From 7a4a46cc7b2bb19dcee7ac181778e676f185f4f2 Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Fri, 3 Dec 2004 06:41:48 +0000 Subject: [PATCH] General refactoring of taglibs. --- .../acegisecurity/taglibs/authz/AclTag.java | 192 ++++++++---------- .../taglibs/authz/AuthenticationTag.java | 24 +-- 2 files changed, 100 insertions(+), 116 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/taglibs/authz/AclTag.java b/core/src/main/java/org/acegisecurity/taglibs/authz/AclTag.java index bedb19cefe..88a3663078 100644 --- a/core/src/main/java/org/acegisecurity/taglibs/authz/AclTag.java +++ b/core/src/main/java/org/acegisecurity/taglibs/authz/AclTag.java @@ -37,6 +37,7 @@ import java.util.StringTokenizer; import javax.servlet.ServletContext; import javax.servlet.jsp.JspException; +import javax.servlet.jsp.PageContext; import javax.servlet.jsp.tagext.Tag; import javax.servlet.jsp.tagext.TagSupport; @@ -106,130 +107,113 @@ public class AclTag extends TagSupport { final String evaledPermissionsString = ExpressionEvaluationUtils .evaluateString("hasPermission", hasPermission, pageContext); - if ((null != evaledPermissionsString) - && !"".equals(evaledPermissionsString)) { - Integer[] requiredIntegers = null; + Integer[] requiredIntegers = null; - try { - requiredIntegers = parseIntegersString(evaledPermissionsString); - } catch (NumberFormatException nfe) { - throw new JspException(nfe); - } + try { + requiredIntegers = parseIntegersString(evaledPermissionsString); + } catch (NumberFormatException nfe) { + throw new JspException(nfe); + } - if (requiredIntegers.length == 0) { - throw new JspException( - "A comma separate list of integers representing authorised permissions was NOT provided via the 'hasPermission' attribute"); - } + Object resolvedDomainObject = null; - Object resolvedDomainObject = null; - - if (domainObject instanceof String) { - resolvedDomainObject = ExpressionEvaluationUtils.evaluate("domainObject", - (String) domainObject, Object.class, pageContext); - } else { - resolvedDomainObject = domainObject; - } - - if (resolvedDomainObject == null) { - if (logger.isDebugEnabled()) { - logger.debug( - "domainObject resolved to null, so including tag body"); - } - - // Of course they have access to a null object! - return Tag.EVAL_BODY_INCLUDE; - } - - if ((ContextHolder.getContext() == null) - || !(ContextHolder.getContext() instanceof SecureContext) - || (((SecureContext) ContextHolder.getContext()) - .getAuthentication() == null)) { - if (logger.isDebugEnabled()) { - logger.debug( - "ContextHolder did not return a non-null Authentication object, so skipping tag body"); - } - - return Tag.SKIP_BODY; - } - - Authentication auth = ((SecureContext) ContextHolder.getContext()) - .getAuthentication(); - - ApplicationContext context = getContext(pageContext - .getServletContext()); - - if (context == null) { - throw new JspException( - "applicationContext unavailable from servlet context"); - } - - Map beans = context.getBeansOfType(AclManager.class, false, false); - - if (beans.size() == 0) { - throw new JspException( - "No AclManager would found the application context: " - + context.toString()); - } - - String beanName = (String) beans.keySet().iterator().next(); - AclManager aclManager = (AclManager) context.getBean(beanName); - - // Obtain aclEntrys applying to the current Authentication object - AclEntry[] acls = aclManager.getAcls(resolvedDomainObject, auth); + if (domainObject instanceof String) { + resolvedDomainObject = ExpressionEvaluationUtils.evaluate("domainObject", + (String) domainObject, Object.class, pageContext); + } else { + resolvedDomainObject = domainObject; + } + if (resolvedDomainObject == null) { if (logger.isDebugEnabled()) { - logger.debug("Authentication: '" + auth + "' has: " - + ((acls == null) ? 0 : acls.length) - + " AclEntrys for domain object: '" + resolvedDomainObject - + "' from AclManager: '" + aclManager.toString() + "'"); + logger.debug( + "domainObject resolved to null, so including tag body"); } - if ((acls == null) || (acls.length == 0)) { - return Tag.SKIP_BODY; - } - - for (int i = 0; i < acls.length; i++) { - // Locate processable AclEntrys - if (acls[i] instanceof AbstractBasicAclEntry) { - AbstractBasicAclEntry processableAcl = (AbstractBasicAclEntry) acls[i]; - - // See if principal has any of the required permissions - for (int y = 0; y < requiredIntegers.length; y++) { - if (processableAcl.isPermitted( - requiredIntegers[y].intValue())) { - if (logger.isDebugEnabled()) { - logger.debug( - "Including tag body as found permission: " - + requiredIntegers[y] - + " due to AclEntry: '" + processableAcl - + "'"); - } - - return Tag.EVAL_BODY_INCLUDE; - } - } - } - } + // Of course they have access to a null object! + return Tag.EVAL_BODY_INCLUDE; + } + if ((ContextHolder.getContext() == null) + || !(ContextHolder.getContext() instanceof SecureContext) + || (((SecureContext) ContextHolder.getContext()).getAuthentication() == null)) { if (logger.isDebugEnabled()) { - logger.debug("No permission, so skipping tag body"); + logger.debug( + "ContextHolder did not return a non-null Authentication object, so skipping tag body"); } return Tag.SKIP_BODY; - } else { - throw new JspException("Unsupported use of auth:acl tag"); } + + Authentication auth = ((SecureContext) ContextHolder.getContext()) + .getAuthentication(); + + ApplicationContext context = getContext(pageContext); + Map beans = context.getBeansOfType(AclManager.class, false, false); + + if (beans.size() == 0) { + throw new JspException( + "No AclManager would found the application context: " + + context.toString()); + } + + String beanName = (String) beans.keySet().iterator().next(); + AclManager aclManager = (AclManager) context.getBean(beanName); + + // Obtain aclEntrys applying to the current Authentication object + AclEntry[] acls = aclManager.getAcls(resolvedDomainObject, auth); + + if (logger.isDebugEnabled()) { + logger.debug("Authentication: '" + auth + "' has: " + + ((acls == null) ? 0 : acls.length) + + " AclEntrys for domain object: '" + resolvedDomainObject + + "' from AclManager: '" + aclManager.toString() + "'"); + } + + if ((acls == null) || (acls.length == 0)) { + return Tag.SKIP_BODY; + } + + for (int i = 0; i < acls.length; i++) { + // Locate processable AclEntrys + if (acls[i] instanceof AbstractBasicAclEntry) { + AbstractBasicAclEntry processableAcl = (AbstractBasicAclEntry) acls[i]; + + // See if principal has any of the required permissions + for (int y = 0; y < requiredIntegers.length; y++) { + if (processableAcl.isPermitted( + requiredIntegers[y].intValue())) { + if (logger.isDebugEnabled()) { + logger.debug( + "Including tag body as found permission: " + + requiredIntegers[y] + " due to AclEntry: '" + + processableAcl + "'"); + } + + return Tag.EVAL_BODY_INCLUDE; + } + } + } + } + + if (logger.isDebugEnabled()) { + logger.debug("No permission, so skipping tag body"); + } + + return Tag.SKIP_BODY; } /** * Allows test cases to override where application context obtained from. * - * @param servletContext as required by Spring's - * WebApplicationContextUtils + * @param pageContext so the ServletContext can be accessed as + * required by Spring's WebApplicationContextUtils * - * @return the Spring application context + * @return the Spring application context (never null) */ - protected ApplicationContext getContext(ServletContext servletContext) { + protected ApplicationContext getContext(PageContext pageContext) { + ServletContext servletContext = pageContext.getServletContext(); + return WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext); } diff --git a/core/src/main/java/org/acegisecurity/taglibs/authz/AuthenticationTag.java b/core/src/main/java/org/acegisecurity/taglibs/authz/AuthenticationTag.java index e361835ed2..0f0effc8ee 100644 --- a/core/src/main/java/org/acegisecurity/taglibs/authz/AuthenticationTag.java +++ b/core/src/main/java/org/acegisecurity/taglibs/authz/AuthenticationTag.java @@ -66,6 +66,10 @@ public class AuthenticationTag extends TagSupport { return Tag.SKIP_BODY; } + if (!OPERATION_PRINCIPAL.equalsIgnoreCase(operation)) { + throw new JspException("Unsupported use of auth:authentication tag"); + } + if ((ContextHolder.getContext() == null) || !(ContextHolder.getContext() instanceof SecureContext) || (((SecureContext) ContextHolder.getContext()).getAuthentication() == null)) { @@ -75,20 +79,16 @@ public class AuthenticationTag extends TagSupport { Authentication auth = ((SecureContext) ContextHolder.getContext()) .getAuthentication(); - if (OPERATION_PRINCIPAL.equalsIgnoreCase(operation)) { - if (auth.getPrincipal() == null) { - return Tag.SKIP_BODY; - } else if (auth.getPrincipal() instanceof UserDetails) { - writeMessage(((UserDetails) auth.getPrincipal()).getUsername()); + if (auth.getPrincipal() == null) { + return Tag.SKIP_BODY; + } else if (auth.getPrincipal() instanceof UserDetails) { + writeMessage(((UserDetails) auth.getPrincipal()).getUsername()); - return Tag.SKIP_BODY; - } else { - writeMessage(auth.getPrincipal().toString()); - - return Tag.SKIP_BODY; - } + return Tag.SKIP_BODY; } else { - throw new JspException("Unsupported use of auth:athentication tag"); + writeMessage(auth.getPrincipal().toString()); + + return Tag.SKIP_BODY; } }