KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > policyframework > LaunchSession


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */
19             
20 package com.sslexplorer.policyframework;
21
22 import java.util.HashMap JavaDoc;
23 import java.util.Map JavaDoc;
24
25 import com.sslexplorer.security.SessionInfo;
26 import com.sslexplorer.security.User;
27
28 /**
29  * Whenever a resource is launched, it is launched under a particular policy.
30  * This object encapsulates everything about a launched resource.
31  *
32  * @author Brett Smith <a HREF="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
33  */
34 public class LaunchSession {
35
36     /**
37      * Constant returned from {@link LaunchSession#checkAccessRights()} that
38      * indicates user access is allowed.
39      */
40     public final static AccessRight USER_ACCESS = new AccessRight();
41
42     /**
43      * Constant returned from {@link LaunchSession#checkAccessRights()} that
44      * indicates management access is allowed
45      */
46     public final static AccessRight MANAGEMENT_ACCESS = new AccessRight();
47
48     /**
49      * URL parameter used to identifiy launch session
50      */
51     public static final String JavaDoc LAUNCH_ID = "launchId";
52
53     /**
54      * Longer (more likely to be unique) URL parameter used to identifiy launch session
55      */
56     public static final String JavaDoc LONG_LAUNCH_ID = "sslx_launchId";
57
58     // Private instance variables
59
60     private SessionInfo session;
61     private Resource resource;
62     private Policy policy;
63     private String JavaDoc id;
64     private Map JavaDoc<String JavaDoc, Object JavaDoc> attributes = new HashMap JavaDoc<String JavaDoc, Object JavaDoc>();
65
66     /**
67      * Constructor for a resource that does not need to be under any policy
68      * control
69      *
70      * @param resource
71      */
72     public LaunchSession(Resource resource) {
73         this(null, null, resource, null);
74     }
75
76     /**
77      * Constructor for a temporary resource session that is not attached to any
78      * policy framework resource.
79      *
80      * @param session session
81      */
82     public LaunchSession(SessionInfo session) {
83         this(null, session, null, null);
84     }
85
86     /**
87      * Constructor.
88      *
89      * @param id resource session id
90      * @param session session
91      * @param resource resource
92      * @param policy policy launched under
93      */
94     public LaunchSession(String JavaDoc id, SessionInfo session, Resource resource, Policy policy) {
95         super();
96         if(session == null) {
97             throw new IllegalArgumentException JavaDoc("Session must be provided.");
98         }
99         this.id = id;
100         this.session = session;
101         this.resource = resource;
102         this.policy = policy;
103         if( ( resource == null && policy != null ) || ( policy == null && resource != null ) ) {
104             throw new IllegalArgumentException JavaDoc("If either resource or policy is provided, resource and policy must be provided.");
105         }
106     }
107
108     /**
109      * Get if this launch should check if permission is allowed. This will be
110      * true if the launch session has a resource attribute and a policy attribute.
111      *
112      * @return should check access rights
113      */
114     public boolean hasPolicy() {
115         return resource != null && policy != null;
116     }
117
118     /**
119      * Check if access is granted to this resource. The return value indicates
120      * the access type allowed. Will return either {@link #USER_ACCESS} or
121      * {@link #MANAGEMENT_ACCESS}.
122      *
123      * @param user if available, the requesting user. This is checked against the launchsession's user
124      * @param sessionInfo if available, the requesting user. This is checked against the launchsession's user
125      * @return access right
126      * @throws NoPermissionException if permission is not allowed
127      * @throws PolicyException if permission cannot be determined for some reason
128      */
129     public AccessRight checkAccessRights(User user, SessionInfo sessionInfo) throws NoPermissionException, PolicyException {
130         if (resource == null) {
131             throw new PolicyException(PolicyException.INTERNAL_ERROR, "This resource session is not attached to a resource.");
132         }
133         ResourceType resourceType = resource.getResourceType();
134         if(sessionInfo != null && this.session != null && !sessionInfo.equals(this.session)) {
135             throw new NoPermissionException("You do not own this session.", session.getUser(), resourceType);
136         }
137         if(user != null && this.session != null && !user.equals(this.session.getUser())) {
138             throw new NoPermissionException("Your user does not own this session.", user, resourceType);
139         }
140         try {
141             if (!(resource instanceof OwnedResource) || (resource instanceof OwnedResource && ((OwnedResource) resource).getOwnerUsername() == null)) {
142                 try {
143                     // assigned
144 if (!PolicyDatabaseFactory.getInstance().isPrincipalAllowed(session.getUser(),
145                         resource,
146                         false)) {
147                         throw new NoPermissionException("You may not access this resource here.", session.getUser(), resourceType);
148                     }
149                 } catch (NoPermissionException npe2) {
150                     throw npe2;
151                 } catch (Exception JavaDoc e) {
152                     throw new NoPermissionException("Failed to determine if resource is accessable.",
153                                     session.getUser(),
154                                     resourceType);
155                 }
156             } else {
157                 // or owned
158 if (!(session.getUser().getPrincipalName().equals(((OwnedResource) resource).getOwnerUsername()))) {
159                     throw new NoPermissionException("You do not have permission to access this resource.",
160                                     session.getUser(),
161                                     resourceType);
162                 }
163             }
164             return USER_ACCESS;
165         } catch (NoPermissionException npe) {
166             ResourceUtil.checkResourceManagementRights(resource, session, new Permission[] { PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN, PolicyConstants.PERM_EDIT_AND_ASSIGN });
167             return MANAGEMENT_ACCESS;
168         } catch (Exception JavaDoc e) {
169             throw new NoPermissionException("Failed to determine if resource is accessable.", session.getUser(), resourceType);
170         }
171     }
172
173     /**
174      * Get the policy this resource was launched under.
175      *
176      * @return policy
177      */
178     public Policy getPolicy() {
179         return policy;
180     }
181
182     /**
183      * Get the resource lauched
184      *
185      * @return launch
186      */
187     public Resource getResource() {
188         return resource;
189     }
190
191     /**
192      * Set the resouce launched
193      *
194      * @param resource resource
195      */
196     public void setResource(Resource resource) {
197         this.resource = resource;
198
199     }
200
201     /**
202      * Get the user session that launched the resource.
203      *
204      * @return resource
205      */
206     public SessionInfo getSession() {
207         return session;
208     }
209
210     /**
211      * Get the unique ID for this launch
212      *
213      * @return id
214      */
215     public String JavaDoc getId() {
216         return id;
217     }
218     
219     /**
220      * Remove policy from this launch session
221      */
222     public void takePolicy() {
223         policy = null;
224     }
225
226     /**
227      * Give this launch session policy.
228      *
229      * @param policy policy
230      */
231     public void givePolicy(Policy policy) {
232         this.policy = policy;
233     }
234
235     /**
236      * Get if this launch session is tracked. It is tracked if it
237      * has an ID.
238      *
239      * @return tracked
240      */
241     public boolean isTracked() {
242         return id != null;
243     }
244     
245     /**
246      * Get an attribute value given its name. <code>null</code>
247      * will be returned if no such attribute exists.
248      *
249      * @param name name of attribute
250      * @return value
251      */
252     public Object JavaDoc getAttribute(String JavaDoc name) {
253         return attributes.get(name);
254     }
255     
256     /**
257      * Set an attribute
258      *
259      * @param name name of attribute
260      * @param value value of attribute
261      */
262     public void setAttribute(String JavaDoc name, Object JavaDoc value) {
263         attributes.put(name, value);
264     }
265
266     /*
267      * (non-Javadoc)
268      *
269      * @see java.lang.Object#equals(java.lang.Object)
270      */
271     public boolean equals(Object JavaDoc o) {
272         return o instanceof LaunchSession && getId() != null
273             && ((LaunchSession) o).getId() != null
274             && ((LaunchSession) o).getId().equals(getId())
275             && ((LaunchSession) o).getSession().getHttpSession().equals(getSession().getHttpSession());
276     }
277
278     /*
279      * (non-Javadoc)
280      *
281      * @see java.lang.Object#hashCode()
282      */
283     @Override JavaDoc
284     public int hashCode() {
285         return (getSession().getHttpSession().getId() + "_" + getId()).hashCode();
286     }
287
288     /*
289      * (non-Javadoc)
290      *
291      * @see java.lang.Object#toString()
292      */
293     @Override JavaDoc
294     public String JavaDoc toString() {
295         return (hasPolicy() ? ("PolicyProtected [policy=" + policy.getResourceId()
296             + ",resource="
297             + resource.getResourceName()
298             + "/"
299             + resource.getResourceType().getResourceTypeId() + ",") : "Unprotected [") + "session="
300             + session.getId()
301             + ",httpSession="
302             + session.getHttpSession().getId()
303             + "]";
304     }
305
306     /**
307      * Access right
308      */
309     public static class AccessRight {
310     }
311 }
312
Popular Tags