1 package org.apache.turbine.modules.screens;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 import org.apache.turbine.services.velocity.TurbineVelocity;
20 import org.apache.turbine.util.RunData;
21
22 import org.apache.velocity.context.Context;
23
24 /***
25 * VelocitySecureScreen
26 *
27 * Always performs a Security Check that you've defined before
28 * executing the doBuildtemplate(). You should extend this class and
29 * add the specific security check needed. If you have a number of
30 * screens that need to perform the same check, you could make a base
31 * screen by extending this class and implementing the isAuthorized().
32 * Then each screen that needs to perform the same check could extend
33 * your base screen.
34 *
35 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a>
36 * @version $Id: VelocitySecureScreen.java 264148 2005-08-29 14:21:04Z henning $
37 */
38 public abstract class VelocitySecureScreen
39 extends VelocityScreen
40 {
41 /***
42 * Implement this to add information to the context.
43 *
44 * @param data Turbine information.
45 * @param context Context for web pages.
46 * @exception Exception, a generic exception.
47 */
48 protected abstract void doBuildTemplate(RunData data,
49 Context context)
50 throws Exception;
51
52 /***
53 * This method overrides the method in VelocityScreen to
54 * perform a security check first.
55 *
56 * @param data Turbine information.
57 * @exception Exception, a generic exception.
58 */
59 protected void doBuildTemplate(RunData data)
60 throws Exception
61 {
62 if (isAuthorized(data))
63 {
64 doBuildTemplate(data, TurbineVelocity.getContext(data));
65 }
66 }
67
68 /***
69 * Implement this method to perform the security check needed.
70 * You should set the template in this method that you want the
71 * user to be sent to if they're unauthorized. See the
72 * VelocitySecurityCheck utility.
73 *
74 * @param data Turbine information.
75 * @return True if the user is authorized to access the screen.
76 * @exception Exception, a generic exception.
77 */
78 protected abstract boolean isAuthorized(RunData data)
79 throws Exception;
80 }