You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by ge...@apache.org on 2005/08/21 17:23:27 UTC
svn commit: r234242 -
/struts/core/trunk/src/share/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
Author: germuska
Date: Sun Aug 21 08:23:25 2005
New Revision: 234242
URL: http://svn.apache.org/viewcvs?rev=234242&view=rev
Log:
Extract test for whether authorization is required into a protected method, so
that subclasses can cause isAuthorized to be called as a default condition,
or based on other rules rather than the explicit presence of roles.
Modified:
struts/core/trunk/src/share/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
Modified: struts/core/trunk/src/share/org/apache/struts/chain/commands/AbstractAuthorizeAction.java
URL: http://svn.apache.org/viewcvs/struts/core/trunk/src/share/org/apache/struts/chain/commands/AbstractAuthorizeAction.java?rev=234242&r1=234241&r2=234242&view=diff
==============================================================================
--- struts/core/trunk/src/share/org/apache/struts/chain/commands/AbstractAuthorizeAction.java (original)
+++ struts/core/trunk/src/share/org/apache/struts/chain/commands/AbstractAuthorizeAction.java Sun Aug 21 08:23:25 2005
@@ -58,14 +58,13 @@
ActionConfig actionConfig = actionCtx.getActionConfig();
// Is this action protected by role requirements?
- String roles[] = actionConfig.getRoleNames();
- if ((roles == null) || (roles.length < 1)) {
+ if (!isAuthorizationRequired(actionConfig)) {
return (false);
}
boolean throwEx = false;
try {
- throwEx = !(isAuthorized(actionCtx, roles, actionConfig));
+ throwEx = !(isAuthorized(actionCtx, actionConfig.getRoleNames(), actionConfig));
}
catch (Exception ex) {
throwEx = true;
@@ -80,6 +79,19 @@
return (false);
}
+ }
+
+ /**
+ * <p>Must authorization rules be consulted? The base implementation returns
+ * <code>true</code> if the given <code>ActionConfig</code> has one or more
+ * roles defined.</p>
+ *
+ * @param actionConfig the current ActionConfig object
+ * @return true if the <code>isAuthorized</code> method should be consulted.
+ */
+ protected boolean isAuthorizationRequired(ActionConfig actionConfig) {
+ String[] roles = actionConfig.getRoleNames();
+ return (roles != null) && (roles.length > 0);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org