[Yanel-dev] Re: [Yanel-commits] rev 45010
- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu
Guillaume Déflache
guillaume.deflache at wyona.com
Wed Oct 14 11:50:16 CEST 2009
michi at wyona.com schrieb:
> Author: michi
> Date: 2009-10-14 10:33:33 +0200 (Wed, 14 Oct 2009)
> New Revision: 45010
>
> Modified:
> public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java
> Log:
> check policies re user and group management in order to disable/enable links
>
> Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java
> ===================================================================
> --- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java 2009-10-14 08:32:53 UTC (rev 45009)
> +++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java 2009-10-14 08:33:33 UTC (rev 45010)
> @@ -50,8 +50,20 @@
> sb.append("<li><a href=\"?yanel.policy=update\">Edit Access Policy</a></li>");
> sb.append("</ul>");
> sb.append("</li>");
> - sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-users.html\">User Management</a></li>");
> - sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-groups.html\">Group Management</a></li>");
> +
> + org.wyona.security.core.api.PolicyManager pm = resource.getRealm().getPolicyManager();
> + if (pm.authorize("/" + reservedPrefix + "/admin/list-users.html", resource.getEnvironment().getIdentity(), new org.wyona.security.core.api.Usecase("view"))) {
> + sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-users.html\">User Management</a></li>");
> + } else {
> + sb.append("<li>User Management</li>");
> + }
> +
> + if (pm.authorize("/" + reservedPrefix + "/admin/list-groups.html", resource.getEnvironment().getIdentity(), new org.wyona.security.core.api.Usecase("view"))) {
> + sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-groups.html\">Group Management</a></li>");
> + } else {
> + sb.append("<li>Group Management</li>");
> + }
> +
> sb.append("<li><a href=\"?yanel.toolbar=off\">Turn off toolbar</a></li>");
> Identity identity = getIdentity(request, map);
> if (identity != null) {
>
Maybe some helpers could, well, help there, like:
protected final boolean mayBeViewed(String URI) {
PolicyManager pm = resource.getRealm().getPolicyManager();
return pm.authorize(URI, resource.getEnvironment().getIdentity(),
new org.wyona.security.core.api.Usecase("view")));
}
That could be defined in Yanel's Menu base class.
Also we should at least try to start a HTML writer library for menu
entries (addMenu, addMenuEntry, addSeparator, etc.), as you suggested in
http://lists.wyona.org/pipermail/yanel-development/2009-April/003543.html
(And If we are careful and first use private methods for prototyping it,
we can always ditch it later!)
WDYT?
More information about the Yanel-development
mailing list