/**
* Copyright (c) 2011-2014, OpenIoT
*
* This library is free software; you can redistribute it and/or
* modify it either under the terms of the GNU Lesser General Public
* License version 2.1 as published by the Free Software Foundation
* (the "LGPL"). If you do not alter this
* notice, a recipient may use your version of this file under the LGPL.
*
* You should have received a copy of the LGPL along with this library
* in the file COPYING-LGPL-2.1; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY
* OF ANY KIND, either express or implied. See the LGPL for
* the specific language governing rights and limitations.
*
* Contact: OpenIoT mailto: info@openiot.eu
*/
package org.openiot.security.client.tags.jsp;
import org.apache.shiro.subject.Subject;
import org.openiot.security.client.AccessControlUtil;
import org.openiot.security.client.OAuthorizationCredentials;
/**
* @author Mehdi Riahi
*
*/
public class HasAnyRolesTag extends RoleTag {
private static final long serialVersionUID = -2841686788672234133L;
// Delimiter that separates role names in tag attribute
private static final String ROLE_NAMES_DELIMETER = ",";
public HasAnyRolesTag() {
}
protected boolean showTagBody(String roleNames) {
boolean hasAnyRole = false;
AccessControlUtil instance = AccessControlUtil.getInstance();
OAuthorizationCredentials oAuthorizationCredentials = instance.getOAuthorizationCredentials();
Subject subject = getSubject();
if (subject != null) {
// Iterate through roles and check to see if the user has one of the roles
for (String role : roleNames.split(ROLE_NAMES_DELIMETER)) {
if (instance.hasRole(role.trim(), oAuthorizationCredentials)) {
hasAnyRole = true;
break;
}
}
}
return hasAnyRole;
}
}