1 package nl.hippo.cms.workflows.shared; 2 3 import java.io.IOException ; 4 import java.util.Arrays ; 5 import java.util.Enumeration ; 6 import java.util.HashSet ; 7 import java.util.Iterator ; 8 import java.util.Set ; 9 import nl.hippo.cocoon.webdav.WebDAVHelper; 10 import org.apache.commons.httpclient.HttpState; 11 import org.apache.webdav.lib.Ace; 12 import org.apache.webdav.lib.Privilege; 13 import org.apache.webdav.lib.Property; 14 import org.apache.webdav.lib.properties.AclProperty; 15 import org.w3c.dom.Element ; 16 import org.w3c.dom.NodeList ; 17 18 public class UsersWithExplicitPrivilegeRetriever 19 { 20 21 private static final String [] PRINCIPALS_TO_IGNORE_AS_ARRAY = 22 { 23 "all", 24 "authenticated", 25 "unauthenticated", 26 "property", 27 "self", 28 }; 29 30 private static final Set PRINCIPALS_TO_IGNORE = new HashSet (); 31 32 static 33 { 34 PRINCIPALS_TO_IGNORE.addAll(Arrays.asList(PRINCIPALS_TO_IGNORE_AS_ARRAY)); 35 } 36 37 private String m_protocolHostAndPort; 38 39 private String m_privilegeNamespace; 40 41 private String m_privilegeName; 42 43 private HttpState m_httpState; 44 45 private String m_repositoryRoot; 46 47 private String m_absoluteUri; 48 49 private String m_usersPath; 50 51 private String m_rolesPath; 52 53 64 public UsersWithExplicitPrivilegeRetriever(String hostAndPort, String rootPath, String uri, String privilegeNamespace, String privilegeName, HttpState httpState) 65 { 66 super(); 67 68 hostAndPort = stripProtocol(hostAndPort); 69 hostAndPort = stripTrailingSlashes(hostAndPort); 70 71 rootPath = stripPrecedingSlashes(rootPath); 72 rootPath = stripTrailingSlashes(rootPath); 73 74 uri = stripPrecedingSlashes(uri); 75 76 m_protocolHostAndPort = "http://" + hostAndPort; 77 m_privilegeNamespace = privilegeNamespace; 78 m_privilegeName = privilegeName; 79 m_httpState = httpState; 80 81 m_repositoryRoot = m_protocolHostAndPort + "/" + rootPath; 82 m_absoluteUri = m_repositoryRoot + "/" + uri; 83 m_usersPath = "/" + rootPath + "/users/"; 84 m_rolesPath = "/" + rootPath + "/roles/"; 85 } 86 87 98 public Iterator retrieveUsersWithExplicitPrivilege() throws IOException 99 { 100 Set users = new HashSet (); 101 Set groups = new HashSet (); 102 103 retrieveUsersAndGroupsFromAcl(users, groups); 104 105 Set processedGroups = new HashSet (); 106 Set unprocessedGroups = new HashSet (groups); 107 unprocessedGroups.removeAll(processedGroups); 108 while (unprocessedGroups.size() > 0) 109 { 110 Iterator groupsIterator = unprocessedGroups.iterator(); 111 while (groupsIterator.hasNext()) 112 { 113 String group = (String ) groupsIterator.next(); 114 115 processedGroups.add(group); 116 117 Property property = WebDAVHelper.propfind(m_repositoryRoot + "/roles/" + group, "DAV:", "group-member-set", m_httpState); 118 119 if (property != null) 120 { 121 Element propertyContent = property.getElement(); 122 NodeList hrefs = propertyContent.getElementsByTagNameNS("DAV:", "href"); 123 for (int hrefIndex = 0; hrefIndex < hrefs.getLength(); hrefIndex += 1) 124 { 125 Element href = (Element ) hrefs.item(hrefIndex); 126 String memberUri = href.getFirstChild().getNodeValue(); 127 if (memberUri.startsWith(m_usersPath)) 128 { 129 String userName = memberUri.substring(m_usersPath.length()); 130 users.add(userName); 131 } 132 else if (memberUri.startsWith(m_rolesPath)) 133 { 134 String groupName = memberUri.substring(m_rolesPath.length()); 135 groups.add(groupName); 136 } 137 } 138 } 139 } 140 141 unprocessedGroups = new HashSet (groups); 142 unprocessedGroups.removeAll(processedGroups); 143 } 144 145 return users.iterator(); 146 } 147 148 public String getUserProperty(String userName, String propertyNamespace, String propertyName) throws IOException 149 { 150 Property property = WebDAVHelper.propfind(m_protocolHostAndPort + m_usersPath + userName, propertyNamespace, propertyName, m_httpState); 151 return property == null ? null : property.getPropertyAsString(); 152 } 153 154 private void retrieveUsersAndGroupsFromAcl(Set users, Set groups) throws IOException 155 { 156 Property property = WebDAVHelper.propfind(m_absoluteUri, "DAV:", "acl", m_httpState); 157 if (property != null && property instanceof AclProperty) 158 { 159 AclProperty aclProperty = (AclProperty) property; 160 Ace[] aces = aclProperty.getAces(); 161 for (int aceIndex = 0; aceIndex < aces.length; aceIndex += 1) 162 { 163 Ace ace = aces[aceIndex]; 164 if (!ace.isNegative()) 165 { 166 String principal = ace.getPrincipal(); 167 if (!PRINCIPALS_TO_IGNORE.contains(principal)) 168 { 169 Enumeration privilegesEnumeration = ace.enumeratePrivileges(); 170 while (privilegesEnumeration.hasMoreElements()) 171 { 172 Privilege privilege = (Privilege) privilegesEnumeration.nextElement(); 173 if (privilege.getNamespace().equals(m_privilegeNamespace) && privilege.getName().equals(m_privilegeName)) 174 { 175 if (principal.startsWith(m_usersPath)) 176 { 177 users.add(principal.substring(m_usersPath.length())); 178 } 179 else if (principal.startsWith(m_rolesPath)) 180 { 181 groups.add(principal.substring(m_rolesPath.length())); 182 } 183 } 184 } 185 } 186 } 187 } 188 } 189 } 190 191 private static String stripProtocol(String string) 192 { 193 String result; 194 195 if (string.startsWith("http://")) 196 { 197 result = string.substring("http://".length()); 198 } 199 else if (string.startsWith("webdav://")) 200 { 201 result = string.substring("webdav://".length()); 202 } 203 else 204 { 205 result = string; 206 } 207 208 return result; 209 } 210 211 private static String stripTrailingSlashes(String string) 212 { 213 while (string.endsWith("/")) 214 { 215 string = string.substring(0, string.length() - 1); 216 } 217 218 return string; 219 } 220 221 private static String stripPrecedingSlashes(String string) 222 { 223 while (string.startsWith("/")) 224 { 225 string = string.substring(1); 226 } 227 228 return string; 229 } 230 } 231 | Popular Tags |