01: package org.ztemplates.web.impl;
02:
03: import java.security.Principal;
04: import java.util.Set;
05:
06: import org.ztemplates.actions.ZISecurityProvider;
07: import org.ztemplates.web.ZISecurityService;
08: import org.ztemplates.web.ZIServiceRepository;
09:
10: public class ZSecurityServiceImpl implements ZISecurityService {
11: private ZISecurityProvider securityProvider;
12:
13: public void init(final ZIServiceRepository serviceRepository)
14: throws Exception {
15: securityProvider = new ZISecurityProvider() {
16: public boolean isUserInRole(String role) {
17: return serviceRepository.getRequest()
18: .isUserInRole(role);
19: }
20:
21: public String removeSecurityFromUrl(String url) {
22: if (url.startsWith("/secure")) {
23: return url.substring("/secure".length());
24: } else {
25: return url;
26: }
27: }
28:
29: public String addSecurityToUrl(String url, Set<String> roles) {
30: return "/secure" + url;
31: }
32:
33: public String getUserName() {
34: Principal p = serviceRepository.getRequest()
35: .getUserPrincipal();
36: return p == null ? null : p.getName();
37: }
38: };
39: }
40:
41: public ZISecurityProvider getSecurityProvider() {
42: return securityProvider;
43: }
44: }
|