Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package rights; import javax.servlet.jsp.tagext.BodyTagSupport; import org.springframework.context.ApplicationContext; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator; import org.springframework.web.context.support.WebApplicationContextUtils; /** * * @author Rice Pavel */ public class HasAllRightsTag extends BodyTagSupport { private static BranchRightsHolder branchRightsHolder; private String url; private Long branchId; public void setUrl(String url) { int n = url.indexOf('?'); if (n >= 0) { url = url.substring(0, n); } this.url = url; } public void setBranchId(Long branchId) { this.branchId = branchId; } private boolean hasAllRights() { return hasCommonRights() && hasBranchRights(); } private boolean hasCommonRights() { WebInvocationPrivilegeEvaluator wipe = (WebInvocationPrivilegeEvaluator) WebApplicationContextUtils .getWebApplicationContext(pageContext.getServletContext()) .getBean(WebInvocationPrivilegeEvaluator.class); return wipe.isAllowed(url, SecurityContextHolder.getContext().getAuthentication()); } private boolean hasBranchRights() { ApplicationContext applicationContext = WebApplicationContextUtils .getWebApplicationContext(pageContext.getServletContext()); branchRightsHolder = applicationContext.getBean(BranchRightsHolder.class); return branchRightsHolder.isRight(url, branchId); } @Override public int doStartTag() { if (hasAllRights()) { return EVAL_BODY_INCLUDE; } else { return SKIP_BODY; } } }