1 6 7 package com.raptus.owxv3.api.securitymgr.session; 8 9 import java.util.*; 10 11 import javax.servlet.http.HttpServletRequest ; 12 13 import org.apache.struts.Globals; 14 15 import com.raptus.owxv3.*; 16 import com.raptus.owxv3.api.securitymgr.SecurityMgrIF; 17 18 22 public class SecurityManager implements SecurityMgrIF 23 { 24 protected HttpServletRequest req = null; 25 26 public SecurityManager() 27 { 28 } 29 30 35 public SecurityManager(HttpServletRequest req) 36 { 37 this.req = req; 38 } 39 40 45 public void setRequest(HttpServletRequest req) 46 { 47 this.req = req; 48 } 49 50 59 public boolean hasAccess(VModuleSectionElement element) 60 { 61 VModuleSection section = element.getSection(); 64 if(!this.hasAccess(section)) 65 { 66 return false; 67 } 68 69 71 String roles[] = element.getRoles(); 72 if(roles != null) 73 { 74 LoggingManager.log("element roles:",this); 75 for(int i=0;i<roles.length;i++) 76 { 77 LoggingManager.log("\t->"+roles[i],this); 78 } 79 } 80 81 if(roles == null) 82 { 83 return true; 88 } 89 else 90 { 91 return checkAccess(roles); 92 } 93 } 94 95 104 public boolean hasAccess(VModuleSection section) 105 { 106 VModule vm = section.getVModule(); 109 if(!this.hasAccess(vm)) 110 { 111 return false; 112 } 113 114 String [] roles = section.getRoles(); 117 if(roles == null) 118 { 119 return true; 124 } 125 else 126 { 127 return checkAccess(roles); 128 } 129 } 130 131 136 protected boolean checkAccess(String [] roles) 137 { 138 com.raptus.owxv3.api.usermgr.User user = (com.raptus.owxv3.api.usermgr.User) 140 req.getSession().getAttribute(Constants.SESSIONKEY_USER); 141 151 if(roles == null) 153 { 154 return false; 156 } 157 158 if(user == null) 160 { 161 for(int i=0;i<roles.length;i++) 163 { 164 if("guest".equals(roles[i])) 166 { 167 return true; 169 } 170 } 171 172 return false; 175 } 176 177 Iterator it = com.raptus.owxv3.api.usermgr.UserMgrFactory.getInstance().createUserManager(null).getRolesAsStringForUser(user); 179 Vector vuroles = new Vector(); 180 while(it.hasNext()) 181 { 182 vuroles.add(it.next()); 183 } 184 185 String uroles[] = new String [vuroles.size()]; 186 vuroles.toArray(uroles); 187 for(int i=0;i<roles.length;i++) 188 { 189 for(int j=0;j<uroles.length;j++) 190 { 191 LoggingManager.log("\t"+uroles[j]+" <-> "+roles[i]); 192 193 if(uroles[j].equals(roles[i])) 196 { 197 return true; 200 } 201 if("guest".equals(roles[i])) 202 { 203 return true; 205 } 206 } 207 } 208 209 return false; 211 } 212 213 222 public boolean hasAccess(VModule vm) 223 { 224 String [] roles = vm.getRoles(); 225 return checkAccess(roles); 227 } 228 229 234 public Locale getLocale() 235 { 236 Locale l=null; 240 if(req == null) 241 { 242 XMLConfigManager cm = XMLConfigManager.getInstance(); 244 String slocale=cm.getPropertyByTree("/virtualhost/globalconfig/defaultlocale","value"); 245 if(slocale == null) 246 { 247 LoggingManager.log("Default locale not defined! Defaulting to en_GB",this); 248 slocale = "en_GB"; 249 } 250 251 StringTokenizer st = new StringTokenizer(slocale); 252 String s1 = st.nextToken(); 253 254 if(st.hasMoreTokens()) 255 { 256 l = new Locale(s1, st.nextToken()); 257 } 258 else 259 { 260 l = new Locale(s1); 261 } 262 LoggingManager.log("Loaded locale from config file",this); 263 } 264 else 265 { 266 if(req.getParameter(Constants.HTTPGET_PARAM_LOCALE) != null && 271 req.getParameter(Constants.HTTPGET_PARAM_LOCALE).length()>0) 272 { 273 String sl = (String )req.getParameter(Constants.HTTPGET_PARAM_LOCALE); 275 LoggingManager.log("Locale:"+sl,this); 276 String sres[] = split(sl, "_"); 277 if(sres.length==1) 278 { 279 l = new Locale(sres[0]); 280 } 281 else 282 { 283 l = new Locale(sres[0],sres[1]); 284 } 285 LoggingManager.log("Loaded locale from url params",this); 286 } 287 else 288 { 289 l = (Locale)req.getSession().getAttribute(Globals.LOCALE_KEY); 291 if(l == null) 292 { 293 XMLConfigManager cm = XMLConfigManager.getInstance(); 295 String slocale=cm.getPropertyByTree("/virtualhost/globalconfig/defaultlocale","value"); 296 if(slocale == null) 297 { 298 LoggingManager.log("Default locale not defined! Defaulting to en_GB",this); 299 slocale = "en_GB"; 300 } 301 LoggingManager.log("Locale in cfgfile is "+slocale,this); 302 StringTokenizer st = new StringTokenizer(slocale,"_"); 303 String s1 = st.nextToken(); 304 305 if(st.hasMoreTokens()) 306 { 307 l = new Locale(s1, st.nextToken()); 308 } 309 else 310 { 311 l = new Locale(s1); 312 } 313 LoggingManager.log("Loaded locale from config file",this); 314 } 315 else 316 { 317 LoggingManager.log("Loaded locale from session"+l.toString(),this); 318 } 319 } 320 } 321 322 LoggingManager.log("Final locale:"+l.toString(),this); 323 if(req != null) 325 { 326 req.getSession().setAttribute(Globals.LOCALE_KEY, l); 327 } 328 return l; 329 } 330 331 public String [] split(String str, String delim) 332 { 333 StringTokenizer st = new StringTokenizer(str, delim); 334 String [] res = new String [st.countTokens()]; 335 int i=0; 336 while(st.hasMoreTokens()) 337 { 338 res[i++] = st.nextToken(); 339 } 340 341 return res; 342 } 343 344 356 public boolean needLoginForRoles(String [] roles) 357 { 358 com.raptus.owxv3.api.usermgr.User user = (com.raptus.owxv3.api.usermgr.User) 359 req.getSession().getAttribute(Constants.SESSIONKEY_USER); 360 361 if(checkAccess(roles)) 362 { 363 return false; 365 } 366 367 if(user == null) 370 { 371 return true; 372 } 373 else 374 { 375 return false; 378 } 379 } 380 381 393 public boolean needLogin(VModuleSectionElement element) 394 { 395 VModuleSection section = element.getSection(); 396 VModule vm = section.getVModule(); 397 if(needLoginForRoles(vm.getRoles())) 398 { 399 return true; 401 } 402 403 if(needLoginForRoles(section.getRoles())) 404 { 405 return true; 407 } 408 409 if(needLoginForRoles(element.getRoles())) 410 { 411 return true; 413 } 414 415 return false; 416 } 417 418 422 public String [] getAllowedVModules() 423 { 424 Vector result=new Vector(); 425 String [] vmodules=VModuleManager.getInstance().getVModules(); 426 427 for(int i=0;i<vmodules.length;i++) 428 { 429 VModule vm = VModuleManager.getInstance().getVModule(vmodules[i]); 430 if(hasAccess(vm)) 431 { 432 result.add(vm); 433 } 434 } 435 436 String [] res = new String [result.size()]; 437 for(int i=0;i<result.size();i++) 438 { 439 VModule vm = (VModule)result.get(i); 440 res[i] = vm.getIdentification(); 441 } 442 443 return res; 444 } 445 } 446 | Popular Tags |