KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > jaspersoft > jasperserver > api > metadata > user > service > impl > ObjectPermissionEffectiveAclsResolver


1 /*
2  * Copyright (C) 2006 JasperSoft http://www.jaspersoft.com
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 2 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed WITHOUT ANY WARRANTY; and without the
10  * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
11  * See the GNU General Public License for more details.
12  *
13  * You should have received a copy of the GNU General Public License
14  * along with this program; if not, see http://www.gnu.org/licenses/gpl.txt
15  * or write to:
16  *
17  * Free Software Foundation, Inc.,
18  * 59 Temple Place - Suite 330,
19  * Boston, MA USA 02111-1307
20  */

21
22 package com.jaspersoft.jasperserver.api.metadata.user.service.impl;
23
24 import java.util.List JavaDoc;
25 import java.util.Vector JavaDoc;
26
27 import org.acegisecurity.Authentication;
28 import org.acegisecurity.GrantedAuthority;
29 import org.acegisecurity.acl.AclEntry;
30 import org.acegisecurity.acl.basic.BasicAclEntry;
31 import org.acegisecurity.acl.basic.EffectiveAclsResolver;
32 import org.acegisecurity.userdetails.UserDetails;
33 import org.apache.commons.logging.Log;
34 import org.apache.commons.logging.LogFactory;
35
36 import com.jaspersoft.jasperserver.api.metadata.user.domain.Role;
37 import com.jaspersoft.jasperserver.api.metadata.user.domain.User;
38
39 /**
40  * @author swood
41  *
42  */

43 public class ObjectPermissionEffectiveAclsResolver
44     implements EffectiveAclsResolver {
45     
46     private static final Log logger = LogFactory.getLog(ObjectPermissionEffectiveAclsResolver.class);
47
48     /* (non-Javadoc)
49      * @see org.acegisecurity.acl.basic.EffectiveAclsResolver#resolveEffectiveAcls(org.acegisecurity.acl.AclEntry[], org.acegisecurity.Authentication)
50      */

51     public AclEntry[] resolveEffectiveAcls(AclEntry[] allAcls,
52             Authentication filteredBy) {
53             if ((allAcls == null) || (allAcls.length == 0)) {
54                 return null;
55             }
56
57             List JavaDoc list = new Vector JavaDoc();
58
59             if (logger.isDebugEnabled()) {
60                 logger.debug("Locating AclEntry[]s (from set of "
61                     + ((allAcls == null) ? 0 : allAcls.length)
62                     + ") that apply to Authentication: " + filteredBy);
63             }
64
65             for (int i = 0; i < allAcls.length; i++) {
66                 if (!(allAcls[i] instanceof BasicAclEntry)) {
67                     continue;
68                 }
69
70                 Object JavaDoc recipient = ((BasicAclEntry) allAcls[i])
71                     .getRecipient();
72
73                 if (recipient instanceof Role) {
74                     recipient = ((Role) recipient).getRoleName();
75                 } else if (recipient instanceof User) {
76                     recipient = ((User) recipient).getUsername();
77                 }
78                 // Allow the Authentication's getPrincipal to decide whether
79
// the presented recipient is "equal" (allows BasicAclDaos to
80
// return Strings rather than proper objects in simple cases)
81
if (filteredBy.getPrincipal().equals(recipient)) {
82                     if (logger.isDebugEnabled()) {
83                         logger.debug("Principal matches AclEntry recipient: "
84                             + recipient);
85                     }
86
87                     list.add(allAcls[i]);
88                 } else if (filteredBy.getPrincipal() instanceof UserDetails
89                     && ((UserDetails) filteredBy.getPrincipal()).getUsername()
90                         .equals(recipient)) {
91                     if (logger.isDebugEnabled()) {
92                         logger.debug(
93                             "Principal (from UserDetails) matches AclEntry recipient: "
94                             + recipient);
95                     }
96
97                     list.add(allAcls[i]);
98                 } else {
99                     // No direct match against principal; try each authority.
100
// As with the principal, allow each of the Authentication's
101
// granted authorities to decide whether the presented
102
// recipient is "equal"
103
GrantedAuthority[] authorities = filteredBy.getAuthorities();
104
105                     if ((authorities == null) || (authorities.length == 0)) {
106                         if (logger.isDebugEnabled()) {
107                             logger.debug(
108                                 "Did not match principal and there are no granted authorities, so cannot compare with recipient: "
109                                 + recipient);
110                         }
111
112                         continue;
113                     }
114
115                     for (int k = 0; k < authorities.length; k++) {
116                         if (authorities[k].equals(recipient)) {
117                             if (logger.isDebugEnabled()) {
118                                 logger.debug("GrantedAuthority: " + authorities[k]
119                                     + " matches recipient: " + recipient);
120                             }
121
122                             list.add(allAcls[i]);
123                         }
124                     }
125                 }
126             }
127
128             // return null if appropriate (as per interface contract)
129
if (list.size() > 0) {
130                 if (logger.isDebugEnabled()) {
131                     logger.debug("Returning effective AclEntry array with "
132                         + list.size() + " elements");
133                 }
134
135                 return (BasicAclEntry[]) list.toArray(new BasicAclEntry[] {});
136             } else {
137                 if (logger.isDebugEnabled()) {
138                     logger.debug(
139                         "Returning null AclEntry array as zero effective AclEntrys found");
140                 }
141
142                 return null;
143             }
144         }
145
146 }
147
Popular Tags