Examples of org.wicketstuff.security.checks.LinkSecurityCheck

org.wicketstuff.security.checks.LinkSecurityCheck
A security check designed for {@link Link}s. This check has 2 modes for the {@link Render}action. In the regular mode the check behaves as a {@link ClassSecurityCheck} meaning the usermust have render rights for the target class of the link, If not the link will not be rendered. In the alternative mode the check behaves as a {@link ComponentSecurityCheck} (render actiononly) allowing the link to be visible but disabled. Note that for all other actions this check behaves as a ClassSecurityCheck (with option to check the model). Although the check was designed to work on pages it now also works on any class. So {@link Panel} and the like may be used asclickTarget @author marrink

   * @param pageClass
   */
  public SecureBookmarkablePageLink(String id, Class<? extends Page> pageClass)
  {
    super(id, pageClass);
    setSecurityCheck(new LinkSecurityCheck(this, pageClass));
  }

View Full Code Here

   */
  public SecureBookmarkablePageLink(String id, Class<? extends Page> pageClass,
    PageParameters parameters)
  {
    super(id, pageClass, parameters);
    setSecurityCheck(new LinkSecurityCheck(this, pageClass));
  }

View Full Code Here

   * 
   * @return the securitycheck for this link or null if no security is to be enforced
   */
  protected ISecurityCheck generateSecurityCheck()
  {
    return new LinkSecurityCheck(this, getReplacementClass());
  }

View Full Code Here

   * @param c
   */
  public <C extends Page> SecurePageLink(String id, final Class<C> c)
  {
    super(id);
    setSecurityCheck(new LinkSecurityCheck(this, c));


    // Ensure that c is a subclass of Page
    if (!Page.class.isAssignableFrom(c))
    {
      throw new IllegalArgumentException("Class " + c + " is not a subclass of Page");

View Full Code Here

   */
  public SecurePageLink(String id, IPageLink pageLink)
  {
    super(id);
    this.pageLink = pageLink;
    setSecurityCheck(new LinkSecurityCheck(this, pageLink.getPageIdentity()));
  }

View Full Code Here

    Link<?> link = (Link<?>)super.newLink(linkId, index);
    Class<? extends Panel> panelClass = getTabClass(index);
    // We are using a LinkSecurityCheck instead of a ContainerSecurityCheck
    // because it operates on classes instead of instances.
    if (panelClass != null){
      SecureComponentHelper.setSecurityCheck(link, new LinkSecurityCheck(link, panelClass));
                }
    // we can only set the check if we have a class, we could use
    // getPanel("dummy") and get the class from that but then we would
    // create some serious overhead instantiating panels twice.
    return link;

View Full Code Here

    mock.assertInvisible("link");
    mock.assertVisible("sorry");
    // step one, show the secure home page without a link to PageA
    Page lastPage = mock.getLastRenderedPage();
    SecurePageLink<?> link = (SecurePageLink<?>)lastPage.get("link");
    LinkSecurityCheck linkcheck = ((LinkSecurityCheck)link.getSecurityCheck()).setUseAlternativeRenderCheck(true);
    // step two, show the secure home page with a not clickable link to
    // PageA (e.g. not a href)
    Map<String, WaspAction> authorized = new HashMap<String, WaspAction>();
    authorized.put(SecureComponentHelper.alias(link),
      application.getActionFactory().getAction("access render"));
    login(authorized);
    mock.startPage(lastPage);
    mock.assertRenderedPage(getHomePage());
    assertSame(lastPage, mock.getLastRenderedPage());
    mock.assertInvisible("sorry");
    mock.assertVisible("link");
    TagTester tag = mock.getTagByWicketId("link");
    assertNull(tag.getAttribute("href"));
    assertNull(tag.getAttribute("onclick"));
    // step three, show the secure home page with a clickable link to PageA
    authorized.clear();
    authorized.put(SecureComponentHelper.alias(HomePage.class), application.getActionFactory()
      .getAction("access render enable"));
    authorized.put(SecureComponentHelper.alias(PageA.class), application.getActionFactory()
      .getAction("render enable"));
    login(authorized);
    Page page = mock.getLastRenderedPage();
    mock.startPage(page);
    tag = mock.getTagByWicketId("link");
    assertNotNull(tag.getAttribute("href"));
    logoff(authorized);
    authorized.clear();
    // step four, show the secure home page with a clickable link and click
    // the link that is not enabled.
    linkcheck.setUseAlternativeRenderCheck(false);
    authorized.put(SecureComponentHelper.alias(HomePage.class), application.getActionFactory()
      .getAction("access render enable"));
    authorized.put(SecureComponentHelper.alias(PageA.class), application.getActionFactory()
      .getAction("access render"));
    login(authorized);

View Full Code Here

TOP

Related Classes of org.wicketstuff.security.checks.LinkSecurityCheck

org.wicketstuff.security.components.markup.html.links.SecureBookmarkablePageLink

org.wicketstuff.security.components.markup.html.links.SecureContainerLink

org.wicketstuff.security.components.markup.html.links.SecurePageLink

org.wicketstuff.security.extensions.markup.html.tabs.SecureTabbedPanel

org.wicketstuff.security.SecureLinkTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.