KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > networkplaces > AbstractNetworkPlaceStore


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */
19             
20 package com.sslexplorer.networkplaces;
21
22 import java.util.ArrayList JavaDoc;
23 import java.util.Collection JavaDoc;
24 import java.util.HashMap JavaDoc;
25 import java.util.Iterator JavaDoc;
26 import java.util.List JavaDoc;
27 import java.util.Map JavaDoc;
28
29 import org.apache.struts.Globals;
30 import org.apache.struts.action.ActionErrors;
31 import org.apache.struts.action.ActionMessage;
32
33 import com.sslexplorer.boot.Util;
34 import com.sslexplorer.policyframework.LaunchSession;
35 import com.sslexplorer.policyframework.NoPermissionException;
36 import com.sslexplorer.policyframework.OwnedResource;
37 import com.sslexplorer.policyframework.Policy;
38 import com.sslexplorer.policyframework.PolicyConstants;
39 import com.sslexplorer.policyframework.PolicyDatabase;
40 import com.sslexplorer.policyframework.PolicyDatabaseFactory;
41 import com.sslexplorer.policyframework.ResourceType;
42 import com.sslexplorer.policyframework.ResourceUtil;
43 import com.sslexplorer.security.LogonControllerFactory;
44 import com.sslexplorer.security.SessionInfo;
45 import com.sslexplorer.vfs.AbstractStore;
46 import com.sslexplorer.vfs.VFSMount;
47 import com.sslexplorer.vfs.VFSProvider;
48 import com.sslexplorer.vfs.VFSResource;
49 import com.sslexplorer.vfs.VFSStore;
50 import com.sslexplorer.vfs.webdav.DAVException;
51 import com.sslexplorer.vfs.webdav.DAVStatus;
52
53 /**
54  * An abstract implementation of a {@link VFSStore} that provides mounts based
55  * upon a configured <i>Network Place</i>.
56  * <p>
57  * The mounts themselves are created from the <i>Network Place</i> resources
58  * the user has access to that have a scheme supported by this mount as part of
59  * the URI.
60  *
61  * @author Brett Smith <a HREF="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
62  */
63 public abstract class AbstractNetworkPlaceStore extends AbstractStore {
64
65     // Protected instance variables
66 protected Map JavaDoc mounts;
67     protected VFSResource storeResource;
68     protected boolean manageableOnly;
69
70     /**
71      * Constructor.
72      *
73      * @param name charset
74      * @param charset charset
75      */
76     public AbstractNetworkPlaceStore(String JavaDoc name, String JavaDoc charset) {
77         super(name, charset);
78         mounts = new HashMap JavaDoc();
79     }
80
81     /* (non-Javadoc)
82      * @see com.sslexplorer.vfs.VFSStore#isFireEvents()
83      */
84     public boolean isFireEvents() {
85         return true;
86     }
87
88     /*
89      * (non-Javadoc)
90      *
91      * @see com.sslexplorer.vfs.VFSStore#getMountPath(java.lang.String)
92      */
93     public String JavaDoc getMountPath(String JavaDoc mountName) {
94         return getName() + "/" + mountName;
95     }
96
97     /*
98      * (non-Javadoc)
99      *
100      * @see com.sslexplorer.vfs.webdav.AbstractStore#getMountFromString(java.lang.String,
101      * com.sslexplorer.security.SessionInfo)
102      */
103     public VFSMount getMountFromString(String JavaDoc mountName, LaunchSession launchSession) throws DAVException {
104         try {
105             NetworkPlace resource = (NetworkPlace) NetworkPlacePlugin.NETWORK_PLACE_RESOURCE_TYPE.getResourceByName(mountName,
106                 getRepository().getSession());
107             if (resource == null) {
108                 throw new Exception JavaDoc("No network place resource named " + mountName);
109             }
110             ResourceType resourceType = resource.getResourceType();
111             boolean readOnly = false;
112             
113             if (!getProvider().willHandle(resource.getScheme())) {
114                 throw new Exception JavaDoc("Network place has scheme " + resource.getScheme() + ", this store doesn't support it.");
115             }
116             
117             /**
118              * Update the launch sessions resource
119              */
120             launchSession.setResource(resource);
121             
122             /* First check if the launch session is using a policy that is
123              * valid for this resource
124              */
125             if(isSuperUser(launchSession) || isLaunchSessionUsingValidPolicy(launchSession, resource)) {
126                 // It is, we can continue to use this launch session
127 } else {
128                 Policy grantingPolicy = null;
129                 
130                 /* If the launch session already has policy, determine if this is a tracked session. If it is then don't allow
131                  * policy to change
132                  */
133                 
134                 if(launchSession.hasPolicy()) {
135                     if(launchSession.isTracked()) {
136                         // Launch session is tracked, do not allow policy to change but allow super user to browser readonly
137 if (!ResourceUtil.isManageableResource(resource, getRepository().getSession().getUser(), null)) {
138                             throw new NoPermissionException("You do not have permission to access this network place resource under this policy.",
139                                 getRepository().getSession().getUser(),
140                                             resourceType);
141                         }
142                         readOnly = true;
143                     }
144                     else {
145                         // Not a tracked launch session so policy changing is allowed
146 launchSession.takePolicy();
147                     }
148                 }
149                 
150                 /* If the mount has not already been set as ready only (because its tracked)
151                  * There check access to the mount is allowed and change the granting policy
152                  */
153                 if(!readOnly) {
154                     try {
155                         if (!(resource instanceof OwnedResource) || (resource instanceof OwnedResource && ((OwnedResource) resource).getOwnerUsername() == null)) {
156                             try {
157                                 grantingPolicy = PolicyDatabaseFactory.getInstance().getGrantingPolicyForUser(launchSession.getSession().getUser(), resource);
158                                 if(grantingPolicy == null) {
159                                     throw new NoPermissionException("You may not access this network place resource here.",
160                                         getRepository().getSession().getUser(),
161                                                     resourceType);
162                                 }
163                             } catch (NoPermissionException npe2) {
164                                 throw npe2;
165                             } catch (Exception JavaDoc e) {
166                                 throw new NoPermissionException("Failed to determine if network place resource is accessable.",
167                                     getRepository().getSession().getUser(),
168                                                 resourceType);
169                             }
170                         } else {
171                             if (!(getRepository().getSession().getUser().getPrincipalName().equals(((OwnedResource) resource).getOwnerUsername()))) {
172                                 throw new NoPermissionException("You do not have permission to access this network place resource.",
173                                     getRepository().getSession().getUser(),
174                                                 resourceType);
175                             }
176                         }
177                     } catch (NoPermissionException npe) {
178                         if (!ResourceUtil.isManageableResource(resource, getRepository().getSession().getUser(), PolicyConstants.PERM_USE )) {
179                             throw new NoPermissionException("You do not have permission to access this network place resource.",
180                                 getRepository().getSession().getUser(),
181                                             resourceType);
182                         }
183                         readOnly = true;
184                     } catch (Exception JavaDoc e) {
185                         throw new Exception JavaDoc("Failed to determine if network place resource is accessable.");
186                     }
187                 }
188                 
189                 
190                 if(grantingPolicy != null) {
191                     launchSession.givePolicy(grantingPolicy);
192                 }
193             }
194
195             AbstractNetworkPlaceMount mount = createMount(launchSession);
196             if (readOnly) {
197                 mount.setReadOnly(true);
198             }
199             return mount;
200         } catch (NoPermissionException npe) {
201             throw new DAVException(DAVStatus.SC_FORBIDDEN, "Policy does not allow you access to this resource.", npe);
202         } catch (Exception JavaDoc e) {
203             throw new DAVException(DAVStatus.SC_INTERNAL_SERVER_ERROR, "Failed to create mount.", e);
204         }
205     }
206     
207     private boolean isLaunchSessionUsingValidPolicy(LaunchSession launchSession, NetworkPlace resource) throws Exception JavaDoc {
208         PolicyDatabase policyDatabase = PolicyDatabaseFactory.getInstance();
209         boolean hasPolicy = launchSession.hasPolicy();
210         if(!hasPolicy) {
211             return false;
212         }
213         boolean resourceAttachedToPolicy = policyDatabase.isResourceAttachedToPolicy(resource, launchSession.getPolicy(), launchSession.getSession().getRealm());
214         boolean policyGrantedToUser = policyDatabase.isPolicyGrantedToUser(launchSession.getPolicy(), launchSession.getSession().getUser());
215         return resourceAttachedToPolicy && policyGrantedToUser;
216     }
217     
218     private boolean isSuperUser(LaunchSession launchSession) {
219         SessionInfo sessionInfo = launchSession.getSession();
220         return LogonControllerFactory.getInstance().isAdministrator(sessionInfo.getUser());
221     }
222
223     /**
224      * Create the an appropriate mount instance given a launch session. If the
225      * user does not have access to the mount an exception should be thrown.
226      *
227      * @param launchSession session
228      * @return mount
229      * @throws Exception on any error
230      */
231     protected abstract AbstractNetworkPlaceMount createMount(LaunchSession launchSession) throws Exception JavaDoc;
232
233     /*
234      * (non-Javadoc)
235      *
236      * @see com.sslexplorer.vfs.VFSStore#getMountNames()
237      */
238     public Collection JavaDoc<String JavaDoc> getMountNames() throws Exception JavaDoc {
239         List JavaDoc<String JavaDoc> l = new ArrayList JavaDoc<String JavaDoc>();
240         List JavaDoc granted = NetworkPlaceDatabaseFactory.getInstance().getNetworkPlaces();
241         for (Iterator JavaDoc i = granted.iterator(); i.hasNext();) {
242             NetworkPlace np = (NetworkPlace) i.next();
243             try {
244                 if (getProvider().willHandle(np.getScheme())) {
245                     l.add(np.getResourceName());
246                 }
247             } catch (Exception JavaDoc e) {
248             }
249         }
250         return l;
251     }
252
253     /**
254      * Valid the provide URI elements are correct for URIs for the concrete
255      * store type.
256      *
257      * @param scheme scheme
258      * @param path path
259      * @param host host
260      * @param port port
261      * @param username username
262      * @param password password
263      * @param errs errors
264      * @return errors
265      * @throws IllegalArgumentException
266      */
267     public ActionErrors validateUserEntries(String JavaDoc scheme, String JavaDoc path, String JavaDoc host, int port, String JavaDoc username, String JavaDoc password,
268                                             ActionErrors errs) throws IllegalArgumentException JavaDoc {
269         try {
270             if (getProvider().getHostRequirement() == VFSProvider.ELEMENT_REQUIRED && Util.isNullOrTrimmedBlank(host)) {
271                 errs.add(Globals.ERROR_KEY, new ActionMessage("createNetworkPlace.error.noHost"));
272             }
273
274             if (getProvider().getUserInfoRequirement()== VFSProvider.ELEMENT_REQUIRED && Util.isNullOrTrimmedBlank(username)) {
275                 errs.add(Globals.ERROR_KEY, new ActionMessage("createNetworkPlace.error.noUserInfo"));
276             }
277             return errs;
278         } catch (Exception JavaDoc e) {
279             throw new IllegalArgumentException JavaDoc();
280         }
281     }
282
283 }
284
Popular Tags