NIHVIVO-2492 convert JSPs from <vitro:requiresAuthorizationFor> and <vitro:confirmLoginStatus> to <vitro:confirmAuthorization>
This commit is contained in:
parent
3d70274c78
commit
5610249bbc
50 changed files with 349 additions and 408 deletions
|
@ -16,47 +16,15 @@
|
|||
-->
|
||||
|
||||
<tag>
|
||||
<name>confirmLoginStatus</name>
|
||||
<display-name>Confirm that the user is logged in as required</display-name>
|
||||
<description>
|
||||
Check to see that the user is logged in (optionally at a certain minimum level).
|
||||
If not, then redirect them to the login page, with the current request stored as
|
||||
a post-login destination.
|
||||
|
||||
If "level" is specified, then the user must be logged in at least at that level
|
||||
in order to avoid being redirected. "level" may be a String like "DBA" or "EDITOR",
|
||||
or it may be an integer like 50 or 4.
|
||||
|
||||
If "bean" is specified, it is taken as the name of a request attribute where the
|
||||
LoginStatusBean will be stored.
|
||||
</description>
|
||||
<tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.ConfirmLoginStatus</tag-class>
|
||||
<body-content>empty</body-content>
|
||||
<attribute>
|
||||
<name>level</name>
|
||||
<required>false</required>
|
||||
<rtexprvalue>true</rtexprvalue>
|
||||
</attribute>
|
||||
<attribute>
|
||||
<name>allowSelfEditing</name>
|
||||
<required>false</required>
|
||||
<rtexprvalue>true</rtexprvalue>
|
||||
</attribute>
|
||||
<attribute>
|
||||
<name>bean</name>
|
||||
<required>false</required>
|
||||
<rtexprvalue>true</rtexprvalue>
|
||||
</attribute>
|
||||
</tag>
|
||||
|
||||
<tag>
|
||||
<name>requiresAuthorizationFor</name>
|
||||
<name>confirmAuthorization</name>
|
||||
<display-name>Confirm that the user is authorized for the actions that this page requires.</display-name>
|
||||
<description>
|
||||
Confirm that the user is authorized to perform all of the RequestedActions that
|
||||
this page requires. A check is done for each such action, to see whether the
|
||||
current policy will authorize that action for the current user. If any of the
|
||||
actions is not authorized, the user will be redirected to the appropriate page.
|
||||
this page requires. If any of the actions is not authorized, the user will be
|
||||
redirected to the appropriate page.
|
||||
|
||||
The actions must be found in the "requestedActions" attribute of the request.
|
||||
The attribute may be a RequestedAction or an array of RequestedActions.
|
||||
|
||||
If the user is not authorized because he is not logged in, he will be directed
|
||||
to the login page, with the current request stored as a post-login destination.
|
||||
|
@ -64,18 +32,9 @@
|
|||
If the user is logged in but without sufficient authorization, he will be
|
||||
directed to the home page, which will display an "insufficient authorization"
|
||||
message.
|
||||
|
||||
The requested actions are specified as a comma delimited list of class names.
|
||||
These must be RequestedAction classes, each with a no-argument public
|
||||
constructor.
|
||||
</description>
|
||||
<tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.RequiresAuthorizationFor</tag-class>
|
||||
<tag-class>edu.cornell.mannlib.vitro.webapp.web.jsptags.ConfirmAuthorization</tag-class>
|
||||
<body-content>empty</body-content>
|
||||
<attribute>
|
||||
<name>classNames</name>
|
||||
<required>true</required>
|
||||
<rtexprvalue>true</rtexprvalue>
|
||||
</attribute>
|
||||
</tag>
|
||||
|
||||
</taglib>
|
Loading…
Add table
Add a link
Reference in a new issue