continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/ContinuumActionSupport.java - continuum - Git at Google

 package org.apache.maven.continuum.web.action;

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 import java.text.SimpleDateFormat;
 import java.util.ResourceBundle;

 import com.opensymphony.xwork2.ActionContext;
 import com.opensymphony.xwork2.Preparable;
 import org.apache.maven.continuum.Continuum;
 import org.apache.maven.continuum.security.ContinuumRoleConstants;
 import org.apache.maven.continuum.web.exception.AuthenticationRequiredException;
 import org.apache.maven.continuum.web.exception.AuthorizationRequiredException;
 import org.codehaus.plexus.redback.authorization.AuthorizationException;
 import org.codehaus.plexus.redback.system.SecuritySession;
 import org.codehaus.plexus.redback.system.SecuritySystem;
 import org.codehaus.plexus.redback.system.SecuritySystemConstants;
 import org.codehaus.plexus.util.StringUtils;

 /**
  * ContinuumActionSupport
  *
  * @author Jesse McConnell <jesse@codehaus.org>
  * @version $Id$
  */
 public class ContinuumActionSupport
     extends PlexusActionSupport
     implements Preparable
 {
     private SecuritySession securitySession;

     /**
      * @plexus.requirement
      */
     private SecuritySystem securitySystem;

     protected static final String REQUIRES_AUTHENTICATION = "requires-authentication";

     protected static final String REQUIRES_AUTHORIZATION = "requires-authorization";

     protected static final String ERROR_MSG_AUTHORIZATION_REQUIRED = "You are not authorized to access this page. " +
         "Please contact your administrator to be granted the appropriate permissions.";

     protected static final String ERROR_MSG_PROCESSING_AUTHORIZATION =
         "An error occurred while performing authorization.";

     /**
      * @plexus.requirement
      */
     private Continuum continuum;

     protected SimpleDateFormat dateFormatter = new SimpleDateFormat("MMM dd, yyyy hh:mm:ss aaa z");

     public void prepare()
         throws Exception
     {
         if ( securitySession == null )
         {
             securitySession =
                 (SecuritySession) getContext().getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
         }
     }

     public Continuum getContinuum()
     {
         return continuum;
     }

     public void setContinuum( Continuum continuum )
     {
         this.continuum = continuum;
     }

     public String doDefault()
         throws Exception
     {
         return REQUIRES_AUTHORIZATION;
     }

     public String input()
         throws Exception
     {
         return REQUIRES_AUTHORIZATION;
     }

     public String execute()
         throws Exception
     {
         return REQUIRES_AUTHORIZATION;
     }

     /**
      * Check if the current user is authorized to do the action
      *
      * @param role the role
      * @throws AuthorizationRequiredException if the user isn't authorized
      */
     protected void checkAuthorization( String role )
         throws AuthorizationRequiredException
     {
         checkAuthorization( role, null, false );
     }

     /**
      * Check if the current user is authorized to do the action
      *
      * @param role     the role
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized
      */
     protected void checkAuthorization( String role, String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( role, resource, true );
     }

     /**
      * Check if the current user is authorized to do the action
      *
      * @param role             the role
      * @param resource         the operation resource
      * @param requiredResource true if resource can't be null
      * @throws AuthorizationRequiredException if the user isn't authorized
      */
     protected void checkAuthorization( String role, String resource, boolean requiredResource )
         throws AuthorizationRequiredException
     {
         try
         {
             if ( resource != null && StringUtils.isNotEmpty( resource.trim() ) )
             {
                 if ( !getSecuritySystem().isAuthorized( getSecuritySession(), role, resource ) )
                 {
                     throw new AuthorizationRequiredException( ERROR_MSG_AUTHORIZATION_REQUIRED );
                 }
             }
             else
             {
                 if ( requiredResource || !getSecuritySystem().isAuthorized( getSecuritySession(), role ) )
                 {
                     throw new AuthorizationRequiredException( ERROR_MSG_AUTHORIZATION_REQUIRED );
                 }
             }
         }
         catch ( AuthorizationException ae )
         {
             throw new AuthorizationRequiredException( ERROR_MSG_PROCESSING_AUTHORIZATION );
         }
     }

     /**
      * Check if the current user is authorized to view the specified project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkViewProjectGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to add a project group
      *
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkAddProjectGroupAuthorization()
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_GROUP_OPERATION );
     }

     /**
      * Check if the current user is authorized to delete the specified project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkRemoveProjectGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to build the specified project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkBuildProjectGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_BUILD_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to modify the specified project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkModifyProjectGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to add a project to a specific project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkAddProjectToGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_PROJECT_TO_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to delete a project from a specified group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkRemoveProjectFromGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_PROJECT_FROM_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to modify a project in the specified group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkModifyProjectInGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_PROJECT_IN_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to build a project in the specified group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkBuildProjectInGroupAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_BUILD_PROJECT_IN_GROUP_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to add a build definition for the specified
      * project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkAddGroupBuildDefinitionAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_GROUP_BUILD_DEFINTION_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to delete a build definition in the specified
      * project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkRemoveGroupBuildDefinitionAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_GROUP_BUILD_DEFINITION_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to modify a build definition in the specified
      * project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkModifyGroupBuildDefinitionAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_GROUP_BUILD_DEFINITION_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to add a group build definition to a specific
      * project
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkAddProjectBuildDefinitionAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_PROJECT_BUILD_DEFINTION_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to modify a build definition of a specific project
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkModifyProjectBuildDefinitionAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_PROJECT_BUILD_DEFINITION_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to delete a build definition of a specific
      * project
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkRemoveProjectBuildDefinitionAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_PROJECT_BUILD_DEFINITION_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to add a notifier to the specified
      * project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkAddProjectGroupNotifierAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_GROUP_NOTIFIER_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to delete a notifier in the specified
      * project group
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkRemoveProjectGroupNotifierAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_GROUP_NOTIFIER_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to modify a notifier in the specified
      * project group
      *
      * @param resource the operartion resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkModifyProjectGroupNotifierAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_GROUP_NOTIFIER_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to add a notifier to a specific project
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkAddProjectNotifierAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_PROJECT_NOTIFIER_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to delete a notifier in a specific project
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkRemoveProjectNotifierAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_PROJECT_NOTIFIER_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to modify a notifier in a specific project
      *
      * @param resource the operation resource
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkModifyProjectNotifierAuthorization( String resource )
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_PROJECT_NOTIFIER_OPERATION, resource );
     }

     /**
      * Check if the current user is authorized to manage the application's configuration
      *
      * @throws AuthenticationRequiredException
      *                                        if the user isn't authorized if the user isn't authenticated
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkManageConfigurationAuthorization()
         throws AuthenticationRequiredException, AuthorizationRequiredException
     {
         if ( !isAuthenticated() )
         {
             throw new AuthenticationRequiredException( "Authentication required." );
         }

         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_CONFIGURATION );
     }

     /**
      * Check if the current user is authorized to manage the project build schedules
      *
      * @throws AuthenticationRequiredException
      *                                        if the user isn't authorized if the user isn't authenticated
      * @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
      */
     protected void checkManageSchedulesAuthorization()
         throws AuthenticationRequiredException, AuthorizationRequiredException
     {
         if ( !isAuthenticated() )
         {
             throw new AuthenticationRequiredException( "Authentication required." );
         }

         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_SCHEDULES );
     }

     /**
      * Check if the current user is authorized to manage queues
      *
      * @throws AuthenticationRequiredException if the user isn't authenticated
      * @throws AuthorizationRequiredException if the user isn't authorized
      */
     protected void checkManageQueuesAuthorization()
         throws AuthenticationRequiredException, AuthorizationRequiredException
     {
         if ( !isAuthenticated() )
         {
             throw new AuthenticationRequiredException( "Authentication required" );
         }

         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_QUEUES );
     }

     protected void checkManageLocalRepositoriesAuthorization()
         throws AuthorizationRequiredException
     {
         checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_REPOSITORIES );
     }

     /**
      * Get the security session
      *
      * @return current SecuritySession
      */
     private SecuritySession getSecuritySession()
     {

         return securitySession;
     }

     /**
      * Get the action context
      *
      * @return action context
      */
     private ActionContext getContext()
     {

         return ActionContext.getContext();
     }

     /**
      * Get the security system
      *
      * @return the security system
      */
     protected SecuritySystem getSecuritySystem()
     {
         return securitySystem;
     }

     protected boolean requiresAuthentication()
     {
         return true;
     }

     /**
      * Check if the current user is already authenticated
      *
      * @return true if the user is authenticated
      */
     public boolean isAuthenticated()
     {
         if ( requiresAuthentication() )
         {
             if ( getSecuritySession() == null || !getSecuritySession().isAuthenticated() )
             {
                 return false;
             }
         }

         return true;
     }

     protected ResourceBundle getResourceBundle()
     {
         return getTexts( "localization/Continuum" );
     }
 }
	package org.apache.maven.continuum.web.action;

	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	import java.text.SimpleDateFormat;
	import java.util.ResourceBundle;

	import com.opensymphony.xwork2.ActionContext;
	import com.opensymphony.xwork2.Preparable;
	import org.apache.maven.continuum.Continuum;
	import org.apache.maven.continuum.security.ContinuumRoleConstants;
	import org.apache.maven.continuum.web.exception.AuthenticationRequiredException;
	import org.apache.maven.continuum.web.exception.AuthorizationRequiredException;
	import org.codehaus.plexus.redback.authorization.AuthorizationException;
	import org.codehaus.plexus.redback.system.SecuritySession;
	import org.codehaus.plexus.redback.system.SecuritySystem;
	import org.codehaus.plexus.redback.system.SecuritySystemConstants;
	import org.codehaus.plexus.util.StringUtils;

	/**
	* ContinuumActionSupport
	*
	* @author Jesse McConnell <jesse@codehaus.org>
	* @version $Id$
	*/
	public class ContinuumActionSupport
	extends PlexusActionSupport
	implements Preparable
	{
	private SecuritySession securitySession;

	/**
	* @plexus.requirement
	*/
	private SecuritySystem securitySystem;

	protected static final String REQUIRES_AUTHENTICATION = "requires-authentication";

	protected static final String REQUIRES_AUTHORIZATION = "requires-authorization";

	protected static final String ERROR_MSG_AUTHORIZATION_REQUIRED = "You are not authorized to access this page. " +
	"Please contact your administrator to be granted the appropriate permissions.";

	protected static final String ERROR_MSG_PROCESSING_AUTHORIZATION =
	"An error occurred while performing authorization.";

	/**
	* @plexus.requirement
	*/
	private Continuum continuum;

	protected SimpleDateFormat dateFormatter = new SimpleDateFormat("MMM dd, yyyy hh:mm:ss aaa z");

	public void prepare()
	throws Exception
	{
	if ( securitySession == null )
	{
	securitySession =
	(SecuritySession) getContext().getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
	}
	}

	public Continuum getContinuum()
	{
	return continuum;
	}

	public void setContinuum( Continuum continuum )
	{
	this.continuum = continuum;
	}

	public String doDefault()
	throws Exception
	{
	return REQUIRES_AUTHORIZATION;
	}

	public String input()
	throws Exception
	{
	return REQUIRES_AUTHORIZATION;
	}

	public String execute()
	throws Exception
	{
	return REQUIRES_AUTHORIZATION;
	}

	/**
	* Check if the current user is authorized to do the action
	*
	* @param role the role
	* @throws AuthorizationRequiredException if the user isn't authorized
	*/
	protected void checkAuthorization( String role )
	throws AuthorizationRequiredException
	{
	checkAuthorization( role, null, false );
	}

	/**
	* Check if the current user is authorized to do the action
	*
	* @param role the role
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized
	*/
	protected void checkAuthorization( String role, String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( role, resource, true );
	}

	/**
	* Check if the current user is authorized to do the action
	*
	* @param role the role
	* @param resource the operation resource
	* @param requiredResource true if resource can't be null
	* @throws AuthorizationRequiredException if the user isn't authorized
	*/
	protected void checkAuthorization( String role, String resource, boolean requiredResource )
	throws AuthorizationRequiredException
	{
	try
	{
	if ( resource != null && StringUtils.isNotEmpty( resource.trim() ) )
	{
	if ( !getSecuritySystem().isAuthorized( getSecuritySession(), role, resource ) )
	{
	throw new AuthorizationRequiredException( ERROR_MSG_AUTHORIZATION_REQUIRED );
	}
	}
	else
	{
	if ( requiredResource \|\| !getSecuritySystem().isAuthorized( getSecuritySession(), role ) )
	{
	throw new AuthorizationRequiredException( ERROR_MSG_AUTHORIZATION_REQUIRED );
	}
	}
	}
	catch ( AuthorizationException ae )
	{
	throw new AuthorizationRequiredException( ERROR_MSG_PROCESSING_AUTHORIZATION );
	}
	}

	/**
	* Check if the current user is authorized to view the specified project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkViewProjectGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to add a project group
	*
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkAddProjectGroupAuthorization()
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_GROUP_OPERATION );
	}

	/**
	* Check if the current user is authorized to delete the specified project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkRemoveProjectGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to build the specified project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkBuildProjectGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_BUILD_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to modify the specified project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkModifyProjectGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to add a project to a specific project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkAddProjectToGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_PROJECT_TO_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to delete a project from a specified group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkRemoveProjectFromGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_PROJECT_FROM_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to modify a project in the specified group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkModifyProjectInGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_PROJECT_IN_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to build a project in the specified group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkBuildProjectInGroupAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_BUILD_PROJECT_IN_GROUP_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to add a build definition for the specified
	* project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkAddGroupBuildDefinitionAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_GROUP_BUILD_DEFINTION_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to delete a build definition in the specified
	* project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkRemoveGroupBuildDefinitionAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_GROUP_BUILD_DEFINITION_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to modify a build definition in the specified
	* project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkModifyGroupBuildDefinitionAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_GROUP_BUILD_DEFINITION_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to add a group build definition to a specific
	* project
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkAddProjectBuildDefinitionAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_PROJECT_BUILD_DEFINTION_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to modify a build definition of a specific project
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkModifyProjectBuildDefinitionAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_PROJECT_BUILD_DEFINITION_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to delete a build definition of a specific
	* project
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkRemoveProjectBuildDefinitionAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_PROJECT_BUILD_DEFINITION_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to add a notifier to the specified
	* project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkAddProjectGroupNotifierAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_GROUP_NOTIFIER_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to delete a notifier in the specified
	* project group
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkRemoveProjectGroupNotifierAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_GROUP_NOTIFIER_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to modify a notifier in the specified
	* project group
	*
	* @param resource the operartion resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkModifyProjectGroupNotifierAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_GROUP_NOTIFIER_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to add a notifier to a specific project
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkAddProjectNotifierAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_ADD_PROJECT_NOTIFIER_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to delete a notifier in a specific project
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkRemoveProjectNotifierAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_REMOVE_PROJECT_NOTIFIER_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to modify a notifier in a specific project
	*
	* @param resource the operation resource
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkModifyProjectNotifierAuthorization( String resource )
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MODIFY_PROJECT_NOTIFIER_OPERATION, resource );
	}

	/**
	* Check if the current user is authorized to manage the application's configuration
	*
	* @throws AuthenticationRequiredException
	* if the user isn't authorized if the user isn't authenticated
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkManageConfigurationAuthorization()
	throws AuthenticationRequiredException, AuthorizationRequiredException
	{
	if ( !isAuthenticated() )
	{
	throw new AuthenticationRequiredException( "Authentication required." );
	}

	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_CONFIGURATION );
	}

	/**
	* Check if the current user is authorized to manage the project build schedules
	*
	* @throws AuthenticationRequiredException
	* if the user isn't authorized if the user isn't authenticated
	* @throws AuthorizationRequiredException if the user isn't authorized if the user isn't authorized
	*/
	protected void checkManageSchedulesAuthorization()
	throws AuthenticationRequiredException, AuthorizationRequiredException
	{
	if ( !isAuthenticated() )
	{
	throw new AuthenticationRequiredException( "Authentication required." );
	}

	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_SCHEDULES );
	}

	/**
	* Check if the current user is authorized to manage queues
	*
	* @throws AuthenticationRequiredException if the user isn't authenticated
	* @throws AuthorizationRequiredException if the user isn't authorized
	*/
	protected void checkManageQueuesAuthorization()
	throws AuthenticationRequiredException, AuthorizationRequiredException
	{
	if ( !isAuthenticated() )
	{
	throw new AuthenticationRequiredException( "Authentication required" );
	}

	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_QUEUES );
	}

	protected void checkManageLocalRepositoriesAuthorization()
	throws AuthorizationRequiredException
	{
	checkAuthorization( ContinuumRoleConstants.CONTINUUM_MANAGE_REPOSITORIES );
	}

	/**
	* Get the security session
	*
	* @return current SecuritySession
	*/
	private SecuritySession getSecuritySession()
	{

	return securitySession;
	}

	/**
	* Get the action context
	*
	* @return action context
	*/
	private ActionContext getContext()
	{

	return ActionContext.getContext();
	}

	/**
	* Get the security system
	*
	* @return the security system
	*/
	protected SecuritySystem getSecuritySystem()
	{
	return securitySystem;
	}

	protected boolean requiresAuthentication()
	{
	return true;
	}

	/**
	* Check if the current user is already authenticated
	*
	* @return true if the user is authenticated
	*/
	public boolean isAuthenticated()
	{
	if ( requiresAuthentication() )
	{
	if ( getSecuritySession() == null \|\| !getSecuritySession().isAuthenticated() )
	{
	return false;
	}
	}

	return true;
	}

	protected ResourceBundle getResourceBundle()
	{
	return getTexts( "localization/Continuum" );
	}
	}