001    package org.hackystat.projectbrowser.page;
002    
003    import org.apache.wicket.Component;
004    import org.apache.wicket.RestartResponseAtInterceptPageException;
005    import org.apache.wicket.authorization.Action;
006    import org.apache.wicket.authorization.IAuthorizationStrategy;
007    import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
008    import org.hackystat.projectbrowser.ProjectBrowserApplication;
009    import org.hackystat.projectbrowser.ProjectBrowserSession;
010    import org.hackystat.projectbrowser.authentication.SigninPage;
011    
012    /**
013     * Implements authorization for all pages other than the home page.
014     * Users must sign in with their sensorbase email and password.   
015     * @author Philip Johnson
016     */
017    public class ProjectBrowserPageAuthentication implements IAuthorizationStrategy,
018    IUnauthorizedComponentInstantiationListener {
019    
020      /**
021       * Sets up the authorization strategy.
022       */
023      public ProjectBrowserPageAuthentication() {
024        ProjectBrowserApplication.get().getSecuritySettings()
025        .setUnauthorizedComponentInstantiationListener(this);
026      }
027      
028      /**
029       * Individual component actions are always authorized. 
030       * @param component The component in question. 
031       * @param action The component in question. 
032       * @return Always true.
033       */
034      public boolean isActionAuthorized(Component component, Action action) {
035        return true;
036      }
037    
038      /**
039       * Page-level retrieval must be authenticated by checking the session instance to see if the user
040       * is signed in. 
041       * @param component The component in question. 
042       * @return True if this user is signed in with a valid sensorbase user name and password.
043       */
044      @SuppressWarnings("unchecked")
045      public boolean isInstantiationAuthorized(Class component) {
046        if (ProjectBrowserBasePage.class.isAssignableFrom(component)) {
047          return ProjectBrowserSession.get().isAuthenticated();
048        }
049        return true;
050      }
051    
052      /**
053       * Upon authentication failure, redirect to home page with a helpful message. 
054       * @param component The component in question. 
055       */
056      public void onUnauthorizedInstantiation(Component component) {
057        ProjectBrowserSession.get().setSigninFeedback("You must login to retrieve that page.");
058        throw new RestartResponseAtInterceptPageException(SigninPage.class);
059      }
060    
061    }