adminsecurityinterceptor.java

来自「The ability to create groups of reports,」· Java 代码 · 共 53 行

/*
 * Copyright (C) 2003 Erik Swenson - eswenson@opensourcesoft.net
 * 
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option)
 * any later version.
 * 
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
 * more details.
 * 
 * You should have received a copy of the GNU General Public License along with
 * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
 * Place - Suite 330, Boston, MA 02111-1307, USA.
 *  
 */

package org.efs.openreports.interceptors;

import com.opensymphony.xwork.ActionInvocation;
import com.opensymphony.xwork.ActionSupport;

import org.efs.openreports.objects.ReportUser;
import org.efs.openreports.util.LocalStrings;

public class AdminSecurityInterceptor extends SecurityInterceptor
{
	protected boolean isAuthorized(ActionInvocation actionInvocation)
	{
		if (!super.isAuthorized(actionInvocation))
			return false;

		ReportUser reportUser =
			(ReportUser) actionInvocation
				.getInvocationContext()
				.getSession()
				.get(
				"user");

		if (reportUser == null || !reportUser.isAdmin())
		{
			ActionSupport action = (ActionSupport) actionInvocation.getAction();
			action.addActionError(LocalStrings.getString(LocalStrings.ERROR_NOTAUTHORIZED));			

			return false;
		}		

		return true;
	}
}