NIHVIVO-2492 convert JSPs from <vitro:requiresAuthorizationFor> and <vitro:confirmLoginStatus> to <vitro:confirmAuthorization>

webapp/config/tlds/VitroUtils.tld

@@ -16,47 +16,15 @@
 -->
 
 	<tag>
-		<name>confirmLoginStatus</name>
-        <display-name>Confirm that the user is logged in as required</display-name>
-        <description>
-            Check to see that the user is logged in (optionally at a certain minimum level).
-            If not, then redirect them to the login page, with the current request stored as
-            a post-login destination.
-            
-            If "level" is specified, then the user must be logged in at least at that level
-            in order to avoid being redirected. "level" may be a String like "DBA" or "EDITOR",
-            or it may be an integer like 50 or 4.
-            
-            If "bean" is specified, it is taken as the name of a request attribute where the
-            LoginStatusBean will be stored. 
-        </description>
-        <tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.ConfirmLoginStatus</tag-class>
-		<body-content>empty</body-content>
-		<attribute>
-			<name>level</name>
-			<required>false</required>
-			<rtexprvalue>true</rtexprvalue>
-		</attribute>   
-		<attribute>
-			<name>allowSelfEditing</name>
-			<required>false</required>
-			<rtexprvalue>true</rtexprvalue>
-		</attribute>   
-		<attribute>
-			<name>bean</name>
-			<required>false</required>
-			<rtexprvalue>true</rtexprvalue>
-		</attribute>   
-	</tag>
-
-	<tag>
-		<name>requiresAuthorizationFor</name>
+		<name>confirmAuthorization</name>
         <display-name>Confirm that the user is authorized for the actions that this page requires.</display-name>
         <description>
         	Confirm that the user is authorized to perform all of the RequestedActions that
-        	this page requires. A check is done for each such action, to see whether the 
-        	current policy will authorize that action for the current user. If any of the 
-        	actions is not authorized, the user will be redirected to the appropriate page.
+        	this page requires. If any of the actions is not authorized, the user will be 
+        	redirected to the appropriate page.
+        	
+        	The actions must be found in the "requestedActions" attribute of the request. 
+        	The attribute may be a RequestedAction or an array of RequestedActions. 
         	
         	If the user is not authorized because he is not logged in, he will be directed
         	to the login page, with the current request stored as a post-login destination.
@@ -64,18 +32,9 @@
         	If the user is logged in but without sufficient authorization, he will be
         	directed to the home page, which will display an "insufficient authorization" 
         	message.
-        	
-        	The requested actions are specified as a comma delimited list of class names.
-        	These must be RequestedAction classes, each with a no-argument public 
-        	constructor.
         </description>
-        <tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.RequiresAuthorizationFor</tag-class>
+        <tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.ConfirmAuthorization</tag-class>
 		<body-content>empty</body-content>
-		<attribute>
-			<name>classNames</name>
-			<required>true</required>
-			<rtexprvalue>true</rtexprvalue>
-		</attribute>   
 	</tag>
 
 </taglib>