You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@click.apache.org by sa...@apache.org on 2010/11/14 12:47:38 UTC
svn commit: r1034985 - in /click/trunk/click/extras:
src/org/apache/click/extras/control/ src/org/apache/click/extras/security/
test/org/apache/click/extras/control/ test/org/apache/click/extras/security/
Author: sabob
Date: Sun Nov 14 11:47:38 2010
New Revision: 1034985
URL: http://svn.apache.org/viewvc?rev=1034985&view=rev
Log:
added support for Menus that do not have roles defined. CLK-724
Added:
click/trunk/click/extras/test/org/apache/click/extras/security/
click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java
Modified:
click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java
click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java
Modified: click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java (original)
+++ click/trunk/click/extras/src/org/apache/click/extras/control/Menu.java Sun Nov 14 11:47:38 2010
@@ -861,8 +861,13 @@ public class Menu extends AbstractContro
* menus have the user in one of their menu roles. Otherwise the method will
* return false.
* <p/>
- * This method internally uses the <tt>HttpServletRequest</tt> function <tt>isUserInRole(rolename)</tt>,
- * where the rolenames are derived from the {@link #getRoles()} property.
+ * This method internally uses the
+ * {@link org.apache.click.extras.security.AccessController#hasAccess(javax.servlet.http.HttpServletRequest, java.lang.String) AccessController#hasAccess(HttpServletRequest request, String roleName)}
+ * method where the rolenames are derived from the {@link #getRoles()} property.
+ * <p/>
+ * If no {@link #getRoles()} are defined the AccessController are invoked
+ * with a <tt>null</tt> argument to determine whether access is permitted to
+ * menus without roles.
*
* @return true if the user is in one of the menu roles, or false otherwise
* @throws IllegalStateException if the menu accessController is not defined
@@ -875,11 +880,16 @@ public class Menu extends AbstractContro
HttpServletRequest request = getContext().getRequest();
- for (int i = 0, size = getRoles().size(); i < size; i++) {
- String rolename = getRoles().get(i);
- if (getAccessController().hasAccess(request, rolename)) {
- return true;
+ if (hasRoles()) {
+ for (int i = 0, size = getRoles().size(); i < size; i++) {
+ String rolename = getRoles().get(i);
+ if (getAccessController().hasAccess(request, rolename)) {
+ return true;
+ }
}
+ } else {
+ // Check access for menus without roles. CLK-724
+ return getAccessController().hasAccess(request, null);
}
return false;
@@ -1290,11 +1300,7 @@ public class Menu extends AbstractContro
*/
protected boolean canRender(Menu menu, int depth) {
// TODO add and check visible property
- if (menu.hasRoles()) {
- return menu.isUserInRoles();
- } else {
- return true;
- }
+ return menu.isUserInRoles();
}
/**
Modified: click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java (original)
+++ click/trunk/click/extras/src/org/apache/click/extras/security/AccessController.java Sun Nov 14 11:47:38 2010
@@ -30,6 +30,10 @@ public interface AccessController {
/**
* Return true if the user request has access to the specified security
* resource (role, permission, authority).
+ * <p/>
+ * <b>Please note:</b> this method must cater for a <tt>null</tt> resource
+ * argument. The given resource can be <tt>null</tt> for anonymous or public
+ * resources and allows this implementation to allow or deny access.
*
* @param request the user request
* @param resource the security resource (role, permission, authority)
Modified: click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java (original)
+++ click/trunk/click/extras/src/org/apache/click/extras/security/RoleAccessController.java Sun Nov 14 11:47:38 2010
@@ -31,6 +31,9 @@ public class RoleAccessController implem
/**
* Return true if the user is in the specified security access role.
+ * <p/>
+ * <b>Please note:</b> if role is <tt>null</tt> this method returns true,
+ * meaning user has access to resources without roles defined.
*
* @see AccessController#hasAccess(HttpServletRequest, String)
*
@@ -39,7 +42,11 @@ public class RoleAccessController implem
* @return true if the user is in the specified role
*/
public boolean hasAccess(HttpServletRequest request, String role) {
- return request.isUserInRole(role);
+ if (role == null) {
+ return true;
+ } else {
+ return request.isUserInRole(role);
+ }
}
}
Modified: click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java?rev=1034985&r1=1034984&r2=1034985&view=diff
==============================================================================
--- click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java (original)
+++ click/trunk/click/extras/test/org/apache/click/extras/control/MenuTest.java Sun Nov 14 11:47:38 2010
@@ -18,9 +18,13 @@
*/
package org.apache.click.extras.control;
+import java.util.Collections;
import junit.framework.TestCase;
import org.apache.click.MockContext;
import org.apache.click.Page;
+import org.apache.click.extras.security.RoleAccessController;
+import org.apache.click.servlet.MockPrincipal;
+import org.apache.click.servlet.MockRequest;
public class MenuTest extends TestCase {
@@ -57,6 +61,44 @@ public class MenuTest extends TestCase {
assertEquals("Root Title", menu.getTitle());
}
+ /**
+ * Check that menu without any roles defined (it's public) can be viewed by
+ * the user.
+ *
+ * CLK-724
+ */
+ public void testAccessForMenuWithoutRoles() {
+ // Setup
+ Menu menu = new Menu("menu");
+ RoleAccessController controller = new RoleAccessController();
+ menu.setAccessController(controller);
+
+ MockRequest request = new MockRequest();
+ String role = "userRole";
+ MockPrincipal principal = new MockPrincipal("bob", role);
+ request.setUserPrincipal(principal);
+
+ // Perform tests
+ assertTrue(menu.isUserInRoles());
+ }
+
+ public void testAccessForMenu() {
+ // Setup
+ Menu menu = new Menu("menu");
+ String role = "userRole";
+ menu.setRoles(Collections.singletonList(role));
+
+ RoleAccessController controller = new RoleAccessController();
+ menu.setAccessController(controller);
+
+ MockContext context = MockContext.initContext();
+ MockPrincipal principal = new MockPrincipal("bob", role);
+ context.getMockRequest().setUserPrincipal(principal);
+
+ // Perform tests
+ assertTrue(menu.isUserInRoles());
+ }
+
public class MyMenu extends Menu {
private static final long serialVersionUID = 1L;
Added: click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java
URL: http://svn.apache.org/viewvc/click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java?rev=1034985&view=auto
==============================================================================
--- click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java (added)
+++ click/trunk/click/extras/test/org/apache/click/extras/security/RoleAccessControllerTest.java Sun Nov 14 11:47:38 2010
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.click.extras.security;
+
+import junit.framework.TestCase;
+import org.apache.click.servlet.MockPrincipal;
+import org.apache.click.servlet.MockRequest;
+
+/**
+ * Provides tests for RoleAccessController.
+ */
+public class RoleAccessControllerTest extends TestCase {
+
+ /**
+ * Sanity test for hasAccess.
+ */
+ public void testHasAccess() {
+ // Setup
+ RoleAccessController controller = new RoleAccessController();
+ MockRequest request = new MockRequest();
+ String role = "userRole";
+ MockPrincipal principal = new MockPrincipal("bob", role);
+ request.setUserPrincipal(principal);
+
+ // Perform tests
+ assertTrue(controller.hasAccess(request, role));
+ }
+
+ /**
+ * Check that hasAccess handles and null roles and allows access by default.
+ *
+ * CLK-724
+ */
+ public void testNullRoles() {
+ // Setup
+ RoleAccessController controller = new RoleAccessController();
+ MockRequest request = new MockRequest();
+ String role = "userRole";
+ MockPrincipal principal = new MockPrincipal("bob", role);
+ request.setUserPrincipal(principal);
+
+ role = null;
+
+ // Perform tests
+ assertTrue(controller.hasAccess(request, role));
+ }
+}