Examples of org.wicketstuff.security.log.IAuthorizationMessageSource

• org.wicketstuff.security.log.IAuthorizationMessageSource
  {@link IErrorMessageSource} which also knows which {@link Component} (if any) triggered thismessage and keeps track of variables that can be used by the message. @author marrink

      ISecurityCheck check = getSecurityCheck(component);
      if (check != null)
      {
        if (check.isActionAuthorized(getActionFactory().getAction(action)))
          return true;
        IAuthorizationMessageSource message = getMessageSource();
        if (message != null)
        {
          message.setComponent(component);
          message.addVariable("wicket.action", action);
          message.addVariable("wasp.action", getActionFactory().getAction(action));
          logMessage(message);
        }
        return false;

      }
      IModel<?> model = component.getDefaultModel();
      if (model instanceof ISecureModel<?>)
      {
        if (((ISecureModel<?>)model).isAuthorized(component,
          getActionFactory().getAction(action)))
          return true;
        IAuthorizationMessageSource message = getMessageSource();
        if (message != null)
        {
          message.setComponent(component);
          message.addVariable("wicket.action", action);
          message.addVariable("wasp.action", getActionFactory().getAction(action));
          logMessage(message);
        }
        return false;
      }
    }

   * @param create
   * @return the messagesource or null if there is none and the create flag was false
   */
  protected final IAuthorizationMessageSource getMessageSource(boolean create)
  {
    IAuthorizationMessageSource resource = null;
    if (RequestCycle.get() != null)
      resource = RequestCycle.get().getMetaData(MESSAGE_KEY);
    if (resource == null && create)
    {
      resource = createMessageSource();

   * @see #logMessages()
   * @see #getMessageSource()
   */
  protected void logPermissionDenied(Permission permission, Subject subject)
  {
    IAuthorizationMessageSource source = getMessageSource(logMessages());
    if (source == null)
      return;
    // note that even if logErrorMessages returns false we still populate
    // the source with variables if there is a source
    source.addVariable("permission", permission);
    source.addVariable("actions", permission.getActions());
    source.addVariable("subject", subject);
    Set<Principal> principals = getHive().getPrincipals(permission);
    if (!principals.isEmpty())
      source.addVariable("principals", principals);
    else
      source.addVariable("principals", Collections.EMPTY_SET);
  }

  @Override
  public boolean isComponentAuthorized(Component component, WaspAction action)
  {
    if (hasPermission(new ComponentPermission(component, action)))
      return true;
    IAuthorizationMessageSource message = getMessageSource();
    if (message != null)
    {
      message.setComponent(component);
      logMessage(message);
    }
    return false;
  }

      permission = new DataPermission(component, (SwarmModel<?>)model, (SwarmAction)action);
    else
      permission = new DataPermission(String.valueOf(model), action);
    if (hasPermission(permission))
      return true;
    IAuthorizationMessageSource message = getMessageSource();
    if (message != null)
    {
      message.setComponent(component);
      logMessage(message);
    }
    return false;

  }