This example is similar to Securing Tapestry pages with Annotations, Part 1. My use case is to redirect a user to the starting page of a multiple step wizard in case a request is directly made to an intermediate step and the session has not been properly setup. One way to solve this problem (the ugly way) is to add a condition to every entry point in the page
public class MyPage
{
@SessionState(create = false)
private ShoppingCart shoppingCart;
@OnEvent(EventConstants.ACTIVATE)
Object activate()
{
if(shoppingCart == null)
{
return Index.class;
}
return null;
}
@OnEvent(EventConstants.SUCCESS)
Object doSomething()
{
if(shoppingCart == null
{
return Index.class;
}
.....
}
The problem with this code is that you have to check this condition for all event-handlers(Form, EventLink etc). A more elegant solution would be to use annotation secured by a ComponentRequestFilter.
@RequireSession(value = ShoppingCart.class, redirectPage = "Index")
public class MyPage {
}
So let us start with the annotation
@Documented
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
@interface RequireSession {
Class<?> value()
String redirectPage()
}
The RequireSession#value() should be set to the class which should be available(as instance) in the session when the page is requested. If the class is not available, the user should be redirected to the RequireSession#redirectPage() page.
The ComponentRequestFilter to do the magic is :-
class RequireSessionFilter implements ComponentRequestFilter
{
private ComponentSource componentSource
private ApplicationStateManager applicationStateManager
private Response response
private PageRenderLinkSource pageRenderLinkSource
RequireSessionFilter(ComponentSource componentSource,
Response response,
ApplicationStateManager applicationStateManager,
PageRenderLinkSource pageRenderLinkSource)
{
this.componentSource = componentSource
this.response = response
this.applicationStateManager = applicationStateManager
this.pageRenderLinkSource = pageRenderLinkSource
}
@Override
void handleComponentEvent(ComponentEventRequestParameters parameters,
ComponentRequestHandler handler)
{
if(redirectIfObjectNotInSession(parameters.activePageName))
{
return
}
handler.handleComponentEvent(parameters);
}
@Override
void handlePageRender(PageRenderRequestParameters parameters, ComponentRequestHandler handler)
{
if(redirectIfObjectNotInSession(parameters.logicalPageName))
{
return
}
handler.handlePageRender(parameters)
}
private boolean redirectIfObjectNotInSession(String pageName)
{
Component component = componentSource.getPage(pageName)
if(component.class.isAnnotationPresent(RequireSession))
{
RequireSession annotation = component.class.getAnnotation(RequireSession)
if(!applicationStateManager.exists(annotation.value()))
{
redirect(annotation.redirectPage())
return true
}
}
return false
}
private void redirect(String pageName)
{
response.sendRedirect(pageRenderLinkSource.createPageRenderLink(pageName))
}
}
It filters both the page render requests and the component event requests. In case there is a @RequiresSession annotation, the session is checked for the given class and if it is not present, the user is redirected to the RequireSession#redirectPage() page.
Finally the ComponentRequestFilter contribution in AppModule
@Contribute(ComponentRequestHandler.class)
public static void contributeRequestFilters(
final OrderedConfiguration<ComponentRequestFilter> filters) {
filters.addInstance("RequiresSessionFilter",
RequiresSessionFilter.class, "after:ErrorFilter");
}
Tagged: ComponentRequestFilter, tapestry
You are using reflection every time you check for a page rendering or component event and that could be optimized, but this is definitively a nice use case.
Cheers
Are you using groovy for your application? And have you any problems with it?
P.S. Agree with previous comment about optimization, I solve this using MetaDataLocator/MetaDataExtractor
Nice article .. i like tawus, always some way to surprise me in tapestry
Do @sod_y paste how he did use metadatalocator to improve this ?
Thanks !
https://gist.github.com/3227055