I wish I could use AOP, so I could just have an aournd advice ... :(
On 10/21/05, Ron Piterman <[EMAIL PROTECTED]> wrote:
>
> I would *replace* the AbstractComponent class of tapestry and implement
> it there.
>
> you do it by adding an org.apache.tapetsry.AbstractComponent to your
> source files.
>
> there is a final render(...) method, which is calling the
> renderComponent which does the actual work and is abstract. don't call
> it, and the component is not rendered,
>
> Cheers,
> Ron
>
>
> ציטוט Vinicius Carvalho:
> > Hello there! On the previous posts I was asking about a better way to
> > override the LinkComponents from Tapestry in order to add security
> support
> > to it. Ron gave an brilliant AOP style solution with Hivemind, thanks.
> But
> > in the mean time I was developing a different solution. One thing that
> came
> > on my mind. Was, ok for the links, but what if I don't want a user to
> see an
> > entire table component? Or a TextField? Well, the solution may be not
> > elegant, but it's simple. I've created an wrapper component where we
> could
> > use to nest components that need security enabled. I've packed it on a
> > library. I'm posting the codes here, but if anyone cares I could send
> the
> > lib for you. It's the beginning of a components libraries that I and
> some
> > fellows are planning to create.
> >
> > SecureComponentWrapper:
> > The idea here is to provide a wrapper that will render only if a given
> > requisite is fullfiled
> >
> > public abstract class SecureComponentWrapper extends AbstractComponent {
> > public abstract String getRoles();
> >
> >
> > protected void renderComponent(IMarkupWriter writer, IRequestCycle
> cycle) {
> > if(canRender()){
> > renderBody(writer,cycle);
> > }
> > }
> >
> > public abstract boolean canRender();
> >
> > }
> > AcegiComponentWrapper
> > The idea here is to let the component be rendered only if the user has
> the
> > right credetials
> >
> > public abstract class AcegiComponentWrapper extends
> SecureComponentWrapper {
> > @Override
> > public boolean canRender() {
> > Collection principalAuthorities = getPrincipalAuthorities();
> > Collection roles = Arrays.asList(
> org.apache.commons.lang.StringUtils.split
> > (getRoles(),","));
> > boolean permited = CollectionUtils.containsAny
> (principalAuthorities,roles);
> > return permited;
> > }
> >
> > @SuppressWarnings({"unused","unchecked"})
> > private Collection getPrincipalAuthorities() {
> > SecureContext context = (SecureContext) ContextHolder.getContext();
> > if (context == null) {
> > return Collections.EMPTY_LIST;
> > }
> > Authentication currentUser = context.getAuthentication();
> > if (currentUser == null) {
> > return Collections.EMPTY_LIST;
> > }
> > if ((null == currentUser.getAuthorities())
> > || (currentUser.getAuthorities().length < 1)) {
> > return Collections.EMPTY_LIST;
> > }
> > ArrayList granted = new ArrayList(currentUser.getAuthorities().length);
> > for(GrantedAuthority ga : currentUser.getAuthorities()){
> > granted.add(ga.getAuthority());
> > }
> > return granted;
> > }
> > }
> >
> > <component-specification allow-body="yes" allow-informal-parameters="no"
> > class="org.tupiniquim.components.secure.AcegiComponentWrapper">
> > <parameter required="yes" name="roles"/>
> > </component-specification>
> > <page-specification class="org.apache.tapestry.html.BasePage">
> > <component id="secured" type="tupiniquim:AcegiComponentWrapper">
> > <binding name="roles" value="literal:ROLE_ADMIN"></binding>
> > </component>
> > </page-specification>
> >
> > <span jwcid="secured">Can you see me?</span>
> > </span>
> >
> > Well if the user is not logged or does not has the ROLE_ADMIN he will
> not
> > see the body of the component (which could be another component as
> well).
> > You can use CSV like literal:ROLE_ADMIN,ROLE_USER,ROLE_DBA for instance.
> > I still need to test it a little better, and also to add an feature of
> > deciding if it should be rendered if users has all of permissions or Any
> of
> > the permissions.
> >
> > I don't know if this is come in hand for anyone else, it just fit our
> needs
> > in our JUG pages ;)
> >
> > Regards
> >
> > --
> > Vinicius Caldeira Carvalho
> > Arquiteto de Sistemas
> > [EMAIL PROTECTED]
> > www.synos.com.br <http://www.synos.com.br> <http://www.synos.com.br>
> >
> > "Everything should be made as simple as possible, but not simpler."
> > Albert Einstein
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Vinicius Caldeira Carvalho
Arquiteto de Sistemas
[EMAIL PROTECTED]
www.synos.com.br <http://www.synos.com.br>
"Everything should be made as simple as possible, but not simpler."
Albert Einstein
