Velocity question but I'm using tdk...
In theory I can check if a user has a particular
permission using a pull tool. The pull tool
implements a method isAuthorizedGlobal()
that takes a permission as a parameter.
In a regular velocity screen I can do this:
#if (!$mypull.isAuthorizedGlobal("some_perm"))
$data.setRedirectURI($link.setAction("LogoutUser").getURI())
$data.setStatusCode(302)
#stop
#end
And thus the user is turned away if they get
to this screen.
Rather than putting this block of code at the
top of every page I would rather go:
#checkAuthorizedGlobal("some_perm")
and have this velocimacro:
#macro (checkAuthorizedGlobal $permission)
#if (!$mypull.isAuthorizedGlobal($permission))
$data.setRedirectURI($link.setAction("LogoutUser").getURI())
$data.setStatusCode(302)
#stop
#end
#end
With or without escaping the #stop velocity throws an
exception while parsing the macro file:
Mon Jul 02 15:00:05 GMT+10:00 2001 [error] Parser Exception: GlobalMacros.vm :
org.apache.velocity.runtime.parser.ParseException: Encountered "<EOF>" at line 279,
column 5.
Was expecting one of:
"(" ...
<RPAREN> ...
<ESCAPE_DIRECTIVE> ...
<SET_DIRECTIVE> ...
"\\\\" ...
"\\" ...
<TEXT> ...
<SINGLE_LINE_COMMENT> ...
"*#" ...
"*#" ...
<STRING_LITERAL> ...
<END> ...
"if" ...
"elseif" ...
<ELSE_DIRECTIVE> ...
"stop" ...
<NUMBER_LITERAL> ...
<WORD> ...
<IDENTIFIER> ...
<DOT> ...
"{" ...
at org.apache.velocity.runtime.parser.Parser.generateParseException(Parser.java)
at org.apache.velocity.runtime.parser.Parser.jj_consume_token(Parser.java)
at org.apache.velocity.runtime.parser.Parser.IfStatement(Parser.java)
at org.apache.velocity.runtime.parser.Parser.Statement(Parser.java)
at org.apache.velocity.runtime.parser.Parser.Directive(Parser.java)
at org.apache.velocity.runtime.parser.Parser.Statement(Parser.java)
at org.apache.velocity.runtime.parser.Parser.process(Parser.java)
at org.apache.velocity.runtime.parser.Parser.parse(Parser.java)
at org.apache.velocity.runtime.Runtime.parse(Runtime.java)
at org.apache.velocity.Template.process(Template.java)
at
org.apache.velocity.runtime.resource.ResourceManager.getResource(ResourceManager.java)
at org.apache.velocity.runtime.Runtime.getTemplate(Runtime.java)
at org.apache.velocity.runtime.Runtime.getTemplate(Runtime.java)
at
org.apache.velocity.runtime.VelocimacroFactory.initVelocimacro(VelocimacroFactory.java)
at org.apache.velocity.runtime.Runtime.init(Runtime.java)
at org.apache.velocity.app.Velocity.init(Velocity.java)
at
org.apache.turbine.services.velocity.TurbineVelocityService.initVelocity(TurbineVelocityService.java:460)
at
org.apache.turbine.services.velocity.TurbineVelocityService.init(TurbineVelocityService.java:138)
at org.apache.turbine.services.TurbineBaseService.init(TurbineBaseService.java:108)
at
org.apache.turbine.services.BaseInitableBroker.initClass(BaseInitableBroker.java:150)
at
org.apache.turbine.services.BaseServiceBroker.doInitService(BaseServiceBroker.java:226)
at
org.apache.turbine.services.BaseServiceBroker.initServices(BaseServiceBroker.java:195)
at org.apache.turbine.Turbine.init(Turbine.java:185)
If I totally remove the #stop it works, but the code
following the call to #checkAuthorizedGlobal() is
executed which is going to unnecessarily waste
resources.
Is there a better way for me to code the #stop in the
macro file? Should I be able to code #stop in a
macro anyway?
I like the fact that this approach detaches the
permission checking for the screen template from
the screen classes, but I am cautious because it
makes it so easy for someone with access to the
templates to get around the security. What do
you think about this approach?
Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
