PermissionDispatchAction


1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.example.struts.admin.actions;
29  
30  
31  
32  import java.security.Permission  ;
33  
34  import javax.servlet.http.HttpServletRequest  ;
35  import javax.servlet.http.HttpServletResponse  ;
36  
37  import net.sf.jguard.core.authorization.permissions.PermissionUtils;
38  import net.sf.jguard.example.struts.actions.BaseAction;
39  import net.sf.jguard.ext.SecurityConstants;
40  import net.sf.jguard.ext.authorization.AuthorizationException;
41  import net.sf.jguard.ext.authorization.manager.AuthorizationManager;
42  
43  import org.apache.log4j.Logger;
44  import org.apache.struts.action.ActionForm;
45  import org.apache.struts.action.ActionForward;
46  import org.apache.struts.action.ActionMapping;
47  import org.apache.struts.action.DynaActionForm;
48  /**
49   * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
50   *
51   */
52  public class PermissionDispatchAction extends BaseAction{
53      private static Logger logger = Logger.getLogger(PermissionDispatchAction.class);
54  
55      /**
56       * create a new URLPermission.
57       * @param mapping
58       * @param form
59       * @param request
60       * @param response
61       * @return
62       */
63      public ActionForward create(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response) {
64  
65          DynaActionForm dyna = (DynaActionForm)form;
66          AuthorizationManager am = (AuthorizationManager) request.getSession().getServletContext().getAttribute(SecurityConstants.AUTHORIZATION_MANAGER);
67  
68          Permission   permission = null;
69          try {
70              permission = getPermission(dyna);
71              am.createPermission(permission,(String  )dyna.get("domainName"));
72          } catch (AuthorizationException e) {
73              logger.error(" permission "+permission.getName()+ " in domain "+(String  )dyna.get("domainName")+" not created ",e);
74          } catch (ClassNotFoundException   e) {
75                logger.error(" permission "+permission.getName()+ " in domain "+(String  )dyna.get("domainName")+" not created ",e);
76          }
77  
78          return mapping.findForward("createPermissionOK");
79  
80      }
81  
82  
83      /**
84       * delete permission.
85       * @param mapping
86       * @param form
87       * @param request
88       * @param response
89       * @return
90       */
91      public ActionForward delete(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response) {
92  
93          DynaActionForm dyna = (DynaActionForm)form;
94          AuthorizationManager am = (AuthorizationManager) request.getSession().getServletContext().getAttribute(SecurityConstants.AUTHORIZATION_MANAGER);
95          try {
96              am.deletePermission((String  )dyna.get("permissionName"));
97          } catch (AuthorizationException e) {
98                logger.error(" permission "+(String  )dyna.get("permissionName")+" not deleted ",e);
99          }
100 
101         return mapping.findForward("deletePermissionOK");
102 
103     }
104 
105     /**
106      * update permission.
107      * @param mapping
108      * @param form
109      * @param request
110      * @param response
111      * @return
112      */
113     public ActionForward update(ActionMapping mapping, ActionForm form, HttpServletRequest   request, HttpServletResponse   response) {
114 
115         DynaActionForm dyna = (DynaActionForm)form;
116         AuthorizationManager am = (AuthorizationManager) request.getSession().getServletContext().getAttribute(SecurityConstants.AUTHORIZATION_MANAGER);
117         Permission   permission = null;
118 
119         try {
120             permission = getPermission(dyna);
121             am.updatePermission((String  )dyna.get("oldPermissionName"),permission,(String  )dyna.get("domainName"));
122         } catch (AuthorizationException e) {
123             logger.error(" permission "+(String  )dyna.get("oldPermissionName")+" not updated ",e);
124         } catch (ClassNotFoundException   e) {
125             logger.error(" permission "+(String  )dyna.get("oldPermissionName")+" not updated ",e);
126         }
127 
128         return mapping.findForward("updatePermissionOK");
129 
130     }
131 
132 
133     private Permission   getPermission(DynaActionForm dyna) throws ClassNotFoundException   {
134         String   permissionName = (String  )dyna.get("permissionName");
135         String   permissionClassName = (String  )dyna.get("permissionClass");
136         String   actions =(String  )dyna.get("permissionActions");
137         Permission   permission = PermissionUtils.getPermission(permissionClassName,permissionName,actions);
138         return permission;
139     }
140 }
141
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags