KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > nl > hippo > cms > workflows > shared > UsersWithExplicitPrivilegeRetriever


1 package nl.hippo.cms.workflows.shared;
2
3 import java.io.IOException JavaDoc;
4 import java.util.Arrays JavaDoc;
5 import java.util.Enumeration JavaDoc;
6 import java.util.HashSet JavaDoc;
7 import java.util.Iterator JavaDoc;
8 import java.util.Set JavaDoc;
9 import nl.hippo.cocoon.webdav.WebDAVHelper;
10 import org.apache.commons.httpclient.HttpState;
11 import org.apache.webdav.lib.Ace;
12 import org.apache.webdav.lib.Privilege;
13 import org.apache.webdav.lib.Property;
14 import org.apache.webdav.lib.properties.AclProperty;
15 import org.w3c.dom.Element JavaDoc;
16 import org.w3c.dom.NodeList JavaDoc;
17
18 public class UsersWithExplicitPrivilegeRetriever
19 {
20
21     private static final String JavaDoc[] PRINCIPALS_TO_IGNORE_AS_ARRAY =
22     {
23         "all",
24         "authenticated",
25         "unauthenticated",
26         "property",
27         "self",
28     };
29
30     private static final Set JavaDoc PRINCIPALS_TO_IGNORE = new HashSet JavaDoc();
31     
32     static
33     {
34         PRINCIPALS_TO_IGNORE.addAll(Arrays.asList(PRINCIPALS_TO_IGNORE_AS_ARRAY));
35     }
36
37     private String JavaDoc m_protocolHostAndPort;
38     
39     private String JavaDoc m_privilegeNamespace;
40     
41     private String JavaDoc m_privilegeName;
42     
43     private HttpState m_httpState;
44     
45     private String JavaDoc m_repositoryRoot;
46     
47     private String JavaDoc m_absoluteUri;
48     
49     private String JavaDoc m_usersPath;
50     
51     private String JavaDoc m_rolesPath;
52
53     /**
54      * @param hostAndPort The host and port of the repository server.
55      * @param rootPath The path to the root of the repository.
56      * @param uri The URI relative to the root for which to retrieve the users.
57      * @param privilegeNamespace The namespace of the privilege which the
58      * users must have.
59      * @param privilegeName The simple name of the privilege which the users
60      * must have.
61      * @param httpState The HTTP state to use for communicating with the
62      * server.
63      */

64     public UsersWithExplicitPrivilegeRetriever(String JavaDoc hostAndPort, String JavaDoc rootPath, String JavaDoc uri, String JavaDoc privilegeNamespace, String JavaDoc privilegeName, HttpState httpState)
65     {
66         super();
67
68         hostAndPort = stripProtocol(hostAndPort);
69         hostAndPort = stripTrailingSlashes(hostAndPort);
70         
71         rootPath = stripPrecedingSlashes(rootPath);
72         rootPath = stripTrailingSlashes(rootPath);
73         
74         uri = stripPrecedingSlashes(uri);
75         
76         m_protocolHostAndPort = "http://" + hostAndPort;
77         m_privilegeNamespace = privilegeNamespace;
78         m_privilegeName = privilegeName;
79         m_httpState = httpState;
80
81         m_repositoryRoot = m_protocolHostAndPort + "/" + rootPath;
82         m_absoluteUri = m_repositoryRoot + "/" + uri;
83         m_usersPath = "/" + rootPath + "/users/";
84         m_rolesPath = "/" + rootPath + "/roles/";
85     }
86
87     /**
88      * Retrieve the set of users which has a privilege explicitly assigned
89      * for a specific URI. The privilege must be used in an access control
90      * entry (ACE). Privilege groups will not be expanded. Inherited ACEs will
91      * be evaluated.
92      *
93      * @return An iterator over the set of users which have the privilege for
94      * the uri.
95      * @throws IOException If there is a problem communicating with the
96      * server.
97      */

98     public Iterator JavaDoc retrieveUsersWithExplicitPrivilege() throws IOException JavaDoc
99     {
100         Set JavaDoc users = new HashSet JavaDoc();
101         Set JavaDoc groups = new HashSet JavaDoc();
102         
103         retrieveUsersAndGroupsFromAcl(users, groups);
104         
105         Set JavaDoc processedGroups = new HashSet JavaDoc();
106         Set JavaDoc unprocessedGroups = new HashSet JavaDoc(groups);
107         unprocessedGroups.removeAll(processedGroups);
108         while (unprocessedGroups.size() > 0)
109         {
110             Iterator JavaDoc groupsIterator = unprocessedGroups.iterator();
111             while (groupsIterator.hasNext())
112             {
113                 String JavaDoc group = (String JavaDoc) groupsIterator.next();
114                     
115                 processedGroups.add(group);
116                 
117                 Property property = WebDAVHelper.propfind(m_repositoryRoot + "/roles/" + group, "DAV:", "group-member-set", m_httpState);
118                 
119                 if (property != null)
120                 {
121                     Element JavaDoc propertyContent = property.getElement();
122                     NodeList JavaDoc hrefs = propertyContent.getElementsByTagNameNS("DAV:", "href");
123                     for (int hrefIndex = 0; hrefIndex < hrefs.getLength(); hrefIndex += 1)
124                     {
125                         Element JavaDoc href = (Element JavaDoc) hrefs.item(hrefIndex);
126                         String JavaDoc memberUri = href.getFirstChild().getNodeValue();
127                         if (memberUri.startsWith(m_usersPath))
128                         {
129                             String JavaDoc userName = memberUri.substring(m_usersPath.length());
130                             users.add(userName);
131                         }
132                         else if (memberUri.startsWith(m_rolesPath))
133                         {
134                             String JavaDoc groupName = memberUri.substring(m_rolesPath.length());
135                             groups.add(groupName);
136                         }
137                     }
138                 }
139             }
140
141             unprocessedGroups = new HashSet JavaDoc(groups);
142             unprocessedGroups.removeAll(processedGroups);
143         }
144             
145         return users.iterator();
146     }
147     
148     public String JavaDoc getUserProperty(String JavaDoc userName, String JavaDoc propertyNamespace, String JavaDoc propertyName) throws IOException JavaDoc
149     {
150         Property property = WebDAVHelper.propfind(m_protocolHostAndPort + m_usersPath + userName, propertyNamespace, propertyName, m_httpState);
151         return property == null ? null : property.getPropertyAsString();
152     }
153     
154     private void retrieveUsersAndGroupsFromAcl(Set JavaDoc users, Set JavaDoc groups) throws IOException JavaDoc
155     {
156         Property property = WebDAVHelper.propfind(m_absoluteUri, "DAV:", "acl", m_httpState);
157         if (property != null && property instanceof AclProperty)
158         {
159             AclProperty aclProperty = (AclProperty) property;
160             Ace[] aces = aclProperty.getAces();
161             for (int aceIndex = 0; aceIndex < aces.length; aceIndex += 1)
162             {
163                 Ace ace = aces[aceIndex];
164                 if (!ace.isNegative())
165                 {
166                     String JavaDoc principal = ace.getPrincipal();
167                     if (!PRINCIPALS_TO_IGNORE.contains(principal))
168                     {
169                         Enumeration JavaDoc privilegesEnumeration = ace.enumeratePrivileges();
170                         while (privilegesEnumeration.hasMoreElements())
171                         {
172                             Privilege privilege = (Privilege) privilegesEnumeration.nextElement();
173                             if (privilege.getNamespace().equals(m_privilegeNamespace) && privilege.getName().equals(m_privilegeName))
174                             {
175                                 if (principal.startsWith(m_usersPath))
176                                 {
177                                     users.add(principal.substring(m_usersPath.length()));
178                                 }
179                                 else if (principal.startsWith(m_rolesPath))
180                                 {
181                                     groups.add(principal.substring(m_rolesPath.length()));
182                                 }
183                             }
184                         }
185                     }
186                 }
187             }
188         }
189     }
190
191     private static String JavaDoc stripProtocol(String JavaDoc string)
192     {
193         String JavaDoc result;
194         
195         if (string.startsWith("http://"))
196         {
197             result = string.substring("http://".length());
198         }
199         else if (string.startsWith("webdav://"))
200         {
201             result = string.substring("webdav://".length());
202         }
203         else
204         {
205             result = string;
206         }
207
208         return result;
209     }
210
211     private static String JavaDoc stripTrailingSlashes(String JavaDoc string)
212     {
213         while (string.endsWith("/"))
214         {
215             string = string.substring(0, string.length() - 1);
216         }
217
218         return string;
219     }
220     
221     private static String JavaDoc stripPrecedingSlashes(String JavaDoc string)
222     {
223         while (string.startsWith("/"))
224         {
225             string = string.substring(1);
226         }
227
228         return string;
229     }
230 }
231
Popular Tags