Examples of net.sf.jportlet.portlet.descriptor.AuthConstraintDescriptor

• net.sf.jportlet.portlet.descriptor.AuthConstraintDescriptor
  The AuthConstraintDescriptor describe the authorization constraint @author Herve Tchepannou

                              PortletRequest  request,
                              PortletResponse response )
        throws PortletException,
                   IOException
    {
        AuthConstraintDescriptor descr = proxy.getDescriptor(  ).getAuthConstraintDescriptor( request.getMode(  ) );
        if ( descr == null )
        {
            return Interceptor.CONTINUE;
        }

        User usr = request.getUser(  );

        /* Anonymous user */
        if ( usr == null )
        {
            return descr.isAllowAnonymous(  )
                   ? Interceptor.CONTINUE
                   : Interceptor.SKIP;
        }

        /* Check the roles */
        else if ( descr.containsRole( Constants.ALL ) )
        {
            return Interceptor.CONTINUE;
        }
        else
        {
            Collection roles = ( ( PortletRequestImpl ) request ).getUserRoles(  );
            Iterator   it = roles.iterator(  );
            while ( it.hasNext(  ) )
            {
                String role = it.next(  ).toString(  );
                if ( descr.containsRole( role ) )
                {
                    return Interceptor.CONTINUE;
                }
            }
        }

        if ( debug )
        {
            __log.debug( "canAccess(" + mode + ")" );
        }

        AuthConstraintDescriptor descr = _proxy.getDescriptor(  ).getAuthConstraintDescriptor( mode );

        if ( descr == null )
        {
            if ( debug )
            {
                __log.debug( "...No security-contraint" );
            }

            access = true;
        }
        else
        {
            String userId = getUserId(  );

            if ( userId == null )
            {
                if ( debug )
                {
                    __log.debug( "...Allowing anonymous access" );
                }

                access = descr.isAllowAnonymous(  );
            }
            else
            {
                return descr.containsRoles( getUserRoles(  ) );
            }
        }

        if ( debug )
        {

        assertNotNull( "cache[help]", cache );
        assertEquals( "cache[help].expires", -1, cache.getExpires(  ) );
        assertTrue( "cache[help].shared", cache.isShared(  ) );

        /* auth */
        AuthConstraintDescriptor auth = portlet.getAuthConstraintDescriptor( Portlet.Mode.VIEW );
        assertNotNull( "auth[view]", auth );
        assertTrue( "auth[view].allowAnonymous", auth.isAllowAnonymous(  ) );
        assertTrue( "auth[view].role[author]", auth.containsRole( "author" ) );
        assertTrue( "auth[view].role[admin]", auth.containsRole( "admin" ) );

        auth = portlet.getAuthConstraintDescriptor( Portlet.Mode.CONFIGURE );
        assertNotNull( "auth[configure]", auth );
        assertFalse( "auth[configure].allowAnonymous", auth.isAllowAnonymous(  ) );
        assertFalse( "auth[configure].role[author]", auth.containsRole( "author" ) );
        assertTrue( "auth[configure].role[admin]", auth.containsRole( "admin" ) );

        WebflowActionDescriptor wf = portlet.getWebflowAction( "view" );
        assertNotNull( "webflow[view]", wf );
        assertEquals( "webflow[view].success", "/success.jsp", wf.getReturnURI("success"));
        assertEquals( "webflow[view].input", "/portlet/capital/mode/view/state/maximized", wf.getReturnURI("input"));