KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > security > tags > PermissionTag


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */
19             
20 package com.sslexplorer.security.tags;
21
22 import java.util.ArrayList JavaDoc;
23 import java.util.List JavaDoc;
24 import java.util.StringTokenizer JavaDoc;
25
26 import javax.servlet.jsp.tagext.TagSupport JavaDoc;
27
28 import org.apache.commons.logging.Log;
29 import org.apache.commons.logging.LogFactory;
30
31 import com.sslexplorer.policyframework.Permission;
32 import com.sslexplorer.policyframework.PolicyDatabaseFactory;
33 import com.sslexplorer.policyframework.ResourceType;
34 import com.sslexplorer.security.LogonControllerFactory;
35 import com.sslexplorer.security.User;
36
37 public class PermissionTag extends TagSupport JavaDoc {
38     
39     final static Log log = LogFactory.getLog(PermissionTag.class);
40     
41     boolean required = true;
42     int resourceTypeId = -1;
43     String JavaDoc permissionList = "";
44     boolean all = false;
45
46     public PermissionTag() {
47     }
48
49     public int doStartTag() {
50
51         User user = null;
52         try {
53             user = LogonControllerFactory.getInstance().getUser(pageContext.getSession(), null);
54             if (user == null) {
55                 return required ? SKIP_BODY : EVAL_BODY_INCLUDE;
56             } else {
57                 
58                 ResourceType resourceType = null;
59                 if (resourceTypeId != -1) {
60                     if (permissionList.equals("")) {
61                         throw new Error JavaDoc("No permissionMask attribute supplied.");
62                     }
63                     resourceType = PolicyDatabaseFactory.getInstance().getResourceType(resourceTypeId);
64                 }
65                 if (resourceType != null) {
66                     StringTokenizer JavaDoc t = new StringTokenizer JavaDoc(permissionList, ",");
67                     List JavaDoc allowed = new ArrayList JavaDoc();
68                     List JavaDoc denied = new ArrayList JavaDoc();
69                     while(t.hasMoreTokens()) {
70                         String JavaDoc perm = t.nextToken();
71                         if(perm.startsWith("!")) {
72                             int id = Integer.parseInt(perm.substring(1));
73                             Permission permInfo = resourceType.getPermission(id);
74                             if(permInfo == null) {
75                                 throw new Error JavaDoc("No permission with ID of " + id + " in resource type " + resourceType.getResourceTypeId());
76                             }
77                             denied.add(permInfo);
78                         }
79                         else {
80                             int id = Integer.parseInt(perm);
81                             Permission permInfo = resourceType.getPermission(id);
82                             if(permInfo == null) {
83                                 throw new Error JavaDoc("No permission with ID of " + id + " in resource type " + resourceType.getResourceTypeId());
84                             }
85                             allowed.add(permInfo);
86                         }
87                     }
88                     Permission[] allowedPerms = (Permission[])
89                         allowed.toArray(new Permission[allowed.size()]);
90                     Permission[] deniedPerms = (Permission[])
91                     denied.toArray(new Permission[denied.size()]);
92                     boolean allowedOk = allowedPerms.length == 0 ? true : PolicyDatabaseFactory.getInstance().isPermitted(
93                         resourceType, allowedPerms, user, all);
94                     boolean deniedOk = deniedPerms.length == 0 ? all : !PolicyDatabaseFactory.getInstance().isPermitted(
95                         resourceType, deniedPerms, user, all);
96                     if(all) {
97                         if(allowedOk && deniedOk) {
98                             return required ? EVAL_BODY_INCLUDE : SKIP_BODY;
99                         }
100                         else {
101                             return required ? SKIP_BODY : EVAL_BODY_INCLUDE;
102                         }
103                     }
104                     else {
105                         if(allowedOk || deniedOk) {
106                             return required ? EVAL_BODY_INCLUDE : SKIP_BODY;
107                         }
108                         else {
109                             return required ? SKIP_BODY : EVAL_BODY_INCLUDE;
110                         }
111                     }
112                 } else {
113                     if (!PolicyDatabaseFactory.getInstance().isAnyAccessRightAllowed(user, true, true, false)) {
114                         return SKIP_BODY;
115                     } else {
116                         return EVAL_BODY_INCLUDE;
117                     }
118                 }
119             }
120         } catch (Exception JavaDoc e) {
121             log.error("Failed to term permissions.", e);
122         }
123         return SKIP_BODY;
124     }
125     
126     public void setAll(boolean all) {
127         this.all = all;
128     }
129
130     public void setRequired(boolean required) {
131         this.required = required;
132     }
133
134     public void setResourceType(int resourceTypeId) {
135         this.resourceTypeId = resourceTypeId;
136     }
137
138     public void setPermissionList(String JavaDoc permissionList) {
139         this.permissionList = permissionList;
140     }
141     
142     public void setPermissionList(int permissionList) {
143         this.permissionList = String.valueOf(permissionList);
144     }
145
146     /*
147      * (non-Javadoc)
148      *
149      * @see javax.servlet.jsp.tagext.TagSupport#release()
150      */
151     public void release() {
152         required = true;
153         permissionList = "";
154         resourceTypeId = -1;
155         all = false;
156         super.release();
157     }
158 }
Popular Tags