1 16 package nl.hippo.cms.workflow; 17 18 import com.opensymphony.module.propertyset.PropertySet; 19 import com.opensymphony.workflow.loader.ActionDescriptor; 20 import java.io.IOException ; 21 import java.util.ArrayList ; 22 import java.util.List ; 23 import java.util.Map ; 24 import nl.hippo.cms.repositorylocation.CommonRepositoryLocationRoles; 25 import nl.hippo.cms.repositorylocation.RepositoryLocation; 26 import nl.hippo.cocoon.webdav.WebDAVHelper; 27 import org.apache.avalon.framework.service.ServiceException; 28 import org.apache.avalon.framework.service.ServiceManager; 29 import org.apache.avalon.framework.service.Serviceable; 30 import org.w3c.dom.Element ; 31 import org.w3c.dom.NodeList ; 32 33 public class DocumentPermissionsBasedSiteAuthorizer 34 implements WorkflowActionAuthorizer, Serviceable 35 { 36 37 private ServiceManager m_serviceManager; 38 39 public DocumentPermissionsBasedSiteAuthorizer() 40 { 41 super(); 42 } 43 44 public List authorizeActions(long workflowId, ActionDescriptor[] actions, 45 WorkflowActionAuthorizerContext context) throws IOException 46 { 47 List result = new ArrayList (actions.length); 48 49 String siteId = context.getWorkflow().getPropertySet(workflowId).getString("siteId"); 50 51 if (actions.length > 0) 52 { 53 Element currentUserPrivileges = getCurrentUserPrivileges(workflowId, context); 54 55 for (int i = 0; i < actions.length; i++) 56 { 57 ActionDescriptor actionDescriptor = actions[i]; 58 Map metaAttributes = actionDescriptor.getMetaAttributes(); 59 if (!"internal".equals(metaAttributes.get("visibility"))) 60 { 61 String name = actionDescriptor.getName(); 62 String namespaceUriPrefix = (String ) metaAttributes.get("namespaceUriPrefix"); 63 if (namespaceUriPrefix != null) 64 { 65 NodeList privilegeElements = currentUserPrivileges.getElementsByTagNameNS( 66 namespaceUriPrefix + siteId, name); 67 if (privilegeElements != null && privilegeElements.getLength() > 0) 68 { 69 result.add(actionDescriptor); 70 } 71 } 72 } 73 } 74 } 75 return result; 76 } 77 78 public boolean authorizeAction(long workflowId, String namespace, String name, 79 WorkflowActionAuthorizerContext context) throws IOException 80 { 81 boolean result = false; 82 83 Element currentUserPrivileges = getCurrentUserPrivileges(workflowId, context); 84 if (currentUserPrivileges != null) 85 { 86 NodeList privilegeElements = currentUserPrivileges.getElementsByTagNameNS(namespace, 87 name); 88 if (privilegeElements != null && privilegeElements.getLength() > 0) 89 { 90 result = true; 91 } 92 } 93 94 return result; 95 } 96 97 private Element getCurrentUserPrivileges(long workflowId, 98 WorkflowActionAuthorizerContext context) throws IOException 99 { 100 PropertySet workflowProperties = context.getWorkflow().getPropertySet(workflowId); 101 String uri = workflowProperties.getString("location"); 102 if (!uri.startsWith("http://") && !uri.startsWith("webdav://")) 103 { 104 106 try 107 { 108 RepositoryLocation editorRepo = (RepositoryLocation) m_serviceManager 109 .lookup(CommonRepositoryLocationRoles.EDITOR_REPOSITORY_LOCATION_ROLE); 110 try 111 { 112 uri = editorRepo.getRepositoryInformation().getAbsoluteUri(uri); 113 } 114 finally 115 { 116 m_serviceManager.release(editorRepo); 117 } 118 } 119 catch (ServiceException e) 120 { 121 throw new RuntimeException (e); 122 } 123 } 124 Element currentUserPrivileges = WebDAVHelper.propfindAsElement(uri, "DAV:", 125 "current-user-privilege-set", context.getHttpState()); 126 return currentUserPrivileges; 127 } 128 129 public void service(ServiceManager serviceManager) throws ServiceException 130 { 131 m_serviceManager = serviceManager; 132 } 133 } 134 | Popular Tags |