public String containerRoleTable()

in jspwiki-main/src/main/java/org/apache/wiki/auth/SecurityVerifier.java [342:410]

• 59 lines of code
• 10 McCabe index (conditional complexity)

    public String containerRoleTable() throws WikiException {
        final AuthorizationManager authorizationManager = m_engine.getManager( AuthorizationManager.class );
        final Authorizer authorizer = authorizationManager.getAuthorizer();

        // If authorizer not WebContainerAuthorizer, print error message
        if ( !( authorizer instanceof WebContainerAuthorizer ) ) {
            throw new IllegalStateException( "Authorizer should be WebContainerAuthorizer" );
        }

        // Now, print a table with JSP pages listed on the left, and
        // an evaluation of each pages' constraints for each role
        // we discovered
        final StringBuilder s = new StringBuilder();
        final Principal[] roles = authorizer.getRoles();
        s.append( "<table class=\"wikitable\" border=\"1\">\n" );
        s.append( "<thead>\n" );
        s.append( "  <tr>\n" );
        s.append( "    <th rowspan=\"2\">Action</th>\n" );
        s.append( "    <th rowspan=\"2\">Page</th>\n" );
        s.append( "    <th colspan=\"" ).append( roles.length ).append( 1 ).append( "\">Roles</th>\n" );
        s.append( "  </tr>\n" );
        s.append( "  <tr>\n" );
        s.append( "    <th>Anonymous</th>\n" );
        for( final Principal role : roles ) {
            s.append( "    <th>" ).append( role.getName() ).append( "</th>\n" );
        }
        s.append( "</tr>\n" );
        s.append( "</thead>\n" );
        s.append( "<tbody>\n" );

        final WebContainerAuthorizer wca = (WebContainerAuthorizer) authorizer;
        for( int i = 0; i < CONTAINER_ACTIONS.length; i++ ) {
            final String action = CONTAINER_ACTIONS[i];
            final String jsp = CONTAINER_JSPS[i];

            // Print whether the page is constrained for each role
            final boolean allowsAnonymous = !wca.isConstrained( jsp, Role.ALL );
            s.append( "  <tr>\n" );
            s.append( "    <td>" ).append( action ).append( "</td>\n" );
            s.append( "    <td>" ).append( jsp ).append( "</td>\n" );
            s.append( "    <td title=\"" );
            s.append( allowsAnonymous ? "ALLOW: " : "DENY: " );
            s.append( jsp );
            s.append( " Anonymous" );
            s.append( "\"" );
            s.append( allowsAnonymous ? BG_GREEN + ">" : BG_RED + ">" );
            s.append( "&nbsp;</td>\n" );
            for( final Principal role : roles )
            {
                final boolean allowed = allowsAnonymous || wca.isConstrained( jsp, (Role)role );
                s.append( "    <td title=\"" );
                s.append( allowed ? "ALLOW: " : "DENY: " );
                s.append( jsp );
                s.append( " " );
                s.append( role.getClass().getName() );
                s.append( " &quot;" );
                s.append( role.getName() );
                s.append( "&quot;" );
                s.append( "\"" );
                s.append( allowed ? BG_GREEN + ">" : BG_RED + ">" );
                s.append( "&nbsp;</td>\n" );
            }
            s.append( "  </tr>\n" );
        }

        s.append( "</tbody>\n" );
        s.append( "</table>\n" );
        return s.toString();
    }