1 package com.sslexplorer.policyframework.forms; 2 3 import java.util.ArrayList ; 4 import java.util.Collections ; 5 import java.util.Iterator ; 6 import java.util.List ; 7 8 import javax.servlet.http.HttpServletRequest ; 9 import javax.servlet.http.HttpSession ; 10 11 import org.apache.commons.logging.Log; 12 import org.apache.commons.logging.LogFactory; 13 import org.apache.struts.Globals; 14 import org.apache.struts.action.ActionErrors; 15 import org.apache.struts.action.ActionMapping; 16 import org.apache.struts.action.ActionMessage; 17 import org.apache.struts.util.MessageResources; 18 19 import com.sslexplorer.boot.CodedException; 20 import com.sslexplorer.boot.PropertyClass; 21 import com.sslexplorer.boot.PropertyClassManager; 22 import com.sslexplorer.boot.PropertyDefinition; 23 import com.sslexplorer.boot.PropertyList; 24 import com.sslexplorer.core.BundleActionMessage; 25 import com.sslexplorer.core.CoreException; 26 import com.sslexplorer.core.CoreUtil; 27 import com.sslexplorer.core.UserDatabaseManager; 28 import com.sslexplorer.input.MultiSelectSelectionModel; 29 import com.sslexplorer.policyframework.Policy; 30 import com.sslexplorer.policyframework.PolicyConstants; 31 import com.sslexplorer.policyframework.PolicyDatabaseFactory; 32 import com.sslexplorer.policyframework.Principal; 33 import com.sslexplorer.policyframework.Resource; 34 import com.sslexplorer.policyframework.ResourceUtil; 35 import com.sslexplorer.properties.Property; 36 import com.sslexplorer.properties.attributes.AttributeDefinition; 37 import com.sslexplorer.properties.attributes.AttributeValueItem; 38 import com.sslexplorer.properties.impl.policyattributes.PolicyAttributeKey; 39 import com.sslexplorer.properties.impl.policyattributes.PolicyAttributes; 40 import com.sslexplorer.security.AuthenticationScheme; 41 import com.sslexplorer.security.DefaultAuthenticationScheme; 42 import com.sslexplorer.security.LogonControllerFactory; 43 import com.sslexplorer.security.Role; 44 import com.sslexplorer.security.SessionInfo; 45 import com.sslexplorer.security.User; 46 import com.sslexplorer.security.UserDatabase; 47 import com.sslexplorer.tabs.TabModel; 48 49 public class PolicyForm extends AbstractResourceForm implements TabModel { 50 final static Log log = LogFactory.getLog(PoliciesForm.class); 51 private PropertyList selectedAccounts; 52 private PropertyList selectedRoles; 53 private List <AttributeValueItem> attributeValueItems; 54 private String selectedTab = "details"; 55 private List categoryIds; 56 private List categoryTitles; 57 private PropertyClass propertyClass; 58 59 public PolicyForm() { 60 super(); 61 selectedAccounts = new PropertyList(); 62 selectedRoles = new PropertyList(); 63 propertyClass = PropertyClassManager.getInstance().getPropertyClass(PolicyAttributes.NAME); 64 } 65 66 public String getSelectedAccounts() { 67 return selectedAccounts.getAsTextFieldText(); 68 } 69 70 public void setSelectedAccounts(String selectedAccounts) { 71 this.selectedAccounts.setAsTextFieldText(selectedAccounts); 72 } 73 74 public String getSelectedRoles() { 75 return selectedRoles.getAsTextFieldText(); 76 } 77 78 public void setSelectedRoles(String selectedRoles) { 79 this.selectedRoles.setAsTextFieldText(selectedRoles); 80 } 81 82 public int getTabCount() { 83 return 2 + (categoryIds.size()); 84 } 85 86 public String getTabTitle(int idx) { 87 switch (idx) { 88 case 0: 89 case 1: 90 return null; 91 default: 92 return (String ) categoryTitles.get(idx - 2); 93 } 94 } 95 96 public String getTabName(int idx) { 97 switch (idx) { 98 case 0: 99 return "details"; 100 case 1: 101 return "principals"; 102 default: 103 return (String ) categoryIds.get(idx - 2); 104 } 105 } 106 107 110 public void setSelectedAccounts(PropertyList selectedAccounts) { 111 this.selectedAccounts = selectedAccounts; 112 } 113 114 117 public void setSelectedRoles(PropertyList selectedRoles) { 118 this.selectedRoles = selectedRoles; 119 } 120 121 public PropertyList getSelectedAccountsList() { 122 return selectedAccounts; 123 } 124 125 public PropertyList getSelectedRolesList() { 126 return selectedRoles; 127 } 128 129 public Resource getResourceByName(String name, SessionInfo session) throws Exception { 130 return PolicyDatabaseFactory.getInstance().getPolicyByName(name, session.getUser().getRealm().getResourceId()); 131 } 132 133 140 public void initialise(User user, Resource resource, boolean editing, MultiSelectSelectionModel policyModel, 141 PropertyList selectedPolicies, User owner, boolean assignOnly) throws Exception { 142 super.initialise(user, resource, editing, policyModel, selectedPolicies, owner, assignOnly); 143 Policy pol = (Policy) resource; 144 selectedAccounts = new PropertyList(); 145 selectedRoles = new PropertyList(); 146 List principals = PolicyDatabaseFactory.getInstance().getPrincipalsGrantedPolicy((Policy) resource, user.getRealm()); 147 for (Iterator i = principals.iterator(); i.hasNext();) { 148 Principal p = (Principal) i.next(); 149 if (p instanceof Role) { 150 selectedRoles.add(p.getPrincipalName()); 151 } else { 152 selectedAccounts.add(p.getPrincipalName()); 153 } 154 } 155 } 156 157 public void initAttributes(HttpServletRequest request) { 158 159 163 164 attributeValueItems = new ArrayList (); 165 for (PropertyDefinition d : propertyClass.getDefinitions()) { 166 AttributeDefinition def = (AttributeDefinition)d; 167 if (!def.isHidden()) { 168 if (def.getVisibility() != AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) { 169 String value = def.getDefaultValue(); 170 if (user != null) { 171 value = Property.getProperty(new PolicyAttributeKey(getResourceId(), def.getName())); 172 } 173 AttributeValueItem item = new AttributeValueItem(def, request, value); 174 attributeValueItems.add(item); 175 } 176 } 177 } 178 179 182 183 Collections.sort(attributeValueItems); 184 categoryIds = new ArrayList (); 185 categoryTitles = new ArrayList (); 186 for (Iterator i = attributeValueItems.iterator(); i.hasNext();) { 187 AttributeValueItem item = (AttributeValueItem) i.next(); 188 int idx = categoryIds.indexOf(item.getCategoryId()); 189 if (idx == -1) { 190 categoryIds.add(item.getCategoryId()); 191 categoryTitles.add(item.getCategoryLabel()); 192 } 193 } 194 } 195 196 public String getSelectedTab() { 197 return selectedTab; 198 } 199 200 public void setSelectedTab(String selectedTab) { 201 this.selectedTab = selectedTab; 202 203 } 204 205 public void applyToResource() throws Exception { 206 } 207 208 213 public String getTabBundle(int idx) { 214 return null; 215 } 216 217 222 public List getCategoryIds() { 223 return categoryIds; 224 } 225 226 231 public List <AttributeValueItem> getAttributeValueItems() { 232 return attributeValueItems; 233 } 234 235 public ActionErrors validate(ActionMapping mapping, HttpServletRequest request) { 236 ActionErrors errs = super.validate(mapping, request); 237 if (isCommiting()) { 238 try { 239 for (AttributeValueItem item : attributeValueItems) { 240 PropertyDefinition def = item.getDefinition(); 241 try { 242 def.validate(item.getValue().toString(), getClass().getClassLoader()); 243 } catch (CoreException ce) { 244 ce.getBundleActionMessage().setArg3(item.getLabel()); 245 errs.add(Globals.ERROR_KEY, ce.getBundleActionMessage()); 246 } 247 } 248 249 250 SessionInfo session = LogonControllerFactory.getInstance().getSessionInfo(request); 251 UserDatabase udb = UserDatabaseManager.getInstance().getUserDatabase(session.getRealm()); 252 for(String account : selectedAccounts) { 253 try { 254 udb.getAccount(account); 255 } 256 catch(Exception e) { 257 errs.add(Globals.ERROR_KEY, new ActionMessage("editPolicy.error.invalidUser", account)); 258 } 259 } 260 for(String role : selectedRoles) { 261 try { 262 if(udb.getRole(role) == null) { 263 throw new Exception (); 264 } 265 } 266 catch(Exception e) { 267 errs.add(Globals.ERROR_KEY, new ActionMessage("editPolicy.error.invalidRole", role)); 268 } 269 } 270 } 271 catch (Exception e) { 272 errs.add(Globals.ERROR_KEY, new ActionMessage("editPolicy.failedToValidate", e.getMessage())); 273 } 274 275 SessionInfo info = LogonControllerFactory.getInstance().getSessionInfo(request); 276 boolean found = false; 277 try { 278 List wasAttached = PolicyDatabaseFactory.getInstance().getPrincipalsGrantedPolicy( 279 (Policy) this.getResource(), info.getUser().getRealm()); List nowAttached = this.getSelectedAccountsList(); 281 if (wasAttached.contains(getUser()) && !nowAttached.contains(getUser().getPrincipalName())) { 283 List authSchemes = ResourceUtil.getGrantedResource(info, PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE); 284 for (Iterator iter = authSchemes.iterator(); iter.hasNext();) { 285 AuthenticationScheme element = (DefaultAuthenticationScheme) iter.next(); 286 if (!element.isSystemScheme() && element.getEnabled()) { 287 List attachedPolicies = PolicyDatabaseFactory.getInstance().getPoliciesAttachedToResource( 288 element, info.getUser().getRealm()); 289 for (Iterator iterator = attachedPolicies.iterator(); iterator.hasNext();) { 290 Policy policy = (Policy) iterator.next(); 291 if (!this.getResource().equals(policy) 292 && PolicyDatabaseFactory.getInstance().isPolicyGrantedToUser(policy, 293 getUser())) { 294 found = true; 295 } 296 } 297 } 298 } 299 } 300 else{ 301 found = true; 302 } 303 } catch (Exception e) { 304 errs.add(Globals.ERROR_KEY, new ActionMessage("authenticationSchemes.error.failedToValidateSuperUserAuthSchemeConnection")); 305 } 306 if (!found) { 307 errs.add(Globals.ERROR_KEY, new BundleActionMessage("security", "authenticationSchemes.error.mustHavePolicySuperUserAssociation")); 308 } 309 } 310 return errs; 311 } 312 } 313 | Popular Tags |