DocumentPermissionsBasedAuthorizer


1   /*
2    * Copyright 2004 Hippo Webworks.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package nl.hippo.cms.workflow;
17  
18  import com.opensymphony.module.propertyset.PropertySet;
19  import com.opensymphony.workflow.loader.ActionDescriptor;
20  import java.io.IOException  ;
21  import java.util.ArrayList  ;
22  import java.util.List  ;
23  import nl.hippo.cms.repositorylocation.CommonRepositoryLocationRoles;
24  import nl.hippo.cms.repositorylocation.RepositoryLocation;
25  import nl.hippo.cocoon.webdav.WebDAVHelper;
26  import org.apache.avalon.framework.service.ServiceException;
27  import org.apache.avalon.framework.service.ServiceManager;
28  import org.apache.avalon.framework.service.Serviceable;
29  import org.w3c.dom.Element  ;
30  import org.w3c.dom.NodeList  ;
31  
32  public class DocumentPermissionsBasedAuthorizer implements WorkflowActionAuthorizer, Serviceable
33  {
34      
35      private ServiceManager m_serviceManager;
36  
37      public DocumentPermissionsBasedAuthorizer()
38      {
39          super();
40      }
41  
42      public List   authorizeActions(long workflowId, ActionDescriptor[] actions, WorkflowActionAuthorizerContext context) throws IOException  
43      {
44          List   result = new ArrayList  (actions.length);
45          
46          if (actions.length > 0)
47          {
48              Element   currentUserPrivileges = getCurrentUserPrivileges(workflowId, context);
49  
50              for (int i = 0; i < actions.length; i++)
51              {
52                  ActionDescriptor actionDescriptor = actions[i];
53                  String   name = actionDescriptor.getName();
54                  String   namespace = (String  ) actionDescriptor.getMetaAttributes().get(
55                          "namespaceUri");
56                  if (namespace != null)
57                  {
58                      NodeList   privilegeElements = currentUserPrivileges.getElementsByTagNameNS(
59                              namespace, name);
60                      if (privilegeElements != null && privilegeElements.getLength() > 0)
61                      {
62                          result.add(actionDescriptor);
63                      }
64                  }
65              }
66          }
67          return result;
68      }
69  
70      public boolean authorizeAction(long workflowId, String   namespace, String   name, WorkflowActionAuthorizerContext context) throws IOException  
71      {
72          boolean result = false;
73  
74          Element   currentUserPrivileges = getCurrentUserPrivileges(workflowId, context);
75          if (currentUserPrivileges != null)
76          {
77              NodeList   privilegeElements = currentUserPrivileges.getElementsByTagNameNS(
78                      namespace, name);
79              if (privilegeElements != null && privilegeElements.getLength() > 0)
80              {
81                  result = true;
82              }
83          }
84  
85  
86          return result;
87      }
88  
89      private Element   getCurrentUserPrivileges(long workflowId, WorkflowActionAuthorizerContext context) throws IOException  
90      {
91          PropertySet workflowProperties = context.getWorkflow().getPropertySet(workflowId);
92          String   uri = workflowProperties.getString("location");
93          if (!uri.startsWith("http://") && !uri.startsWith("webdav://"))
94          {
95              // STATE: new style relative URI
96              
97              try
98              {
99                  RepositoryLocation editorRepo = (RepositoryLocation) m_serviceManager
100                         .lookup(CommonRepositoryLocationRoles.EDITOR_REPOSITORY_LOCATION_ROLE);
101                 try
102                 {
103                     uri = editorRepo.getRepositoryInformation().getAbsoluteUri(uri);
104                 }
105                 finally
106                 {
107                     m_serviceManager.release(editorRepo);
108                 }
109             }
110             catch (ServiceException e)
111             {
112                 throw new RuntimeException  (e);
113             }
114         }
115         Element   currentUserPrivileges = WebDAVHelper.propfindAsElement(uri, "DAV:", "current-user-privilege-set", context.getHttpState());
116         return currentUserPrivileges;
117     }
118 
119     public void service(ServiceManager serviceManager) throws ServiceException
120     {
121         m_serviceManager = serviceManager;
122     }
123 }
124
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags