You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wookie.apache.org by sc...@apache.org on 2010/03/25 10:53:01 UTC
svn commit: r927320 - in /incubator/wookie/trunk: WebContent/WEB-INF/
WebContent/admin/ src-tests/org/apache/wookie/tests/functional/
src/org/apache/wookie/controller/ src/org/apache/wookie/helpers/
Author: scottbw
Date: Thu Mar 25 09:53:00 2010
New Revision: 927320
URL: http://svn.apache.org/viewvc?rev=927320&view=rev
Log:
Added an admin web interface for granting and revoking Widget Access Request Policies and linked it to the main admin page. Functionality is implemented with a web API rather than built directly into an admin servlet to enable development of remote admin client tools. See WOOKIE-85 and WOOKIE-122 for more information.
Added:
incubator/wookie/trunk/WebContent/admin/warp.jsp
incubator/wookie/trunk/src-tests/org/apache/wookie/tests/functional/WidgetAccessRequestPolicyControllerTest.java
incubator/wookie/trunk/src/org/apache/wookie/controller/WidgetAccessRequestPolicyController.java
incubator/wookie/trunk/src/org/apache/wookie/helpers/AccessRequestHelper.java
Modified:
incubator/wookie/trunk/WebContent/WEB-INF/web.xml
incubator/wookie/trunk/WebContent/admin/index.jsp
incubator/wookie/trunk/src/org/apache/wookie/controller/Controller.java
Modified: incubator/wookie/trunk/WebContent/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/WEB-INF/web.xml?rev=927320&r1=927319&r2=927320&view=diff
==============================================================================
--- incubator/wookie/trunk/WebContent/WEB-INF/web.xml (original)
+++ incubator/wookie/trunk/WebContent/WEB-INF/web.xml Thu Mar 25 09:53:00 2010
@@ -141,6 +141,20 @@
<servlet-name>WidgetServiceController</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping>
+
+ <servlet>
+ <description></description>
+ <display-name>WidgetAccessRequestPolicies</display-name>
+ <servlet-name>WidgetAccessRequestPolicyController</servlet-name>
+ <servlet-class>
+ org.apache.wookie.controller.WidgetAccessRequestPolicyController
+ </servlet-class>
+ <load-on-startup>2</load-on-startup>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>WidgetAccessRequestPolicyController</servlet-name>
+ <url-pattern>/warp/*</url-pattern>
+ </servlet-mapping>
<servlet>
<description></description>
@@ -270,6 +284,19 @@
<role-name>widgetadmin</role-name>
</auth-constraint>
</security-constraint>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>WidgetAccessRequestPolicyController</web-resource-name>
+ <url-pattern>/warp/*</url-pattern>
+ <http-method>GET</http-method>
+ <http-method>DELETE</http-method>
+ <http-method>PUT</http-method>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>widgetadmin</role-name>
+ </auth-constraint>
+ </security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
Modified: incubator/wookie/trunk/WebContent/admin/index.jsp
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/admin/index.jsp?rev=927320&r1=927319&r2=927320&view=diff
==============================================================================
--- incubator/wookie/trunk/WebContent/admin/index.jsp (original)
+++ incubator/wookie/trunk/WebContent/admin/index.jsp Thu Mar 25 09:53:00 2010
@@ -217,6 +217,23 @@ if (version == null){
<b class="r3"></b>
<b class="r4"></b>
</b>
+ <div class="adminLayerDetail"><a href="warp.jsp" class="hypercolour"><img src="../shared/images/view_1.gif" width="16" height="16" border="0"> Manage widget access request policies</a></div>
+ <b class="rbottom">
+ <b class="r4"></b>
+ <b class="r3"></b>
+ <b class="r2"></b>
+ <b class="r1"></b>
+ </b>
+ </div>
+
+ <div id="spacer"></div>
+ <div id="nifty">
+ <b class="rtop">
+ <b class="r1"></b>
+ <b class="r2"></b>
+ <b class="r3"></b>
+ <b class="r4"></b>
+ </b>
<div class="adminLayerDetail"><a href="WidgetAdminServlet?operation=VIEWWHITELIST¶m=list" class="hypercolour"><img src="../shared/images/view_1.gif" width="16" height="16" border="0"> View white list</a></div>
<b class="rbottom">
<b class="r4"></b>
Added: incubator/wookie/trunk/WebContent/admin/warp.jsp
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/admin/warp.jsp?rev=927320&view=auto
==============================================================================
--- incubator/wookie/trunk/WebContent/admin/warp.jsp (added)
+++ incubator/wookie/trunk/WebContent/admin/warp.jsp Thu Mar 25 09:53:00 2010
@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+<%--
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+--%>
+<html>
+<head>
+<title>Widget Access Request Policies</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+ <link type="text/css" href="/wookie/shared/js/jquery/themes/redmond/jquery-ui-1.7.1.custom.css" rel="stylesheet" />
+ <link type="text/css" href="../layout.css" rel="stylesheet" />
+ <script type="text/javascript" src="/wookie/shared/js/jquery/jquery-1.3.2.min.js"></script>
+ <script type="text/javascript" src="/wookie/shared/js/jquery/jquery-ui-1.7.custom.min.js"></script>
+</head>
+<script>
+ function grant(id){
+ $.ajax({
+ type: "PUT",
+ url: '../warp/'+id+'?granted=true',
+ datatype:'json',
+ success: function(msg) {
+ refresh();
+ }
+ });
+ }
+ function revoke(id){
+ $.ajax({
+ type: "PUT",
+ url: '../warp/'+id+'?granted=false',
+ datatype:'html',
+ success: function(msg) {
+ refresh();
+ }
+ });
+ }
+ function refresh(){
+ $.get("../warp",
+ function(data){
+ $("#table").html(data);
+ });
+ }
+</script>
+<body onload="refresh()">
+ <div id="header">
+ <div id="banner">
+ <div style="float:left;">
+ <img style="margin: 8 8px;" border="0" src="../shared/images/furry_white.png">
+ </div>
+ <div id="menu"><a class="menulink" href="index.jsp">menu <img border="0" src="../shared/images/book.gif"></a> </div>
+ </div>
+ <div id="pagetitle">
+ <h3>Widget Access Request Policies</h3>
+ </div>
+ <!-- END HEADER -->
+ </div>
+
+ <div id="content">
+ <p>Here you can view, grant and revoke widget access request policies.</p>
+ <br>
+ <div id="table"></table>
+ </div>
+
+<div id="footer">
+ <div style="text-align:right"><a class="menulink" href="index.jsp">menu <img border="0" src="../shared/images/book.gif"></a> </div>
+</div>
+</body>
+</html>
+</body>
+</html>
\ No newline at end of file
Added: incubator/wookie/trunk/src-tests/org/apache/wookie/tests/functional/WidgetAccessRequestPolicyControllerTest.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src-tests/org/apache/wookie/tests/functional/WidgetAccessRequestPolicyControllerTest.java?rev=927320&view=auto
==============================================================================
--- incubator/wookie/trunk/src-tests/org/apache/wookie/tests/functional/WidgetAccessRequestPolicyControllerTest.java (added)
+++ incubator/wookie/trunk/src-tests/org/apache/wookie/tests/functional/WidgetAccessRequestPolicyControllerTest.java Thu Mar 25 09:53:00 2010
@@ -0,0 +1,236 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.wookie.tests.functional;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import java.io.InputStream;
+import java.util.List;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.methods.DeleteMethod;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.httpclient.methods.PutMethod;
+import org.jdom.DataConversionException;
+import org.jdom.Document;
+import org.jdom.Element;
+import org.jdom.input.SAXBuilder;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class WidgetAccessRequestPolicyControllerTest extends AbstractControllerTest {
+
+ protected static final String TEST_WARP_SERVICE_URL_VALID = TEST_SERVER_LOCATION+"warp";
+
+ private static String id; // policy id
+
+ @BeforeClass
+ public static void setup(){
+ try {
+ HttpClient client = new HttpClient();
+ setAuthenticationCredentials(client);
+ PostMethod post = new PostMethod(TEST_WARP_SERVICE_URL_VALID);
+ post.addParameter("widgetId", "1");
+ post.addParameter("subdomains", "true");
+ post.addParameter("origin", "http://www.9128.org");
+ post.setDoAuthentication(true);
+ client.executeMethod(post);
+ int code = post.getStatusCode();
+ assertEquals(201,code);
+ post.releaseConnection();
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("post failed");
+ }
+ // Now lets GET it to make sure it was added OK
+ Element[] policies = getPolicies();
+ for (Element policy:policies){
+ if (policy.getAttribute("origin").getValue().equals("http://www.9128.org")){
+ id = policy.getAttributeValue("id");
+ }
+ }
+ }
+
+ @Test
+ public void addPolicy(){
+ // To test adding policies works, we just need to check that the pre-test created one OK
+ assertTrue(id != null);
+ }
+
+ @Test
+ public void grantPolicy(){
+ try {
+ HttpClient client = new HttpClient();
+ setAuthenticationCredentials(client);
+ PutMethod put = new PutMethod(TEST_WARP_SERVICE_URL_VALID+"/"+id+"?granted=true");
+ put.setDoAuthentication(true);
+ client.executeMethod(put);
+ int code = put.getStatusCode();
+ assertEquals(200,code);
+ put.releaseConnection();
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("put failed");
+ }
+ // Now lets GET it to make sure it was modded OK
+ Element[] policies = getPolicies();
+ for (Element policy:policies){
+ if (policy.getAttribute("origin").getValue().equals("http://www.9128.org")){
+ try {
+ assertTrue(policy.getAttribute("granted").getBooleanValue());
+ } catch (DataConversionException e) {
+ e.printStackTrace();
+ fail("bad return value for granted");
+ }
+ }
+ }
+ }
+
+ @Test
+ public void revokePolicy(){
+ try {
+ HttpClient client = new HttpClient();
+ setAuthenticationCredentials(client);
+ PutMethod put = new PutMethod(TEST_WARP_SERVICE_URL_VALID+"/"+id+"?granted=false");
+ put.setDoAuthentication(true);
+ client.executeMethod(put);
+ int code = put.getStatusCode();
+ assertEquals(200,code);
+ put.releaseConnection();
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("put failed");
+ }
+ // Now lets GET it to make sure it was modded OK
+ Element[] policies = getPolicies();
+ for (Element policy:policies){
+ if (policy.getAttribute("origin").getValue().equals("http://www.9128.org")){
+ try {
+ assertFalse(policy.getAttribute("granted").getBooleanValue());
+ } catch (DataConversionException e) {
+ e.printStackTrace();
+ fail("bad return value for granted");
+ }
+ }
+ }
+ }
+
+ @Test
+ public void deletePolicy(){
+ try {
+ HttpClient client = new HttpClient();
+ setAuthenticationCredentials(client);
+ DeleteMethod del = new DeleteMethod(TEST_WARP_SERVICE_URL_VALID+"/"+id);
+ del.setDoAuthentication(true);
+ client.executeMethod(del);
+ int code = del.getStatusCode();
+ assertEquals(200,code);
+ del.releaseConnection();
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("put failed");
+ }
+ // Now lets make sure it was deleted OK
+ Element[] policies = getPolicies();
+ for (Element policy:policies){
+ if (policy.getAttribute("id").getValue().equals(id)){
+ fail("Policy was not deleted");
+ }
+ }
+ }
+
+ @Test
+ public void testGrantNonExistingPolicy(){
+ try {
+ HttpClient client = new HttpClient();
+ setAuthenticationCredentials(client);
+ PutMethod put = new PutMethod(TEST_WARP_SERVICE_URL_VALID+"/9999?granted=true");
+ put.setDoAuthentication(true);
+ client.executeMethod(put);
+ int code = put.getStatusCode();
+ assertEquals(404,code);
+ put.releaseConnection();
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("put failed");
+ }
+ }
+
+ @Test
+ public void testGetWithoutAuthentication(){
+ try {
+ HttpClient client = new HttpClient();
+ GetMethod get = new GetMethod(TEST_WARP_SERVICE_URL_VALID);
+ get.addRequestHeader("content-type", "text/xml");
+ client.executeMethod(get);
+ int code = get.getStatusCode();
+ assertEquals(401,code);
+ get.releaseConnection();
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("get failed");
+ }
+ }
+
+ //// Helpers
+
+ private static Element[] getPolicies(){
+ try {
+ HttpClient client = new HttpClient();
+ setAuthenticationCredentials(client);
+ GetMethod get = new GetMethod(TEST_WARP_SERVICE_URL_VALID);
+ get.setDoAuthentication(true);
+ get.addRequestHeader("content-type", "text/xml");
+ client.executeMethod(get);
+ int code = get.getStatusCode();
+ assertEquals(200,code);
+ InputStream stream = get.getResponseBodyAsStream();
+ Element[] response = getPolicies(stream);
+ get.releaseConnection();
+ return response;
+ }
+ catch (Exception e) {
+ e.printStackTrace();
+ fail("get failed");
+ return null;
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ private static Element[] getPolicies(InputStream response){
+ try {
+ SAXBuilder builder = new SAXBuilder();
+ Document doc = builder.build(response);
+ List policies = doc.getRootElement().getChildren("policy");
+ if (policies != null){
+ return (Element[])policies.toArray(new Element[policies.size()]);
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ fail("Bad XML returned by server");
+ }
+ return null;
+ }
+
+}
Modified: incubator/wookie/trunk/src/org/apache/wookie/controller/Controller.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/controller/Controller.java?rev=927320&r1=927319&r2=927320&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/controller/Controller.java (original)
+++ incubator/wookie/trunk/src/org/apache/wookie/controller/Controller.java Thu Mar 25 09:53:00 2010
@@ -30,8 +30,6 @@ import org.apache.wookie.exceptions.Unau
/**
* Base class of RESTful controllers with common utility methods
- * @author Scott Wilson
- *
*/
public abstract class Controller extends HttpServlet{
@@ -41,7 +39,17 @@ public abstract class Controller extends
* Content type for XML output
*/
protected final String XML_CONTENT_TYPE = "text/xml;charset=\"UTF-8\"";
+
+ /**
+ * Content type for JSON output
+ */
+ protected final String JSON_CONTENT_TYPE = "application/json;charset=\"UTF-8\"";
+ /**
+ * Content type for HTML output
+ */
+ protected final String HTML_CONTENT_TYPE = "text/html;charset=\"UTF-8\"";
+
/* (non-Javadoc)
* @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@@ -246,6 +254,18 @@ public abstract class Controller extends
}
/**
+ * Send HTML back to client
+ * @param html
+ * @param response
+ * @throws IOException
+ */
+ protected void returnHtml(String html, HttpServletResponse response) throws IOException{
+ response.setContentType(HTML_CONTENT_TYPE);
+ PrintWriter out = response.getWriter();
+ out.println(html);
+ }
+
+ /**
* Get any localization parameters for the request. Currently this
* only accepts a single locale rather than a list, support for
* lists of preferred locales could be added later, for example
@@ -258,6 +278,26 @@ public abstract class Controller extends
if (locale == null) return null;
return new String[]{locale};
}
+
+ protected static final int XML = 0;
+ protected static final int HTML = 1;
+ protected static final int JSON = 2;
+
+ /**
+ * Returns an int value for the content-type of a request; this
+ * can be used to create a switch statement that
+ * returns different representations based on the
+ * request content-type. If no content-type is present in the
+ * request, this method will return HTML (1)
+ */
+ protected int format(HttpServletRequest request){
+ if (request.getContentType() == null) return HTML;
+ if (request.getContentType().contains("xml"))
+ return XML;
+ if (request.getContentType().contains("json"))
+ return JSON;
+ return HTML;
+ }
}
Added: incubator/wookie/trunk/src/org/apache/wookie/controller/WidgetAccessRequestPolicyController.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/controller/WidgetAccessRequestPolicyController.java?rev=927320&view=auto
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/controller/WidgetAccessRequestPolicyController.java (added)
+++ incubator/wookie/trunk/src/org/apache/wookie/controller/WidgetAccessRequestPolicyController.java Thu Mar 25 09:53:00 2010
@@ -0,0 +1,149 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.wookie.controller;
+
+import java.io.IOException;
+import java.net.URI;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.wookie.beans.AccessRequest;
+import org.apache.wookie.beans.Widget;
+import org.apache.wookie.exceptions.InvalidParametersException;
+import org.apache.wookie.exceptions.ResourceDuplicationException;
+import org.apache.wookie.exceptions.ResourceNotFoundException;
+import org.apache.wookie.exceptions.UnauthorizedAccessException;
+import org.apache.wookie.helpers.AccessRequestHelper;
+import org.apache.wookie.w3c.util.IRIValidator;
+
+/**
+ * Controller for working with widget access request policies (WARP)
+ */
+public class WidgetAccessRequestPolicyController extends Controller {
+
+ private static final long serialVersionUID = 6926162644101308215L;
+
+ @Override
+ protected void index(HttpServletRequest request,
+ HttpServletResponse response) throws UnauthorizedAccessException,
+ IOException {
+
+ AccessRequest[] accessRequests = null;
+
+ String widgetId = request.getParameter("widgetId");
+ if (widgetId == null){
+ accessRequests = AccessRequest.findAll();
+ }
+ if (widgetId != null && widgetId.trim().length()>0){
+ // Filter by widgetId
+ Widget widget = Widget.findById(widgetId);
+ if (widget != null) accessRequests = AccessRequest.findByValue("widget",widget);
+ }
+
+ switch (format(request)) {
+ case XML: returnXml(AccessRequestHelper.createXMLAccessRequestDocument(accessRequests),response);break;
+ case HTML: returnHtml(AccessRequestHelper.createAccessRequestHTMLTable(accessRequests),response);break;
+ }
+ }
+
+ @Override
+ protected void show(String resourceId, HttpServletRequest request,
+ HttpServletResponse response) throws ResourceNotFoundException,
+ UnauthorizedAccessException, IOException {
+ AccessRequest ar = AccessRequest.findById(Integer.valueOf(resourceId));
+ if (ar == null) throw new ResourceNotFoundException();
+
+ switch (format(request)) {
+ case XML: returnXml(AccessRequestHelper.createXMLAccessRequestDocument(new AccessRequest[]{ar}),response);break;
+ case HTML: returnHtml(AccessRequestHelper.createAccessRequestHTMLTable(new AccessRequest[]{ar}),response);break;
+ }
+ }
+
+ @Override
+ protected void update(String resourceId, HttpServletRequest request)
+ throws ResourceNotFoundException, InvalidParametersException,
+ UnauthorizedAccessException {
+ AccessRequest ar = AccessRequest.findById(Integer.valueOf(resourceId));
+ if (ar == null) throw new ResourceNotFoundException();
+ String granted = request.getParameter("granted");
+ if (granted == null) throw new InvalidParametersException();
+ if (!granted.equals("true") && !granted.equals("false")) throw new InvalidParametersException();
+ if (granted.equals("true")) grantAccess(ar);
+ if (granted.equals("false")) revokeAccess(ar);
+ }
+
+ @Override
+ protected boolean create(String resourceId, HttpServletRequest request)
+ throws ResourceDuplicationException, InvalidParametersException,
+ UnauthorizedAccessException {
+
+ // FIXME check for duplicate policies before adding
+
+ String origin;
+ try {
+ origin = checkOrigin(request.getParameter("origin"));
+ } catch (Exception e) {
+ throw new InvalidParametersException();
+ }
+
+ String subdomains = request.getParameter("subdomains");
+
+ String widgetId = request.getParameter("widgetId");
+ Widget widget = Widget.findById(Integer.valueOf(widgetId));
+ if (widget == null) throw new InvalidParametersException();
+
+ AccessRequest ar = new AccessRequest();
+ ar.setOrigin(origin);
+ if (subdomains.equals("true")) ar.setSubdomains(true);
+ ar.setGranted(false);
+ ar.setWidget(widget);
+ return ar.save();
+ }
+
+ @Override
+ protected boolean remove(String resourceId, HttpServletRequest request)
+ throws ResourceNotFoundException, UnauthorizedAccessException,
+ InvalidParametersException {
+ AccessRequest ar = AccessRequest.findById(Integer.valueOf(resourceId));
+ if (ar == null) throw new ResourceNotFoundException();
+ return ar.delete();
+ }
+
+ private void grantAccess(AccessRequest ar){
+ ar.setGranted(true);
+ ar.save();
+ }
+
+ private void revokeAccess(AccessRequest ar){
+ ar.setGranted(false);
+ ar.save();
+ }
+
+ /**
+ * Checks whether a supplied origin parameter is valid, and returns the processed result
+ * @param origin
+ * @return a processed origin with extraneous elements removed
+ * @throws Exception if the origin is not valid
+ */
+ private String checkOrigin(String origin) throws Exception{
+ if (origin.equals("*")) return origin;
+ if (!IRIValidator.isValidIRI(origin)) throw new Exception("origin is not a valid IRI");
+ URI uri = new URI(origin);
+ if (uri.getHost() == null) throw new Exception("origin has no host");
+ if (uri.getUserInfo()!=null) throw new Exception("origin has userinfo");
+ URI processedURI = new URI(uri.getScheme(),null,uri.getHost(),uri.getPort(),null,null,null);
+ return processedURI.toString();
+ }
+}
Added: incubator/wookie/trunk/src/org/apache/wookie/helpers/AccessRequestHelper.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/helpers/AccessRequestHelper.java?rev=927320&view=auto
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/helpers/AccessRequestHelper.java (added)
+++ incubator/wookie/trunk/src/org/apache/wookie/helpers/AccessRequestHelper.java Thu Mar 25 09:53:00 2010
@@ -0,0 +1,92 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.wookie.helpers;
+
+import org.apache.wookie.beans.AccessRequest;
+
+/**
+ * Helper for rendering Widget Access Request Policies (WARP)
+ */
+public class AccessRequestHelper {
+
+ private static final String XMLDECLARATION = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
+
+ /**
+ * Creates an XML return document
+ * @param accessRequests
+ * @return
+ */
+ public static String createXMLAccessRequestDocument(AccessRequest[] accessRequests){
+ String document = XMLDECLARATION;
+ document += "\n<policies>\n";
+ for (AccessRequest ar:accessRequests){
+ document += toXml(ar);
+ }
+ document += "</policies>\n";
+ return document;
+ }
+
+ /**
+ * Creates a HTML table with controls
+ * @param accessRequests
+ * @return
+ */
+ public static String createAccessRequestHTMLTable(AccessRequest[] accessRequests){
+ String document = "<table width=\"500\" class=\"ui-widget ui-widget-content\" align=\"center\">\n";
+ document+= "<tr class=\"ui-widget-header\"><td colspan=\"5\">Policies</td></tr> ";
+ for (AccessRequest ar:accessRequests){
+ document += toHtml(ar);
+ }
+ document += "</table>\n";
+ return document;
+ }
+
+ private static String toXml(AccessRequest ar){
+ String xml = "\t<policy ";
+ xml += "id=\""+ar.getId()+"\" ";
+ xml += "widget=\""+ar.getWidget().getId()+"\" ";
+ xml += "origin=\""+ar.getOrigin()+"\" ";
+ xml += "subdomains=\""+ar.isSubdomains()+"\" ";
+ if (ar.isGranted()) {
+ xml+= "granted=\"true\"";
+ } else {
+ xml+= "granted=\"false\"";
+ }
+ xml += "/>\n";
+ return xml;
+ }
+
+ public static String toHtml(AccessRequest ar){
+ String html = "";
+ if (ar.isGranted()){
+ html += "<tr style=\"background-color:#9FC\">";
+ }else{
+ html += "<tr>";
+ }
+ html += "<td>"+ar.getWidget().getWidgetTitle("en")+"</td>";
+ html += "<td>"+ar.getOrigin();
+ if (ar.isSubdomains())
+ html += " (and sub-domains)";
+ html += "</td>";
+ if (ar.isGranted()){
+ html+="<td><em>granted</em></td>";
+ html+="<td><input type=\"button\" name=\"Submit\" value=\"revoke\" onClick=\"revoke("+ar.getId()+")\" class=\"ui-button ui-state-default ui-corner-all\"></td>";
+ }else{
+ html+="<td><em>not granted</em></td>";
+ html+="<td><input type=\"button\" name=\"Submit\" value=\"grant\" onClick=\"grant("+ar.getId()+")\" class=\"ui-button ui-state-default ui-corner-all\"></td>";
+ }
+ html += "</tr>\n";
+ return html;
+ }
+}