*/
package org.wamblee.photos.wicket;
+import java.security.Principal;
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.wicket.RedirectToUrlException;
import org.apache.wicket.markup.html.CSSPackageResource;
+import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.markup.html.panel.FeedbackPanel;
import org.apache.wicket.model.IModel;
+import org.wamblee.security.authentication.UserAdministration;
import org.wamblee.wicket.behavior.TitleAttributeTooltipBehavior;
import org.wamblee.wicket.css.ResetCssBehavior;
import org.wamblee.wicket.page.ExpireBehavior;
public class BasePage extends WebApplicationBasePage {
+ @Inject
+ private HttpServletRequest request;
+
+ @Inject
+ private UserAdministration userAdmin;
+
private boolean isExpired = false;
public BasePage() {
public BasePage(IModel aModel) {
super(aModel);
+
+ Principal userPrincipal = request.getUserPrincipal();
+ if (userPrincipal == null) {
+ throw redirectToLoginPage();
+ }
+ String username = userPrincipal.getName();
+ if (isAdminPage() && !isAdministrator(username)) {
+ error("Unauthorized URL accessed");
+ throw redirectToLoginPage();
+ }
+
add(new ResetCssBehavior());
add(new TitleAttributeTooltipBehavior());
- add(CSSPackageResource.getHeaderContribution(BasePage.class,
- "photos.css"));
+ add(CSSPackageResource.getHeaderContribution(BasePage.class, "photos.css"));
disableCaching();
add(new FeedbackPanel("feedback"));
@Override
public void onClick() {
getRequestCycle().getSession().invalidate();
+ throw redirectToLoginPage();
}
});
+
+ WebMarkupContainer adminAccess = new WebMarkupContainer("adminAccess");
+ if (!isAdministrator(username)) {
+ adminAccess.setVisible(false);
+ }
+ add(adminAccess);
+ }
+
+ protected boolean isAdminPage() {
+ return false;
+ }
+
+ protected boolean isAdministrator(String aUsername) {
+ return userAdmin.isInGroup(aUsername, "administrators");
+ }
+
+ private RedirectToUrlException redirectToLoginPage() {
+ return new RedirectToUrlException("login.jsp");
}
public void setExpired(boolean aExpired) {