vitro/webapp/config/tlds/VitroUtils.tld

<?xml version="1.0" encoding="ISO-8859-1"?>
<!-- $This file is distributed under the terms of the license in /doc/license.txt$ -->

<taglib
    xmlns="http://java.sun.com/xml/ns/j2ee" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd" 
    version="2.0">

     <display-name>Vitro Utilities taglib</display-name>
     <tlib-version>1.0</tlib-version>

    <short-name>Library of JSP utility tags for Vitro</short-name>
<!--
		This library has an assortment of tags for tasks that are common to many Vitro pages.
-->

	<tag>
		<name>confirmLoginStatus</name>
        <display-name>Confirm that the user is logged in as required</display-name>
        <description>
            Check to see that the user is logged in (optionally at a certain minimum level).
            If not, then redirect them to the login page, with the current request stored as
            a post-login destination.
            
            If "level" is specified, then the user must be logged in at least at that level
            in order to avoid being redirected. "level" may be a String like "DBA" or "EDITOR",
            or it may be an integer like 50 or 4.
            
            If "bean" is specified, it is taken as the name of a request attribute where the
            LoginStatusBean will be stored. 
        </description>
        <tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.ConfirmLoginStatus</tag-class>
		<body-content>empty</body-content>
		<attribute>
			<name>level</name>
			<required>false</required>
			<rtexprvalue>true</rtexprvalue>
		</attribute>   
		<attribute>
			<name>allowSelfEditing</name>
			<required>false</required>
			<rtexprvalue>true</rtexprvalue>
		</attribute>   
		<attribute>
			<name>bean</name>
			<required>false</required>
			<rtexprvalue>true</rtexprvalue>
		</attribute>   
	</tag>

	<tag>
		<name>requiresAuthorizationFor</name>
        <display-name>Confirm that the user is authorized for the actions that this page requires.</display-name>
        <description>
        	Confirm that the user is authorized to perform all of the RequestedActions that
        	this page requires. A check is done for each such action, to see whether the 
        	current policy will authorize that action for the current user. If any of the 
        	actions is not authorized, the user will be redirected to the appropriate page.
        	
        	If the user is not authorized because he is not logged in, he will be directed
        	to the login page, with the current request stored as a post-login destination.
        	
        	If the user is logged in but without sufficient authorization, he will be
        	directed to the home page, which will display an "insufficient authorization" 
        	message.
        	
        	The requested actions are specified as a comma delimited list of class names.
        	These must be RequestedAction classes, each with a no-argument public 
        	constructor.
        </description>
        <tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.RequiresAuthorizationFor</tag-class>
		<body-content>empty</body-content>
		<attribute>
			<name>classNames</name>
			<required>true</required>
			<rtexprvalue>true</rtexprvalue>
		</attribute>   
	</tag>

</taglib>
NIHVIVO-736 Create the <vitro:confirmLoginStatus> custom JSP tag. 2010-10-14 15:07:29 +00:00			`<?xml version="1.0" encoding="ISO-8859-1"?>`
			`<!-- $This file is distributed under the terms of the license in /doc/license.txt$ -->`

			`<taglib`
			`xmlns="http://java.sun.com/xml/ns/j2ee"`
			`xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`
			`xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd"`
			`version="2.0">`

			`<display-name>Vitro Utilities taglib</display-name>`
			`<tlib-version>1.0</tlib-version>`

			`<short-name>Library of JSP utility tags for Vitro</short-name>`
			`<!--`
			`This library has an assortment of tags for tasks that are common to many Vitro pages.`
			`-->`

			`<tag>`
			`<name>confirmLoginStatus</name>`
			`<display-name>Confirm that the user is logged in as required</display-name>`
			`<description>`
			`Check to see that the user is logged in (optionally at a certain minimum level).`
			`If not, then redirect them to the login page, with the current request stored as`
			`a post-login destination.`

			`If "level" is specified, then the user must be logged in at least at that level`
			`in order to avoid being redirected. "level" may be a String like "DBA" or "EDITOR",`
			`or it may be an integer like 50 or 4.`

			`If "bean" is specified, it is taken as the name of a request attribute where the`
			`LoginStatusBean will be stored.`
			`</description>`
			`<tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.ConfirmLoginStatus</tag-class>`
			`<body-content>empty</body-content>`
			`<attribute>`
			`<name>level</name>`
			`<required>false</required>`
			`<rtexprvalue>true</rtexprvalue>`
			`</attribute>`
NIHVIVO-736 Modify the <vitro:confirmLoginStatus> custom JSP tag to permit test for self-editing. 2010-10-14 15:59:04 +00:00			`<attribute>`
			`<name>allowSelfEditing</name>`
			`<required>false</required>`
			`<rtexprvalue>true</rtexprvalue>`
			`</attribute>`
NIHVIVO-736 Create the <vitro:confirmLoginStatus> custom JSP tag. 2010-10-14 15:07:29 +00:00			`<attribute>`
			`<name>bean</name>`
			`<required>false</required>`
			`<rtexprvalue>true</rtexprvalue>`
			`</attribute>`
			`</tag>`

NIHVIVO-2492 First pass at a mechanism to restrict pages by policy 2011-04-15 15:25:13 +00:00			`<tag>`
			`<name>requiresAuthorizationFor</name>`
			`<display-name>Confirm that the user is authorized for the actions that this page requires.</display-name>`
			`<description>`
			`Confirm that the user is authorized to perform all of the RequestedActions that`
			`this page requires. A check is done for each such action, to see whether the`
			`current policy will authorize that action for the current user. If any of the`
			`actions is not authorized, the user will be redirected to the appropriate page.`

			`If the user is not authorized because he is not logged in, he will be directed`
			`to the login page, with the current request stored as a post-login destination.`

			`If the user is logged in but without sufficient authorization, he will be`
			`directed to the home page, which will display an "insufficient authorization"`
			`message.`

NIHVIVO-2492 Second try at the JSP custom tag - it requires the fully-qualified class name, but it behaves in a much more robust way. 2011-04-15 16:55:20 +00:00			`The requested actions are specified as a comma delimited list of class names.`
			`These must be RequestedAction classes, each with a no-argument public`
			`constructor.`
NIHVIVO-2492 First pass at a mechanism to restrict pages by policy 2011-04-15 15:25:13 +00:00			`</description>`
			`<tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.RequiresAuthorizationFor</tag-class>`
			`<body-content>empty</body-content>`
			`<attribute>`
NIHVIVO-2492 Second try at the JSP custom tag - it requires the fully-qualified class name, but it behaves in a much more robust way. 2011-04-15 16:55:20 +00:00			`<name>classNames</name>`
NIHVIVO-2492 First pass at a mechanism to restrict pages by policy 2011-04-15 15:25:13 +00:00			`<required>true</required>`
			`<rtexprvalue>true</rtexprvalue>`
			`</attribute>`
			`</tag>`

NIHVIVO-736 Create the <vitro:confirmLoginStatus> custom JSP tag. 2010-10-14 15:07:29 +00:00			`</taglib>`