1 /***
2 * The contents of this file are subject to the Mozilla Public License Version
3 * 1.1 (the "License"); you may not use this file except in compliance with the
4 * License.
5 *
6 * You may obtain a copy of the License at http://www.mozilla.org/MPL/
7 *
8 * Software distributed under the License is distributed on an "AS IS" basis,
9 * WITHOUT WARRANTY OF ANY KIND, either express or implied.
10 * See the License for the specific language governing rights and limitations
11 * under the License.
12 *
13 * The Original Code is pow2ACL library.
14 * The Initial Owner of the Original Code is Power Of Two S.R.L.
15 * Portions created by Power Of Two S.R.L. are Copyright
16 * (C) Power Of Two S.R.L. All Rights Reserved.
17 *
18 * Contributor(s):
19 */
20
21 package com.pow2.acl.struts.action;
22
23 import java.net.*;
24 import java.net.MalformedURLException;
25 import java.io.IOException;
26 import javax.servlet.ServletException;
27 import javax.servlet.http.HttpServletRequest;
28 import javax.servlet.http.HttpServletResponse;
29 import javax.servlet.http.HttpSession;
30 import javax.servlet.ServletContext;
31
32 import org.apache.log4j.Category;
33
34 import org.apache.struts.action.*;
35
36 import com.pow2.user.User;
37 import com.pow2.acl.dao.ACLDAO;
38 import com.pow2.user.UserManager;
39
40 /***
41 * Ask the specified Action instance to handle this request.
42 * <br>
43 * If the input action subclasses <code>ACLDispatcherAction</code>, execute:
44 * <br><br>
45 * <ul>
46 * <li>
47 * the input action's <code>validateSession</code> method;
48 * if that method returns <code>false</code>, redirect to the resource
49 * specified by the <code>invalidSessionForward</code> method
50 * </li>
51 * <li>
52 * the input action's <code>validatePermissions</code> method;
53 * if that method returns <code>false</code>, redirect to the resource
54 * specified by the <code>noPermissionsForward</code> method
55 * </li>
56 * </ul>
57 * <br>
58 * then execute the input action's <code>perform</code> method.
59 *
60 * @author Luca Fossato
61 * @created 8 aprile 2002
62 */
63 public class ACLActionServlet extends ActionServlet
64 {
65 /*** Log4j category; */
66 private Category cat = Category.getInstance(this.getClass());
67
68
69 /***
70 * Initialize this servlet.
71 *
72 * @exception ServletException if we cannot configure ourselves correctly
73 */
74 public void init() throws ServletException
75 {
76 super.init();
77 }
78
79
80 /***
81 * Ask the specified Action instance to handle this request.
82 * <br>
83 * If the input action subclasses <code>ACLDispatcherAction</code>, execute:
84 * <br><br>
85 * <ul>
86 * <li>
87 * the input action's <code>validateSession</code> method;
88 * if that method returns <code>false</code>, redirect to the resource
89 * specified by the <code>invalidSessionForward</code> method
90 * </li>
91 * <li>
92 * the input action's <code>validatePermissions</code> method;
93 * if that method returns <code>false</code>, redirect to the resource
94 * specified by the <code>noPermissionsForward</code> method
95 * </li>
96 * </ul>
97 * <br>
98 * then execute the the input action's <code>perform</code> method.
99 *
100 * @param action The Action to process this request
101 * @param mapping The ActionMapping we are processing
102 * @param formInstance The ActionForm we are processing
103 * @param request The servlet request we are processing
104 * @param response The servlet response we are creating
105 * @return Description of the Return Value
106 * @exception IOException if an input/output error occurs
107 * @exception ServletException if a servlet exception occurs
108 */
109 protected ActionForward processActionPerform(Action action,
110 ActionMapping mapping,
111 ActionForm formInstance,
112 HttpServletRequest request,
113 HttpServletResponse response)
114 throws
115 IOException,
116 ServletException
117 {
118 // input action extends ACLDispatcherAction ?
119 if (action instanceof ACLDispatcherAction)
120 {
121 ActionErrors errors = new ActionErrors();
122 ACLDispatcherAction aclAction = (ACLDispatcherAction) action;
123 ACLActionMapping aclMapping = (ACLActionMapping) mapping;
124
125 // validate the current session object;
126 // ACLActionMapping.isValidateSession enables / disables the
127 // aclAction validateSession() method execution
128 if (aclMapping.isValidateSession() && !aclAction.validateSession(request))
129 {
130 cat.warn("::processActionPerform - session validation fails; return the invalidSession forward");
131 return aclAction.invalidSessionForward(request, mapping, errors);
132 }
133
134 // get the User object (can be null);
135 User user = UserManager.instance().getUser(request);
136
137 // validate the action permissions;
138 // ACLActionMapping.isValidatePermissions enables / disables the
139 // aclAction validatePermissions() method execution
140 if (aclMapping.isValidatePermissions() &&
141 !aclAction.validatePermissions(user, ACLDAO.instance(), mapping, request, errors))
142 {
143 cat.warn(new StringBuffer("::processActionPerform - user [id = ").
144 append(user.getId()).
145 append(", ").
146 append(user.getFirstName()).
147 append("] has no permissions to execute the action class [").
148 append(action.getClass().getName()).
149 append("]"));
150
151 return aclAction.noPermissionsForward(request, mapping, errors);
152 }
153 }
154
155 return action.perform(mapping, formInstance, request, response);
156 }
157 }
This page was automatically generated by Maven