新增的兩個頁面分別是AdminPanelPage.html(使用meta data授權)及AdminAnnotationPanelPage.html(使用annotation授權)。
因此,在HomePage.html也要新增兩個超連結。
<div> <a href="#" wicket:id="adminBookmarkableLink"> 前往bookmarkable AdminPage.html(使用metadata方式授權) </a> <br /> <a href="#" wicket:id="adminInternalLink"> 前往內部頁面AdminInternalPage.html(使用metadata方式授權) </a> <br /> <a href="#" wicket:id="panelsPageLink"> 前往Panel頁面AdminPanelPage.html(使用metadata方式授權) </a> </div> <br /> <div> <a href="#" wicket:id="adminAnnotBookmarkableLink"> 前往bookmarkable AdminAnnotationPage.html(使用annotation方式授權) </a> <br /> <a href="#" wicket:id="adminAnnotInternalLink"> 前往內部頁面AdminInternalAnnotationPage.html(使用annotation方式授權) </a> <br /> <a href="#" wicket:id="panelsAnnotPageLink"> 前往Panel頁面AdminAnnotationPanelPage.html(使用annotation方式授權) </a> </div>
在HomePage.java中要有相對應的程式碼。
//連到使用meta data授權方式的AdminPagelhtml add(new BookmarkablePageLink<Void>("adminBookmarkableLink", AdminPage.class)); //連到使用meta data授權方式的AdminInternalPage.html add(new Link("adminInternalLink") { @Override public void onClick() { setResponsePage(new AdminInternalPage("foo")); } }); //連到使用meta data授權方式的AdminPanelPage.html //此頁面含有3個panel,可以依授權角色而呈現不同的panel add(new BookmarkablePageLink<Void>("panelsPageLink", AdminPanelPage.class)); //連到使用annotation授權方式的AdminAnnotationPagelhtml add(new BookmarkablePageLink<Void>("adminAnnotBookmarkableLink", AdminAnnotationPage.class)); //連到使用annotation授權方式的AdminInternalAnnotationPagelhtml add(new Link("adminAnnotInternalLink") { @Override public void onClick() { setResponsePage(new AdminInternalAnnotationPage("bar")); } }); //連到使用annotation授權方式的AdminAnnotationPanelPage.html //此頁面含有3個panel,可以依授權角色而呈現不同的panel add(new BookmarkablePageLink<Void>("panelsAnnotPageLink", AdminAnnotationPanelPage.class));
接下來我們要在AdminPanelPage.html中新增3個Panel(ForAllUsers.html、ForAdminsAndUsers.html及ForAdmins.html)。
首先要在AdminPanelPage.html中加入panel的markup。
<wicket:extend> 這是PanelPage,依照角色的不同,可以看到的Panel也不同 <br /> 本頁面以meta data進行授權 <span wicket:id="forAllUsersPanel"> 所有人都可以看得到 </span> <span wicket:id="forAdminsAndUsersPanel"> ADMIN及USER可以看到 </span> <span wicket:id="forAdminsPanel"> 只有ADMIN看的到 </span> </wicket:extend>
相對應的AdminPanelPage.java。
package com.myapp.wicket; import org.apache.wicket.authroles.authorization.strategies.role.metadata.MetaDataRoleAuthorizationStrategy; public final class AdminPanelPage extends BasePage { public AdminPanelPage() { ForAllUsers forAllUsers = new ForAllUsers("forAllUsersPanel"); add(forAllUsers); ForAdminsAndUsers forAdminsAndUsers = new ForAdminsAndUsers("forAdminsAndUsersPanel"); add(forAdminsAndUsers); //使用meta data進行授權 //允許進行Action.RENDER動作 MetaDataRoleAuthorizationStrategy.authorize(forAdminsAndUsers, RENDER, "ADMIN"); MetaDataRoleAuthorizationStrategy.authorize(forAdminsAndUsers, RENDER, "USER"); ForAdmins forAdmins = new ForAdmins("forAdminsPanel"); MetaDataRoleAuthorizationStrategy.authorize(forAdmins, RENDER, "ADMIN"); add(forAdmins); } }
接下來要建立三個自訂的Panel。
<wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 此Panel只有ADMIN才看的到 </div> </wicket:panel> <wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 此Panel只有ADMIN及USER才看的到 </div> </wicket:panel> <wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 此Panel所有人都看得到 </div> </wicket:panel>
和三個Panel相對應的java原始碼。
//forAdmins.java package com.myapp.wicket; import org.apache.wicket.markup.html.panel.Panel; public final class ForAdmins extends Panel { public ForAdmins(String id) { super(id); } } //forAdminsAndUsers.java package com.myapp.wicket; import org.apache.wicket.markup.html.panel.Panel; public final class ForAdminsAndUsers extends Panel { public ForAdminsAndUsers(String id) { super(id); } } //forAllUsers.java package com.myapp.wicket; import org.apache.wicket.markup.html.panel.Panel; public final class ForAllUsers extends Panel { public ForAllUsers(String id) { super(id); } }
再接下來,我們來建立使用annotation授權的AdminAnnotationPanelPage.html及4個相關panel(AnnoForAdmins.html、AnnoForAdminsAndUsers.html及AnnoForAllUsers.html及AnnoTest.html)。AnnoTest.html則是一個可以點選後隱藏/顯現的panel。
<wicket:extend> 這是PanelPage,依照角色的不同,可以看到的Panel也不同 <br /> 本頁面以annotation進行授權 <span wicket:id="forAllUsersPanel"> 所有人都可以看得到 </span> <span wicket:id="forAdminsAndUsersPanel"> ADMIN及USER可以看得到 </span> <span wicket:id="forAdminsPanel"> ADMIN看得到 </span> <!--這裡使用WebMarkupContainer來容納相關的元件--> <a href="#" wicket:id="link">切換開關</a> <div wicket:id="outer"> <span wicket:id="test">[沒有東西在這裡]</span> </div> </wicket:extend> <wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 此Panel只有ADMIN才看的到 </div> </wicket:panel> <wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 此Panel只有ADMIN及USER才看的到 </div> </wicket:panel> <wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 此Panel所有人都看得到 </div> </wicket:panel> <wicket:panel> <div style="border: solid; margin:2px; padding:2px;"> 這個Panel只有在角色ADMIN及USER才看得到 </div> <ul> <li wicket:id="list"> <!--以下會因為不使角色(USER,ADMIN)而有不同的內容--> <span wicket:id="userLabel">[USER:標籤列表]</span> <span wicket:id="adminLabel">[ADMIN:標籤列表]</span> </li> </ul> </wicket:panel>
以下則是各個使用annotation授權的panel相對應的java原始碼。
//AdminAnnotationPanelPage.java package com.myapp.wicket; import org.apache.wicket.ajax.AjaxRequestTarget; import org.apache.wicket.ajax.markup.html.AjaxLink; import org.apache.wicket.markup.html.WebMarkupContainer; public final class AdminAnnotationPanelPage extends BasePage { //使用內容的容器來容納AnnoTest這個panel private WebMarkupContainer outer; //用來切換outer是否顯示的開關 private boolean showDummy = true; public AdminAnnotationPanelPage() { //加入所有人都可以看到的panel add(new AnnoForAllUsers("forAllUsersPanel")); //只有ADMIN及USER才可以看得到 add(new AnnoForAdminsAndUsers("forAdminsAndUsersPanel")); //只有ADMIN才可以看得到 add(new AnnoForAdmins("forAdminsPanel")); //可以讓使用者自由切換是否顯示 add(outer = new WebMarkupContainer("outer")); //為了要讓Ajax可以在背景request,並即時顯示 //所以要取得markupid outer.setOutputMarkupId(true); //在outer中再加入另一個容器 //這個容器會再加入另一個容器 outer.add(new WebMarkupContainer("test").setOutputMarkupId(true)); add(new AjaxLink<Void>("link") { @Override public void onClick(AjaxRequestTarget target) { showDummy = !showDummy; if (showDummy) { //使用replace來替換容器的內容 //需注意child id必須相同(在此為test) outer.replace(new WebMarkupContainer("test")); } else { outer.replace(new AnnoTest("test")); } target.add(outer); } }); } } //AnnoForAdmins.java package com.myapp.wicket; import org.apache.wicket.authorization.Action; import org.apache.wicket.authroles.authorization.strategies.role.Roles; import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeAction; import org.apache.wicket.markup.html.panel.Panel; //僅授權ADMIN可以顯示(RENDER) @AuthorizeAction(action = Action.RENDER, roles = Roles.ADMIN) public final class AnnoForAdmins extends Panel { public AnnoForAdmins(String id) { super(id); } } //AnnoForAdminsAndUsers.java package com.myapp.wicket; import org.apache.wicket.authorization.Action; import org.apache.wicket.authroles.authorization.strategies.role.Roles; import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeAction; import org.apache.wicket.markup.html.panel.Panel; //僅容許ADMIN及USER @AuthorizeAction(action = Action.RENDER, roles = { Roles.ADMIN, Roles.USER }) public final class AnnoForAdminsAndUsers extends Panel { public AnnoForAdminsAndUsers(String id) { super(id); } } //AnnoForAllUsers.java package com.myapp.wicket; import org.apache.wicket.markup.html.panel.Panel; //不做annotation標示 //所有人都可以看得到 public final class AnnoForAllUsers extends Panel { public AnnoForAllUsers(String id) { super(id); } } //AnnoTest.java package com.myapp.wicket; import java.util.Arrays; import java.util.List; import org.apache.wicket.authorization.Action; import org.apache.wicket.authroles.authorization.strategies.role.Roles; import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeAction; import org.apache.wicket.markup.html.basic.Label; import org.apache.wicket.markup.html.list.ListItem; import org.apache.wicket.markup.html.list.ListView; import org.apache.wicket.markup.html.panel.Panel; //授權ADMIN及USER @AuthorizeAction(action = Action.RENDER, roles = {Roles.ADMIN, Roles.USER}) public final class AnnoTest extends Panel { public AnnoTest(String id) { super(id); List<String> l = Arrays.asList("1", "2", "3", "4", "5"); ListView<String> listView = new ListView<String>("list", l) { @Override protected void populateItem(ListItem<String> item) { String i = item.getDefaultModelObjectAsString(); item.add(new UserLabel("userLabel", i)); item.add(new AdminLabel("adminLabel", i)); } }; add(listView); listView.setReuseItems(true); } //USER標籤 //授權USER可顯示(意思是ADMIN看不到) @AuthorizeAction(action = Action.RENDER, roles = Roles.USER) private static class UserLabel extends Label { public UserLabel(String id, String nbr) { super(id, "USER標籤: " + nbr); } } //ADMIN標籤 //授權ADMIN可顯示 @AuthorizeAction(action = Action.RENDER, roles = Roles.ADMIN) private static class AdminLabel extends Label { public AdminLabel(String id, String nbr) { super(id, "ADMIN標籤: " + nbr); } } }
至此,大功告成!
No comments:
Post a Comment