KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > nl > hippo > cms > workflow > DocumentPermissionsBasedSiteAuthorizer


1 /*
2  * Copyright 2004 Hippo Webworks.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License"); you may not
5  * use this file except in compliance with the License. You may obtain a copy of
6  * the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13  * License for the specific language governing permissions and limitations under
14  * the License.
15  */
16 package nl.hippo.cms.workflow;
17
18 import com.opensymphony.module.propertyset.PropertySet;
19 import com.opensymphony.workflow.loader.ActionDescriptor;
20 import java.io.IOException JavaDoc;
21 import java.util.ArrayList JavaDoc;
22 import java.util.List JavaDoc;
23 import java.util.Map JavaDoc;
24 import nl.hippo.cms.repositorylocation.CommonRepositoryLocationRoles;
25 import nl.hippo.cms.repositorylocation.RepositoryLocation;
26 import nl.hippo.cocoon.webdav.WebDAVHelper;
27 import org.apache.avalon.framework.service.ServiceException;
28 import org.apache.avalon.framework.service.ServiceManager;
29 import org.apache.avalon.framework.service.Serviceable;
30 import org.w3c.dom.Element JavaDoc;
31 import org.w3c.dom.NodeList JavaDoc;
32
33 public class DocumentPermissionsBasedSiteAuthorizer
34         implements WorkflowActionAuthorizer, Serviceable
35 {
36
37     private ServiceManager m_serviceManager;
38
39     public DocumentPermissionsBasedSiteAuthorizer()
40     {
41         super();
42     }
43
44     public List JavaDoc authorizeActions(long workflowId, ActionDescriptor[] actions,
45             WorkflowActionAuthorizerContext context) throws IOException JavaDoc
46     {
47         List JavaDoc result = new ArrayList JavaDoc(actions.length);
48
49         String JavaDoc siteId = context.getWorkflow().getPropertySet(workflowId).getString("siteId");
50         
51         if (actions.length > 0)
52         {
53             Element JavaDoc currentUserPrivileges = getCurrentUserPrivileges(workflowId, context);
54
55             for (int i = 0; i < actions.length; i++)
56             {
57                 ActionDescriptor actionDescriptor = actions[i];
58                 Map JavaDoc metaAttributes = actionDescriptor.getMetaAttributes();
59                 if (!"internal".equals(metaAttributes.get("visibility")))
60                 {
61                     String JavaDoc name = actionDescriptor.getName();
62                     String JavaDoc namespaceUriPrefix = (String JavaDoc) metaAttributes.get("namespaceUriPrefix");
63                     if (namespaceUriPrefix != null)
64                     {
65                         NodeList JavaDoc privilegeElements = currentUserPrivileges.getElementsByTagNameNS(
66                                 namespaceUriPrefix + siteId, name);
67                         if (privilegeElements != null && privilegeElements.getLength() > 0)
68                         {
69                             result.add(actionDescriptor);
70                         }
71                     }
72                 }
73             }
74         }
75         return result;
76     }
77
78     public boolean authorizeAction(long workflowId, String JavaDoc namespace, String JavaDoc name,
79             WorkflowActionAuthorizerContext context) throws IOException JavaDoc
80     {
81         boolean result = false;
82
83         Element JavaDoc currentUserPrivileges = getCurrentUserPrivileges(workflowId, context);
84         if (currentUserPrivileges != null)
85         {
86             NodeList JavaDoc privilegeElements = currentUserPrivileges.getElementsByTagNameNS(namespace,
87                     name);
88             if (privilegeElements != null && privilegeElements.getLength() > 0)
89             {
90                 result = true;
91             }
92         }
93
94         return result;
95     }
96
97     private Element JavaDoc getCurrentUserPrivileges(long workflowId,
98             WorkflowActionAuthorizerContext context) throws IOException JavaDoc
99     {
100         PropertySet workflowProperties = context.getWorkflow().getPropertySet(workflowId);
101         String JavaDoc uri = workflowProperties.getString("location");
102         if (!uri.startsWith("http://") && !uri.startsWith("webdav://"))
103         {
104             // STATE: new style relative URI
105
106             try
107             {
108                 RepositoryLocation editorRepo = (RepositoryLocation) m_serviceManager
109                         .lookup(CommonRepositoryLocationRoles.EDITOR_REPOSITORY_LOCATION_ROLE);
110                 try
111                 {
112                     uri = editorRepo.getRepositoryInformation().getAbsoluteUri(uri);
113                 }
114                 finally
115                 {
116                     m_serviceManager.release(editorRepo);
117                 }
118             }
119             catch (ServiceException e)
120             {
121                 throw new RuntimeException JavaDoc(e);
122             }
123         }
124         Element JavaDoc currentUserPrivileges = WebDAVHelper.propfindAsElement(uri, "DAV:",
125                 "current-user-privilege-set", context.getHttpState());
126         return currentUserPrivileges;
127     }
128
129     public void service(ServiceManager serviceManager) throws ServiceException
130     {
131         m_serviceManager = serviceManager;
132     }
133 }
134
Popular Tags