001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.wicket.authorization.strategies; 018 019import java.util.ArrayList; 020import java.util.List; 021 022import org.apache.wicket.Component; 023import org.apache.wicket.authorization.Action; 024import org.apache.wicket.authorization.IAuthorizationStrategy; 025import org.apache.wicket.request.component.IRequestableComponent; 026import org.apache.wicket.request.mapper.parameter.PageParameters; 027import org.apache.wicket.request.resource.IResource; 028 029 030/** 031 * Compound implementation of the IAuthorizationStrategy that lets you chain two or more strategies 032 * together. 033 * 034 * @author ivaynberg 035 */ 036public class CompoundAuthorizationStrategy implements IAuthorizationStrategy 037{ 038 /** List of strategies to consult */ 039 private final List<IAuthorizationStrategy> strategies = new ArrayList<>(); 040 041 /** 042 * Adds a strategy to the chain 043 * 044 * @param strategy 045 * Strategy to add 046 */ 047 public final void add(IAuthorizationStrategy strategy) 048 { 049 if (strategy == null) 050 { 051 throw new IllegalArgumentException("Strategy argument cannot be null"); 052 } 053 strategies.add(strategy); 054 } 055 056 /** 057 * @see org.apache.wicket.authorization.IAuthorizationStrategy#isInstantiationAuthorized(java.lang.Class) 058 */ 059 @Override 060 public final <T extends IRequestableComponent> boolean isInstantiationAuthorized( 061 Class<T> componentClass) 062 { 063 for (IAuthorizationStrategy strategy : strategies) 064 { 065 if (!strategy.isInstantiationAuthorized(componentClass)) 066 { 067 return false; 068 } 069 } 070 return true; 071 } 072 073 /** 074 * @see org.apache.wicket.authorization.IAuthorizationStrategy#isActionAuthorized(org.apache.wicket.Component, 075 * org.apache.wicket.authorization.Action) 076 */ 077 @Override 078 public final boolean isActionAuthorized(Component component, Action action) 079 { 080 for (IAuthorizationStrategy strategy : strategies) 081 { 082 if (!strategy.isActionAuthorized(component, action)) 083 { 084 return false; 085 } 086 } 087 return true; 088 } 089 090 @Override 091 public boolean isResourceAuthorized(IResource resource, PageParameters parameters) 092 { 093 for (IAuthorizationStrategy strategy : strategies) 094 { 095 if (!strategy.isResourceAuthorized(resource, parameters)) 096 { 097 return false; 098 } 099 } 100 return true; 101 } 102}