[Yanel-commits] rev 28162 - public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet

michi at wyona.com michi at wyona.com
Fri Oct 26 09:56:18 CEST 2007


Author: michi
Date: 2007-10-26 09:56:17 +0200 (Fri, 26 Oct 2007)
New Revision: 28162

Modified:
   public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
Log:
use new API of security package

Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java	2007-10-26 07:55:35 UTC (rev 28161)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java	2007-10-26 07:56:17 UTC (rev 28162)
@@ -71,6 +71,7 @@
 import org.wyona.security.core.api.IdentityMap;
 import org.wyona.security.core.api.PolicyManager;
 import org.wyona.security.core.api.Role;
+import org.wyona.security.core.api.Usecase;
 import org.wyona.security.core.api.User;
 
 import org.apache.log4j.Category;
@@ -1013,7 +1014,7 @@
      */
     private HttpServletResponse doAuthorize(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
 
-        Role role = null;
+        Usecase usecase = null;
 
         // TODO: Replace hardcoded roles by mapping between roles amd query strings ...
         String value = request.getParameter("yanel.resource.usecase");
@@ -1022,38 +1023,38 @@
         String method = request.getMethod();
         if (value != null && value.equals("save")) {
             log.debug("Save data ...");
-            role = new Role("write");
+            usecase = new Usecase("write");
         } else if (value != null && value.equals("checkin")) {
             log.debug("Checkin data ...");
-            role = new Role("write");
+            usecase = new Usecase("write");
         } else if (value != null && value.equals("introspection")) {
             if(log.isDebugEnabled()) log.debug("Dynamically generated introspection ...");
-            role = new Role("introspection");
+            usecase = new Usecase("introspection");
         } else if (value != null && value.equals("checkout")) {
             log.debug("Checkout data ...");
-            role = new Role("open");
+            usecase = new Usecase("open");
         } else if (contentType != null && contentType.indexOf("application/atom+xml") >= 0 && (method.equals(METHOD_PUT) || method.equals(METHOD_POST))) {
             // TODO: Is posting atom entries different from a general post (see below)?!
             log.error("DEBUG: Write/Checkin Atom entry ...");
-            role = new Role("write");
+            usecase = new Usecase("write");
         // TODO: METHOD_POST is not generally protected, but save, checkin, application/atom+xml are being protected. See doPost(.... 
         } else if (method.equals(METHOD_PUT)) {
             log.error("DEBUG: Upload data ...");
-            role = new Role("write");
+            usecase = new Usecase("write");
         } else if (method.equals(METHOD_DELETE)) {
             log.error("DEBUG: Delete resource ...");
-            role = new Role("delete");
+            usecase = new Usecase("delete");
         } else if (workflowTransitionValue != null) {
             // TODO: How shall we protect workflow transitions?!
             log.error("DEBUG: Workflow transition ...");
-            role = new Role("view");
+            usecase = new Usecase("view");
         } else {
-            role = new Role("view");
+            usecase = new Usecase("view");
         }
         value = request.getParameter("yanel.toolbar");
         if (value != null && value.equals("on")) {
             log.debug("Turn on toolbar ...");
-            role = new Role("toolbar");
+            usecase = new Usecase("toolbar");
         }
 
         boolean authorized = false;
@@ -1088,7 +1089,8 @@
                 try {
                     User user = realm.getIdentityManager().getUserManager().getUser(username);
                     if (user != null && user.authenticate(password)) {
-                        authorized = realm.getPolicyManager().authorize(path, new Identity(user), new Role("view"));
+                        //authorized = realm.getPolicyManager().authorize(path, new Identity(user), new Role("view"));
+                        authorized = realm.getPolicyManager().authorize(path, new Identity(user), new Usecase("view"));
                         if(authorized) {
                             return null;
                         } else {
@@ -1141,8 +1143,9 @@
             
             //authorized = pm.authorize(new org.wyona.commons.io.Path(request.getServletPath()), identity, role);
         
-            if (log.isDebugEnabled()) log.debug("Check authorization: realm: " + realm + ", path: " + path + ", identity: " + identity.getUsername() + ", role: " + role.getName());
-            authorized = realm.getPolicyManager().authorize(path, identity, role);
+            if (log.isDebugEnabled()) log.debug("Check authorization: realm: " + realm + ", path: " + path + ", identity: " + identity.getUsername() + ", Usecase: " + usecase.getName());
+            //authorized = realm.getPolicyManager().authorize(path, identity, role);
+            authorized = realm.getPolicyManager().authorize(path, identity, usecase);
             if (log.isDebugEnabled()) log.debug("Check authorization result: " + authorized);
         } catch (Exception e) {
             log.error(e.getMessage(), e);



More information about the Yanel-commits mailing list