KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > openedit > modules > admin > EnforcePrivilege


1 /*
2 Copyright (c) 2003 eInnovation Inc. All rights reserved
3
4 This library is free software; you can redistribute it and/or modify it under the terms
5 of the GNU Lesser General Public License as published by the Free Software Foundation;
6 either version 2.1 of the License, or (at your option) any later version.
7
8 This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
9 without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the GNU Lesser General Public License for more details.
11 */
12
13 package com.openedit.modules.admin;
14
15 import java.util.ArrayList JavaDoc;
16 import java.util.Iterator JavaDoc;
17 import java.util.List JavaDoc;
18
19 import org.apache.commons.logging.Log;
20 import org.apache.commons.logging.LogFactory;
21
22 import com.openedit.OpenEditException;
23 import com.openedit.WebPageRequest;
24 import com.openedit.config.Configuration;
25 import com.openedit.page.Page;
26 import com.openedit.page.PageSettings;
27 import com.openedit.page.manage.PageManager;
28 import com.openedit.users.User;
29 import com.openedit.util.PathUtilities;
30 import com.openedit.util.strainer.Filter;
31 import com.openedit.util.strainer.FilterException;
32
33
34 /**
35  * This action enforces that the currently logged-in user has a certain specified permission, and
36  * redirects to the login page otherwise. A sample configuration would look like this:
37  * <pre>
38  * &lt;path-action path="/openedit/*" name="enforceAdminPrivilege"&gt;
39  * &lt;login-path&gt;/openedit/authentication/logon.html&lt;/login-path&gt;
40  * &lt;permission&gt;wsp.administration&lt;/permission&gt;
41  * &lt;exclude&gt;/openedit/authentication/logon.html&lt;/exclude&gt;
42  * &lt;exclude&gt;/openedit/dologon.html&lt;/exclude&gt;
43  * &lt;exclude&gt;/openedit/editors/*&lt;/exclude&gt;
44  * &lt;/path-action&gt;
45  * </pre>
46  *
47  * @author Eric Galluzzo
48  */
49 public class EnforcePrivilege
50 {
51     protected static final String JavaDoc DEFAULT_LOGIN_PATH = "/openedit/authentication/logon.html";
52     protected static final String JavaDoc DEFAULT_ADMIN_PERMISSION = "oe.administration";
53
54     private static final Log log = LogFactory.getLog(EnforcePrivilege.class);
55
56     protected String JavaDoc fieldLoginPath;
57     protected String JavaDoc fieldPermission;
58     protected List JavaDoc fieldExcludes;
59     protected PageManager fieldPageManager;
60
61
62     /* (non-Javadoc)
63      * @see com.openedit.action.Command#execute(java.util.Map, java.util.Map)
64      */
65     public void execute( WebPageRequest inContext ) throws OpenEditException
66     {
67         Page page = (Page) inContext.getPage(); //urlUtils.requestPath();
68 String JavaDoc requestPath = page.getPath();
69
70         if (!inExcludeList(requestPath))
71         {
72             User user = inContext.getUser();
73             
74             if (user == null)
75             {
76                 log.error("No user found, redirecting");
77                 inContext.redirect( getLoginPath() );
78             }
79             else
80             {
81                 String JavaDoc editingPath = inContext.getRequestParameter("editPath");
82                 
83                 if ( editingPath != null && editingPath.length() > 0 )
84                 {
85                     Page pageToEdit = getPageManager().getPage(editingPath);
86                     WebPageRequest pageRequest = inContext.copy(pageToEdit);
87                     
88                     if (pageToEdit != null && pageRequest.isEditable() )
89                     {
90                         return; //they can edit
91 }
92                 }
93                 if ( !user.hasPermission( getPermission() ) )
94                 {
95                     log.error("No permission " + user.getUserName() + " " + getPermission() + " sending redirect");
96                     inContext.putPageValue("oe-exception", "You do not have permission: " + getPermission());
97                     inContext.redirect( getLoginPath() );
98                 }
99             }
100         }
101
102     }
103
104     /**
105      * Determine whether the request path is in the exclude list in the given configuration.
106      *
107      * @param inPath The request
108      *
109      * @return <code>true</code> if the path is excluded, <code>false</code> if not
110      */
111     protected boolean inExcludeList(String JavaDoc inPath)
112     {
113         for (Iterator JavaDoc iter = getExcludes().iterator(); iter.hasNext();)
114         {
115             String JavaDoc path = (String JavaDoc)iter.next();
116
117             if (PathUtilities.match(inPath, path))
118             {
119                 log.debug(
120                     "Excluded path " + inPath + " from " + getClass().getName() +
121                     " because it matched " + path);
122
123                 return true;
124             }
125         }
126         if ( inPath.equals( getLoginPath() ) )
127         {
128             return true;
129         }
130         return false;
131     }
132     /* (non-Javadoc)
133      * @see com.openedit.command.Command#load(com.anthonyeden.lib.config.Configuration)
134      */
135     public void configure( Configuration inElement, PageSettings inSettings )
136     {
137         fieldPermission = inElement.getChildValue( "permission" );
138         fieldLoginPath = inElement.getChildValue( "login-path" );
139         fieldLoginPath = inSettings.replaceProperty(fieldLoginPath);
140         for (Iterator JavaDoc iter = inElement.getChildren("exclude").iterator(); iter.hasNext();)
141         {
142             Configuration excludeElem = (Configuration) iter.next();
143             String JavaDoc path = excludeElem.getValue();
144             path = inSettings.replaceProperty(path);
145             getExcludes().add( path );
146         }
147     }
148     
149     protected String JavaDoc getPermission()
150     {
151         if (fieldPermission == null)
152         {
153             fieldPermission = DEFAULT_ADMIN_PERMISSION;
154         }
155         return fieldPermission;
156     }
157     
158     protected String JavaDoc getLoginPath()
159     {
160         if (fieldLoginPath == null)
161         {
162             fieldLoginPath = DEFAULT_LOGIN_PATH;
163         }
164         return fieldLoginPath;
165     }
166     
167     protected List JavaDoc getExcludes()
168     {
169         if (fieldExcludes == null)
170         {
171             fieldExcludes = new ArrayList JavaDoc();
172         }
173         return fieldExcludes;
174     }
175     public PageManager getPageManager()
176     {
177         return fieldPageManager;
178     }
179     public void setPageManager( PageManager pageManager )
180     {
181         fieldPageManager = pageManager;
182     }
183
184     /**
185      * Determine whether the given user passes the given filter.
186      *
187      * @param inReq The user to query
188      * @param inFilter The filter through which to pass the user
189      *
190      * @return boolean <code>true</code> if the user passes, <code>false</code> if not
191      *
192      * @throws OpenEditException If the filter threw an exception
193      */
194     protected boolean userPassesFilter( Filter inFilter )
195         throws OpenEditException
196     {
197         try
198         {
199             return ((inFilter == null) || inFilter.passes( this ));
200         }
201         catch (FilterException fe)
202         {
203             throw new OpenEditException(fe);
204         }
205     }
206
207 }
208
Popular Tags