1 16 package nl.hippo.cms.workflow; 17 18 import com.opensymphony.module.propertyset.PropertySet; 19 import com.opensymphony.workflow.loader.ActionDescriptor; 20 import java.io.IOException ; 21 import java.util.ArrayList ; 22 import java.util.List ; 23 import nl.hippo.cms.repositorylocation.CommonRepositoryLocationRoles; 24 import nl.hippo.cms.repositorylocation.RepositoryLocation; 25 import nl.hippo.cocoon.webdav.WebDAVHelper; 26 import org.apache.avalon.framework.service.ServiceException; 27 import org.apache.avalon.framework.service.ServiceManager; 28 import org.apache.avalon.framework.service.Serviceable; 29 import org.w3c.dom.Element ; 30 import org.w3c.dom.NodeList ; 31 32 public class DocumentPermissionsBasedAuthorizer implements WorkflowActionAuthorizer, Serviceable 33 { 34 35 private ServiceManager m_serviceManager; 36 37 public DocumentPermissionsBasedAuthorizer() 38 { 39 super(); 40 } 41 42 public List authorizeActions(long workflowId, ActionDescriptor[] actions, WorkflowActionAuthorizerContext context) throws IOException 43 { 44 List result = new ArrayList (actions.length); 45 46 if (actions.length > 0) 47 { 48 Element currentUserPrivileges = getCurrentUserPrivileges(workflowId, context); 49 50 for (int i = 0; i < actions.length; i++) 51 { 52 ActionDescriptor actionDescriptor = actions[i]; 53 String name = actionDescriptor.getName(); 54 String namespace = (String ) actionDescriptor.getMetaAttributes().get( 55 "namespaceUri"); 56 if (namespace != null) 57 { 58 NodeList privilegeElements = currentUserPrivileges.getElementsByTagNameNS( 59 namespace, name); 60 if (privilegeElements != null && privilegeElements.getLength() > 0) 61 { 62 result.add(actionDescriptor); 63 } 64 } 65 } 66 } 67 return result; 68 } 69 70 public boolean authorizeAction(long workflowId, String namespace, String name, WorkflowActionAuthorizerContext context) throws IOException 71 { 72 boolean result = false; 73 74 Element currentUserPrivileges = getCurrentUserPrivileges(workflowId, context); 75 if (currentUserPrivileges != null) 76 { 77 NodeList privilegeElements = currentUserPrivileges.getElementsByTagNameNS( 78 namespace, name); 79 if (privilegeElements != null && privilegeElements.getLength() > 0) 80 { 81 result = true; 82 } 83 } 84 85 86 return result; 87 } 88 89 private Element getCurrentUserPrivileges(long workflowId, WorkflowActionAuthorizerContext context) throws IOException 90 { 91 PropertySet workflowProperties = context.getWorkflow().getPropertySet(workflowId); 92 String uri = workflowProperties.getString("location"); 93 if (!uri.startsWith("http://") && !uri.startsWith("webdav://")) 94 { 95 97 try 98 { 99 RepositoryLocation editorRepo = (RepositoryLocation) m_serviceManager 100 .lookup(CommonRepositoryLocationRoles.EDITOR_REPOSITORY_LOCATION_ROLE); 101 try 102 { 103 uri = editorRepo.getRepositoryInformation().getAbsoluteUri(uri); 104 } 105 finally 106 { 107 m_serviceManager.release(editorRepo); 108 } 109 } 110 catch (ServiceException e) 111 { 112 throw new RuntimeException (e); 113 } 114 } 115 Element currentUserPrivileges = WebDAVHelper.propfindAsElement(uri, "DAV:", "current-user-privilege-set", context.getHttpState()); 116 return currentUserPrivileges; 117 } 118 119 public void service(ServiceManager serviceManager) throws ServiceException 120 { 121 m_serviceManager = serviceManager; 122 } 123 } 124 | Popular Tags |