1/*2 * $Id: AbstractBaseAttributeRenderer.java 791161 2009-07-04 18:53:36Z apetrelli $3 *4 * Licensed to the Apache Software Foundation (ASF) under one5 * or more contributor license agreements. See the NOTICE file6 * distributed with this work for additional information7 * regarding copyright ownership. The ASF licenses this file8 * to you under the Apache License, Version 2.0 (the9 * "License"); you may not use this file except in compliance10 * with the License. You may obtain a copy of the License at11 *12 * http://www.apache.org/licenses/LICENSE-2.013 *14 * Unless required by applicable law or agreed to in writing,15 * software distributed under the License is distributed on an16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY17 * KIND, either express or implied. See the License for the18 * specific language governing permissions and limitations19 * under the License.20 */21package org.apache.tiles.renderer.impl;
2223import java.io.IOException;
24import java.util.Iterator;
25import java.util.Set;
2627import org.apache.tiles.Attribute;
28import org.apache.tiles.TilesApplicationContext;
29import org.apache.tiles.awareness.TilesApplicationContextAware;
30import org.apache.tiles.awareness.TilesRequestContextFactoryAware;
31import org.apache.tiles.context.TilesRequestContext;
32import org.apache.tiles.context.TilesRequestContextFactory;
33import org.apache.tiles.evaluator.AttributeEvaluator;
34import org.apache.tiles.evaluator.AttributeEvaluatorFactory;
35import org.apache.tiles.evaluator.AttributeEvaluatorFactoryAware;
36import org.apache.tiles.renderer.AttributeRenderer;
37import org.slf4j.Logger;
38import org.slf4j.LoggerFactory;
3940/***41 * Base abstract class that manages authorization to display the attribute.42 *43 * @version $Rev: 791161 $ $Date: 2009-07-04 20:53:36 +0200 (sab, 04 lug 2009) $44 * @since 2.1.045 */46publicabstractclassAbstractBaseAttributeRenderer implements
47 AttributeRenderer, TilesRequestContextFactoryAware,
48 TilesApplicationContextAware, AttributeEvaluatorFactoryAware {
4950/***51 * The logging object.52 */53privatefinal Logger log = LoggerFactory
54 .getLogger(AbstractBaseAttributeRenderer.class);
5556/***57 * The Tiles request context factory.58 *59 * @since 2.1.160 */61protectedTilesRequestContextFactory contextFactory;
6263/***64 * The Tiles application context.65 *66 * @since 2.1.067 */68protected TilesApplicationContext applicationContext;
6970/***71 * The attribute evaluator factory.72 *73 * @since 2.2.074 */75protectedAttributeEvaluatorFactory attributeEvaluatorFactory;
7677/*** {@inheritDoc} */78publicvoid setRequestContextFactory(TilesRequestContextFactory contextFactory) {
79this.contextFactory = contextFactory;
80 }
8182/*** {@inheritDoc} */83publicvoid setApplicationContext(TilesApplicationContext applicationContext) {
84this.applicationContext = applicationContext;
85 }
8687/*** {@inheritDoc} */88publicvoid setAttributeEvaluatorFactory(AttributeEvaluatorFactory attributeEvaluatorFactory) {
89this.attributeEvaluatorFactory = attributeEvaluatorFactory;
90 }
9192/*** {@inheritDoc} */93publicvoid render(Attribute attribute, TilesRequestContext request) throws IOException {
94if (!isPermitted(request, attribute.getRoles())) {
95if (log.isDebugEnabled()) {
96 log.debug("Access to attribute denied. User not in role '"97 + attribute.getRoles() + "'");
98 }
99return;
100 }
101102AttributeEvaluator evaluator = attributeEvaluatorFactory
103 .getAttributeEvaluator(attribute);
104 Object value = evaluator.evaluate(attribute, request);
105106 write(value, attribute, request);
107 }
108109/***110 * Implement this method knowing that the attribute won't be null and it111 * will be authorized.112 * @param value The value of the attribute to be rendered.113 * @param attribute The attribute to render.114 * @param request The Tiles request object.115 * @throws IOException If something goes wrong during rendition.116 * @since 2.1.2117 */118publicabstractvoid write(Object value, Attribute attribute,
119TilesRequestContext request)
120 throws IOException;
121122/***123 * Creates a Tiles request context from request items.124 *125 * @param requestItems The request items.126 * @return The created Tiles request context.127 * @since 2.1.0128 */129protectedTilesRequestContext getRequestContext(Object... requestItems) {
130return contextFactory.createRequestContext(applicationContext,
131 requestItems);
132 }
133134/***135 * Checks if the current user is in one of the comma-separated roles136 * specified in the <code>role</code> parameter.137 *138 * @param request The request context.139 * @param roles The list of roles.140 * @return <code>true</code> if the current user is in one of those roles.141 * @since 2.1.0142 */143protectedboolean isPermitted(TilesRequestContext request, Set<String> roles) {
144if (roles == null || roles.isEmpty()) {
145returntrue;
146 }
147148boolean retValue = false;
149150for (Iterator<String> roleIt = roles.iterator(); roleIt.hasNext()
151 && !retValue;) {
152 retValue = request.isUserInRole(roleIt.next());
153 }
154155return retValue;
156 }
157 }