portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jf...@apache.org
Subject cvs commit: jakarta-jetspeed/fusion/src/java/org/apache/jetspeed/fusion/engine/servlet FusionServletRequestImpl.java
Date Thu, 12 Aug 2004 12:52:37 GMT
jford       2004/08/12 05:52:36

  Added:       fusion/src/java/org/apache/jetspeed/fusion/engine/servlet
                        FusionServletRequestImpl.java
  Log:
  Initial implementation of the Fusion servlet request
  
  Revision  Changes    Path
  1.1                  jakarta-jetspeed/fusion/src/java/org/apache/jetspeed/fusion/engine/servlet/FusionServletRequestImpl.java
  
  Index: FusionServletRequestImpl.java
  ===================================================================
  /*
   * Copyright 2004 The Apache Software Foundation.
   * 
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   * 
   *      http://www.apache.org/licenses/LICENSE-2.0
   * 
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.fusion.engine.servlet;
  
  import java.util.Iterator;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  import org.apache.jetspeed.engine.servlet.ServletRequestImpl;
  import org.apache.jetspeed.services.JetspeedSecurity;
  import org.apache.jetspeed.services.security.JetspeedSecurityException;
  import org.apache.pluto.om.common.SecurityRole;
  import org.apache.pluto.om.common.SecurityRoleRef;
  import org.apache.pluto.om.common.SecurityRoleRefSet;
  import org.apache.pluto.om.common.SecurityRoleSet;
  import org.apache.pluto.om.portlet.PortletDefinition;
  import org.apache.pluto.om.window.PortletWindow;
  
  /**
   * @author <a href="mailto:jford@apache.org">Jeremy Ford</a>
   * @version $Id: FusionServletRequestImpl.java,v 1.1 2004/08/12 12:52:35 jford Exp $
   */
  public class FusionServletRequestImpl extends ServletRequestImpl
  {
      /** Logger */
      private static final Log log = LogFactory.getLog(FusionServletRequestImpl.class);
      
      private PortletWindow portletWindow;
  
      public FusionServletRequestImpl(javax.servlet.http.HttpServletRequest servletRequest,
PortletWindow window)
      {
          super(servletRequest, window);
          
          this.portletWindow = window;
      }
      
      /**
       * @see javax.servlet.http.HttpServletRequest#isUserInRole(java.lang.String)
       */
      public boolean isUserInRole(String roleName)
      {
          boolean result = false;
          
          if (roleName != null && roleName.length() > 0)
          {
              try
              {
                  result = JetspeedSecurity.hasRole(getRemoteUser(), roleName);
              }
              catch (JetspeedSecurityException e)
              {
                  log.error("Failed to find role " + roleName);
              }
              
              if(!result)
              {
  	            PortletDefinition portletDefinition = portletWindow.getPortletEntity().getPortletDefinition();
  	            SecurityRoleRefSet roleRefSet = portletDefinition.getInitSecurityRoleRefSet();
  	            SecurityRoleSet roleSet = portletDefinition.getPortletApplicationDefinition().getWebApplicationDefinition()
  	                    .getSecurityRoles();
  	
  	            Iterator roleRefIter = roleRefSet.iterator();
  	            while (roleRefIter.hasNext())
  	            {
  	                SecurityRoleRef roleRef = (SecurityRoleRef) roleRefIter.next();
  	                
  	                //find the matching security-role element based on role-name
  	                if (roleName.equals(roleRef.getRoleName()))
  	                {
  	                    String roleLinkName = roleRef.getRoleLink();
  	                    
  	                    //if the role-link doesn't exist, use the role-name
  	                    if (roleLinkName == null || roleLinkName.length() == 0)
  	                    {
  	                        roleLinkName = roleName;
  	                    }
  	                    
  	                    //what does this gain???
  	                    Iterator roleIter = roleSet.iterator();
  	                    while (roleIter.hasNext())
  	                    {
  	                        SecurityRole role = (SecurityRole) roleIter.next();
  	                        if (roleLinkName.equals(role.getRoleName()))
  	                        {
  	                            //fall back to J2's impl
  	                            //it will repeat this same code and then defer
  	                            //to HttpRequestWrapper.  The impl for this just checks
  	                            //the realm mapping
  	                            return super.isUserInRole(roleLinkName);
  	                        }
  	                    }
  	                }
  	            }
              }
              
              if(!result)
              {
                  result = super.isUserInRole(roleName);
              }
          }
          
          return result;
      }
  }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message