From 42cee19d55907d50ec012cb502ef0c08c25aa8b2 Mon Sep 17 00:00:00 2001
From: j2blake <j2blake@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Thu, 12 May 2011 19:27:02 +0000
Subject: [PATCH] NIHVIVO-2299 Accept either an Actions object or a sequence of
 RequestedAction for authorization.

---
 .../webapp/controller/VitroHttpServlet.java     | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java
index 1aa9f51d8..5f7858b16 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java
@@ -26,6 +26,7 @@ import org.apache.commons.logging.LogFactory;
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
 import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
 import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LogoutRedirector;
 
@@ -98,7 +99,19 @@ public class VitroHttpServlet extends HttpServlet {
 	 * Don't display a page that the user isn't authorized to see.
 	 * 
 	 * @param actions
-	 *            the RequestedActions that need to be authorized.
+	 *            the RequestedActions that must be authorized.
+	 */
+	protected boolean isAuthorizedToDisplayPage(HttpServletRequest request,
+			HttpServletResponse response, RequestedAction... actions) {
+		return isAuthorizedToDisplayPage(request, response,
+				new Actions(Arrays.asList(actions)));
+	}
+
+	/**
+	 * Don't display a page that the user isn't authorized to see.
+	 * 
+	 * @param actions
+	 *            the combination of RequestedActions that must be authorized.
 	 */
 	protected boolean isAuthorizedToDisplayPage(HttpServletRequest request,
 			HttpServletResponse response, Actions actions) {
@@ -112,7 +125,7 @@ public class VitroHttpServlet extends HttpServlet {
 					+ "' is authorized for actions: " + actions);
 			return true;
 		}
-		
+
 		log.debug("Servlet '" + this.getClass().getSimpleName()
 				+ "' is not authorized for actions: " + actions);