ allowed.
+-->
+<!ATTLIST put-attribute role CDATA #IMPLIED>
<!-- The "put-list-attribute" element describes a list attribute of a definition. It allows to
@@ -160,6 +166,12 @@
@attr name The unique identifier for this put attribute list.
-->
<!ATTLIST put-list-attribute name CDATA #REQUIRED>
+<!--
+@attr role Security role name that is allowed access to this attribute
+ object. The attribute is inserted only if the role name is
+ allowed.
+-->
+<!ATTLIST put-list-attribute role CDATA #IMPLIED>
<!-- ========== Subordinate Elements ====================================== -->
@@ -181,6 +193,12 @@
be specified with this tag attribute, or in the body of the tag.
-->
<!ATTLIST add-attribute value CDATA #IMPLIED>
+<!--
+@attr role Security role name that is allowed access to this attribute
+ object. The attribute is inserted only if the role name is
+ allowed.
+-->
+<!ATTLIST add-attribute role CDATA #IMPLIED>
<!-- The "add-list-attribute" element describes a list attribute subordinate to another
list attribute. It allows to specify an attribute value that is a java List
@@ -190,6 +208,12 @@
-->
<!ELEMENT add-list-attribute ( (add-attribute* | item* | bean* | add-list-attribute*)+) >
<!ATTLIST add-list-attribute id ID #IMPLIED>
+<!--
+@attr role Security role name that is allowed access to this attribute
+ object. The attribute is inserted only if the role name is
+ allowed.
+-->
+<!ATTLIST add-list-attribute role CDATA #IMPLIED>
<!-- The "bean" element describes an element of a list. It create a bean of the
Modified: tiles/framework/branches/TILES_2_0_X/tiles-core/src/test/java/org/apache/tiles/impl/BasicTilesContainerTest.java
URL: http://svn.apache.org/viewvc/tiles/framework/branches/TILES_2_0_X/tiles-core/src/test/java/org/apache/tiles/impl/BasicTilesContainerTest.java?view=diff&rev=556114&r1=556113&r2=556114
==============================================================================
--- tiles/framework/branches/TILES_2_0_X/tiles-core/src/test/java/org/apache/tiles/impl/BasicTilesContainerTest.java (original)
+++ tiles/framework/branches/TILES_2_0_X/tiles-core/src/test/java/org/apache/tiles/impl/BasicTilesContainerTest.java Fri Jul 13 12:28:24 2007
@@ -21,8 +21,11 @@
package org.apache.tiles.impl;
import java.io.IOException;
+import java.io.StringWriter;
import java.net.MalformedURLException;
import java.net.URL;
+import java.util.HashSet;
+import java.util.Set;
import java.util.Vector;
import javax.servlet.ServletContext;
@@ -35,6 +38,7 @@
import org.apache.commons.logging.LogFactory;
import org.apache.shale.test.mock.MockHttpServletRequest;
import org.apache.shale.test.mock.MockHttpServletResponse;
+import org.apache.shale.test.mock.MockHttpSession;
import org.apache.tiles.Attribute;
import org.apache.tiles.TilesException;
import org.apache.tiles.factory.TilesContainerFactory;
@@ -122,5 +126,59 @@
assertTrue("An attribute of 'object' type cannot be rendered",
exceptionFound);
+ }
+
+ /**
+ * Tests is attributes are rendered correctly according to users roles.
+ *
+ * @throws TilesException If a problem arises during rendering.
+ * @throws IOException If a problem arises during rendering or writing in the writer.
+ */
+ public void testAttributeCredentials() throws TilesException, IOException {
+ RoleMockHttpServletRequest request = new RoleMockHttpServletRequest("myrole");
+ MockHttpSession session = new MockHttpSession();
+ request.setHttpSession(session);
+ MockHttpServletResponse response = new MockHttpServletResponse();
+ Attribute attribute = new Attribute((Object) "This is the value", "myrole");
+ StringWriter writer = new StringWriter();
+ container.render(attribute, writer, request, response);
+ writer.close();
+ assertEquals("The attribute should have been rendered", writer
+ .toString(), "This is the value");
+ request = new RoleMockHttpServletRequest();
+ writer = new StringWriter();
+ container.render(attribute, writer, request, response);
+ writer.close();
+ assertNotSame("The attribute should have not been rendered", writer
+ .toString(), "This is the value");
+ }
+
+ /**
+ * Servlet request mock class that allows to choose the user roles.
+ */
+ private static class RoleMockHttpServletRequest extends MockHttpServletRequest {
+
+ /**
+ * Set containing the allowed roles.
+ */
+ private Set<String> roleSet;
+
+ /**
+ * Constructor.
+ *
+ * @param roles The roles to be allowed.
+ */
+ public RoleMockHttpServletRequest(String... roles) {
+ roleSet = new HashSet<String>();
+ for (String role : roles) {
+ roleSet.add(role);
+ }
+ }
+
+ /** {@inheritDoc} */
+ @Override
+ public boolean isUserInRole(String role) {
+ return roleSet.contains(role);
+ }
}
}