Ändring så att icke-page-ärvande klasser alltid får instansieras, men att de inte visas/aktiveras om man inte har rättigheter

git-svn-id: svn://svn.dsv.su.se/scipro/scipro/trunk@250 73ecded7-942e-4092-bab0-0e58ef0ee984

src/main/java/se/su/dsv/scipro/security/auth/RoleBasedAuthorizationStrategy.java

@@ -1,6 +1,7 @@
 package se.su.dsv.scipro.security.auth;
 
 import org.apache.wicket.Component;
+import org.apache.wicket.Page;
 import org.apache.wicket.RestartResponseAtInterceptPageException;
 import org.apache.wicket.authorization.Action;
 import org.apache.wicket.authorization.IAuthorizationStrategy;
@@ -17,7 +18,6 @@ import se.su.dsv.scipro.security.auth.roles.Roles;
 public class RoleBasedAuthorizationStrategy implements IAuthorizationStrategy {
 		
 	public boolean isActionAuthorized(Component component, Action action) {
-
 		boolean ok = false;
 		Class<? extends Component> authRequired = null;
 		if (component instanceof BookmarkablePageLink<?>) {
@@ -69,6 +69,9 @@ public class RoleBasedAuthorizationStrategy implements IAuthorizationStrategy {
 	}
 
 	public <T extends Component> boolean isInstantiationAuthorized(Class<T> componentClass) {
+		//We only check pages for instantiation authorization, other components are handled via ActionAuthorization 
+		if(!(componentClass.isAssignableFrom(Page.class)))
+			return true;
 		
 		//Not annotated classes aren't checked further
 		Authorization annotation = (Authorization) componentClass.getAnnotation(Authorization.class);