KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > alfresco > web > ui > repo > component > evaluator > PermissionEvaluator


1 /*
2  * Copyright (C) 2005 Alfresco, Inc.
3  *
4  * Licensed under the Mozilla Public License version 1.1
5  * with a permitted attribution clause. You may obtain a
6  * copy of the License at
7  *
8  * http://www.alfresco.org/legal/license.txt
9  *
10  * Unless required by applicable law or agreed to in writing,
11  * software distributed under the License is distributed on an
12  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
13  * either express or implied. See the License for the specific
14  * language governing permissions and limitations under the
15  * License.
16  */
17 package org.alfresco.web.ui.repo.component.evaluator;
18
19 import java.util.StringTokenizer JavaDoc;
20
21 import javax.faces.context.FacesContext;
22 import javax.faces.el.ValueBinding;
23
24 import org.alfresco.service.cmr.repository.NodeRef;
25 import org.alfresco.service.cmr.security.AccessStatus;
26 import org.alfresco.service.cmr.security.PermissionService;
27 import org.alfresco.web.bean.repository.Node;
28 import org.alfresco.web.bean.repository.Repository;
29 import org.alfresco.web.ui.common.component.evaluator.BaseEvaluator;
30
31 /**
32  * Evaulator for returning whether a Node is Allowed/Denied a list of permissions
33  *
34  * @author Kevin Roast
35  */
36 public class PermissionEvaluator extends BaseEvaluator
37 {
38    /**
39     * Evaluate against the component attributes. Return true to allow the inner
40     * components to render, false to hide them during rendering.
41     *
42     * IN: Value - either a Node (preferred) or NodeRef to test
43     * Allow - Permission(s) (comma separated) to test against
44     * Deny - Permission(s) (comma separated) to test against
45     *
46     * @return true to allow rendering of child components, false otherwise
47     */
48    public boolean evaluate()
49    {
50       boolean result = false;
51       
52       // TODO: implement Deny permissions checking (as required...)
53
54       try
55       {
56          Object JavaDoc obj = getValue();
57          if (obj instanceof Node)
58          {
59             // used the cached permissions checks in the Node instance
60 // this means multiple calls to evaluators don't need to keep calling services
61 // and permissions on a Node shouldn't realistically change over the life of an instance
62 String JavaDoc[] allow = getAllowPermissions();
63             if (allow.length != 0)
64             {
65                result = true;
66                for (int i=0; i<allow.length; i++)
67                {
68                   result = result & ((Node)obj).hasPermission(allow[i]);
69                }
70             }
71          }
72          else if (obj instanceof NodeRef)
73          {
74             // perform the check for permissions here against NodeRef using service
75 PermissionService service = Repository.getServiceRegistry(getFacesContext()).getPermissionService();
76             String JavaDoc[] allow = getAllowPermissions();
77             if (allow.length != 0)
78             {
79                result = true;
80                for (int i=0; i<allow.length; i++)
81                {
82                   result = result & (AccessStatus.ALLOWED == service.hasPermission(((NodeRef)obj), allow[i]));
83                }
84             }
85          }
86       }
87       catch (Exception JavaDoc err)
88       {
89          // return default value on error
90 s_logger.debug("Error during PermissionEvaluator evaluation: " + err.getMessage());
91       }
92       
93       return result;
94    }
95    
96    /**
97     * @see javax.faces.component.StateHolder#restoreState(javax.faces.context.FacesContext, java.lang.Object)
98     */
99    public void restoreState(FacesContext context, Object JavaDoc state)
100    {
101       Object JavaDoc values[] = (Object JavaDoc[])state;
102       // standard component attributes are restored by the super class
103 super.restoreState(context, values[0]);
104       this.allow = (String JavaDoc)values[1];
105       this.deny = (String JavaDoc)values[2];
106    }
107    
108    /**
109     * @see javax.faces.component.StateHolder#saveState(javax.faces.context.FacesContext)
110     */
111    public Object JavaDoc saveState(FacesContext context)
112    {
113       Object JavaDoc values[] = new Object JavaDoc[3];
114       // standard component attributes are saved by the super class
115 values[0] = super.saveState(context);
116       values[1] = this.allow;
117       values[2] = this.deny;
118       return (values);
119    }
120    
121    /**
122     * @return the array of Allow permissions
123     */
124    private String JavaDoc[] getAllowPermissions()
125    {
126       String JavaDoc[] allowPermissions;
127       
128       String JavaDoc allow = getAllow();
129       if (allow != null)
130       {
131          if (allow.indexOf(',') == -1)
132          {
133             // simple case - one permission
134 allowPermissions = new String JavaDoc[1];
135             allowPermissions[0] = allow;
136          }
137          else
138          {
139             // complex case - multiple permissions
140 StringTokenizer JavaDoc t = new StringTokenizer JavaDoc(allow, ",");
141             allowPermissions = new String JavaDoc[t.countTokens()];
142             for (int i=0; i<allowPermissions.length; i++)
143             {
144                allowPermissions[i] = t.nextToken();
145             }
146          }
147       }
148       else
149       {
150          allowPermissions = new String JavaDoc[0];
151       }
152       
153       return allowPermissions;
154    }
155    
156    /**
157     * Get the allow permissions to match value against
158     *
159     * @return the allow permissions to match value against
160     */
161    public String JavaDoc getAllow()
162    {
163       ValueBinding vb = getValueBinding("allow");
164       if (vb != null)
165       {
166          this.allow = (String JavaDoc)vb.getValue(getFacesContext());
167       }
168       
169       return this.allow;
170    }
171    
172    /**
173     * Set the allow permissions to match value against
174     *
175     * @param allow allow permissions to match value against
176     */
177    public void setAllow(String JavaDoc allow)
178    {
179       this.allow = allow;
180    }
181    
182    /**
183     * Get the deny permissions to match value against
184     *
185     * @return the deny permissions to match value against
186     */
187    public String JavaDoc getDeny()
188    {
189       ValueBinding vb = getValueBinding("deny");
190       if (vb != null)
191       {
192          this.deny = (String JavaDoc)vb.getValue(getFacesContext());
193       }
194       
195       return this.deny;
196    }
197    
198    /**
199     * Set the deny permissions to match value against
200     *
201     * @param deny deny permissions to match value against
202     */
203    public void setDeny(String JavaDoc deny)
204    {
205       this.deny = deny;
206    }
207    
208    
209    /** the deny permissions to match value against */
210    private String JavaDoc deny = null;
211    
212    /** the allow permissions to match value against */
213    private String JavaDoc allow = null;
214 }
215
Popular Tags