You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@turbine.apache.org by tv...@apache.org on 2016/11/05 21:15:09 UTC
svn commit: r1768279 - in
/turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules:
actions/SecureAction.java screens/SecureScreen.java
Author: tv
Date: Sat Nov 5 21:15:09 2016
New Revision: 1768279
URL: http://svn.apache.org/viewvc?rev=1768279&view=rev
Log:
Use Turbine annotations,
promote Turbine code style
Modified:
turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/actions/SecureAction.java
turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/screens/SecureScreen.java
Modified: turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/actions/SecureAction.java
URL: http://svn.apache.org/viewvc/turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/actions/SecureAction.java?rev=1768279&r1=1768278&r2=1768279&view=diff
==============================================================================
--- turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/actions/SecureAction.java (original)
+++ turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/actions/SecureAction.java Sat Nov 5 21:15:09 2016
@@ -19,8 +19,7 @@ package ${package}.modules.actions;
* under the License.
*#
-import org.apache.fulcrum.security.SecurityService;
-import org.apache.fulcrum.security.model.turbine.TurbineAccessControlListImpl;
+import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
import org.apache.turbine.modules.actions.VelocitySecureAction;
import org.apache.turbine.om.security.User;
import org.apache.turbine.pipeline.PipelineData;
@@ -30,12 +29,10 @@ import org.apache.velocity.context.Conte
* Velocity Secure action.
*
* Always performs a Security Check that you've defined before executing the
- * doBuildtemplate().
+ * doPerform().
*/
-public class SecureAction extends VelocitySecureAction {
-
- protected SecurityService securityService;
-
+public class SecureAction extends VelocitySecureAction
+{
/**
* This currently only checks to make sure that user is allowed to view the
* storage area. If you create an action that requires more security then
@@ -48,20 +45,23 @@ public class SecureAction extends Veloci
* a generic exception.
*/
@Override
- protected boolean isAuthorized(PipelineData data) throws Exception {
-
+ protected boolean isAuthorized(PipelineData data) throws Exception
+ {
boolean isAuthorized = false;
// Who is our current user?
User user = getRunData(data).getUser();
// Get the Turbine ACL implementation
- TurbineAccessControlListImpl acl = (TurbineAccessControlListImpl) getRunData(data).getACL();
+ TurbineAccessControlList acl = getRunData(data).getACL();
- if (acl == null || !acl.hasRole("turbineadmin")) {
+ if (acl == null || !acl.hasRole("turbineadmin"))
+ {
getRunData(data).setMessage("You do not have permission to access this action");
isAuthorized = false;
- } else if (acl.hasRole("admin")) {
+ }
+ else if (acl.hasRole("admin"))
+ {
isAuthorized = true;
}
@@ -78,7 +78,8 @@ public class SecureAction extends Veloci
* @exception Exception,
* a generic exception.
*/
- public void doPerform(PipelineData data, Context context) throws Exception {
+ public void doPerform(PipelineData data, Context context) throws Exception
+ {
}
}
Modified: turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/screens/SecureScreen.java
URL: http://svn.apache.org/viewvc/turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/screens/SecureScreen.java?rev=1768279&r1=1768278&r2=1768279&view=diff
==============================================================================
--- turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/screens/SecureScreen.java (original)
+++ turbine/maven/archetypes/trunk/turbine-webapp-4.0/src/main/resources/archetype-resources/src/main/java/modules/screens/SecureScreen.java Sat Nov 5 21:15:09 2016
@@ -18,59 +18,73 @@ package ${package}.modules.screens;
* under the License.
*#
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
import org.apache.turbine.Turbine;
+import org.apache.turbine.TurbineConstants;
+import org.apache.turbine.annotation.TurbineConfiguration;
+import org.apache.turbine.annotation.TurbineService;
import org.apache.turbine.modules.screens.VelocitySecureScreen;
import org.apache.turbine.om.security.User;
import org.apache.turbine.pipeline.PipelineData;
-import org.apache.turbine.services.TurbineServices;
import org.apache.turbine.services.security.SecurityService;
-import org.apache.turbine.services.security.TurbineSecurity;
-import org.apache.fulcrum.security.acl.AccessControlList;
-import org.apache.fulcrum.security.model.turbine.TurbineAccessControlListImpl;
import org.apache.velocity.context.Context;
/**
* This class provides a sample implementation for creating a secured screen
*/
-public class SecureScreen extends VelocitySecureScreen {
- // create an instance of the logging facility
- private static Log log = LogFactory.getLog(SecureScreen.class);
-
+public class SecureScreen extends VelocitySecureScreen
+{
+ @TurbineService
protected SecurityService securityService;
+
+ @TurbineConfiguration( TurbineConstants.TEMPLATE_LOGIN )
+ private String templateLogin;
+
+ @TurbineConfiguration( TurbineConstants.TEMPLATE_HOMEPAGE )
+ private String templateHomepage;
@Override
- protected boolean isAuthorized(PipelineData data) throws Exception {
+ protected boolean isAuthorized(PipelineData data) throws Exception
+ {
boolean isAuthorized = false;
- // Load the security service
- securityService = (SecurityService) TurbineServices.getInstance().getService(SecurityService.SERVICE_NAME);
-
// Who is our current user?
User user = getRunData(data).getUser();
// Get the Turbine ACL implementation
- TurbineAccessControlListImpl acl = (TurbineAccessControlListImpl) getRunData(data).getACL();
+ TurbineAccessControlList acl = getRunData(data).getACL();
- if (acl == null) {
- getRunData(data).setScreenTemplate(Turbine.getConfiguration().getString("template.login"));
+ if (acl == null)
+ {
+ getRunData(data).setScreenTemplate(templateLogin);
isAuthorized = false;
- } else if (acl.hasRole("TurbineAdmin")) {
+ }
+ else if (acl.hasRole("turbineadmin"))
+ {
isAuthorized = true;
- } else {
- getRunData(data).setScreenTemplate(Turbine.getConfiguration().getString("template.home"));
+ }
+ else
+ {
+ getRunData(data).setScreenTemplate(templateHomepage);
getRunData(data).setMessage("You do not have access to this part of the site.");
isAuthorized = false;
}
return isAuthorized;
}
+ /**
+ * Implement this to add information to the context.
+ *
+ * @param data
+ * Turbine information.
+ * @param context
+ * Context for web pages.
+ * @exception Exception,
+ * a generic exception.
+ */
@Override
- protected void doBuildTemplate(PipelineData data, Context context) throws Exception {
- // TODO Auto-generated method stub
+ protected void doBuildTemplate(PipelineData data, Context context) throws Exception
+ {
}
-
}