KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > fulcrum > security > impl > TurbineAccessControlList


1 package org.apache.fulcrum.security.impl;
2
3 /* ====================================================================
4  * The Apache Software License, Version 1.1
5  *
6  * Copyright (c) 2001 The Apache Software Foundation. All rights
7  * reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * 1. Redistributions of source code must retain the above copyright
14  * notice, this list of conditions and the following disclaimer.
15  *
16  * 2. Redistributions in binary form must reproduce the above copyright
17  * notice, this list of conditions and the following disclaimer in
18  * the documentation and/or other materials provided with the
19  * distribution.
20  *
21  * 3. The end-user documentation included with the redistribution,
22  * if any, must include the following acknowledgment:
23  * "This product includes software developed by the
24  * Apache Software Foundation (http://www.apache.org/)."
25  * Alternately, this acknowledgment may appear in the software itself,
26  * if and wherever such third-party acknowledgments normally appear.
27  *
28  * 4. The names "Apache" and "Apache Software Foundation" and
29  * "Apache Turbine" must not be used to endorse or promote products
30  * derived from this software without prior written permission. For
31  * written permission, please contact apache@apache.org.
32  *
33  * 5. Products derived from this software may not be called "Apache",
34  * "Apache Turbine", nor may "Apache" appear in their name, without
35  * prior written permission of the Apache Software Foundation.
36  *
37  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40  * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48  * SUCH DAMAGE.
49  * ====================================================================
50  *
51  * This software consists of voluntary contributions made by many
52  * individuals on behalf of the Apache Software Foundation. For more
53  * information on the Apache Software Foundation, please see
54  * <http://www.apache.org/>.
55  */
56
57 import java.util.Map JavaDoc;
58 import java.util.Iterator JavaDoc;
59
60 import org.apache.fulcrum.security.TurbineSecurity;
61
62 import org.apache.fulcrum.security.entity.Group;
63 import org.apache.fulcrum.security.entity.Permission;
64 import org.apache.fulcrum.security.entity.Role;
65
66 import org.apache.fulcrum.security.util.AccessControlList;
67 import org.apache.fulcrum.security.util.GroupSet;
68 import org.apache.fulcrum.security.util.PermissionSet;
69 import org.apache.fulcrum.security.util.RoleSet;
70 import org.apache.fulcrum.security.util.TurbineSecurityException;
71
72 /**
73  * This is a control class that makes it easy to find out if a
74  * particular User has a given Permission. It also determines if a
75  * User has a a particular Role.
76  *
77  * @author <a HREF="mailto:jmcnally@collab.net">John D. McNally</a>
78  * @author <a HREF="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
79  * @author <a HREF="mailto:greg@shwoop.com">Greg Ritter</a>
80  * @author <a HREF="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
81  * @author <a HREF="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
82  * @author <a HREF="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
83  * @version $Id: TurbineAccessControlList.java,v 1.1 2004/11/12 10:26:14 epugh Exp $
84  */
85 public class TurbineAccessControlList
86     implements AccessControlList
87 {
88     /** The sets of roles that the user has in different groups */
89     private Map JavaDoc roleSets;
90
91     /** The sets of permissions that the user has in different groups */
92     private Map JavaDoc permissionSets;
93
94     /** The name of this ACL. Needed for the SecurityEntity Interface */
95     private String JavaDoc name;
96
97     /**
98      * Constructs a new AccessControlList.
99      *
100      * This class follows 'immutable' pattern - it's objects can't be modified
101      * once they are created. This means that the permissions the users have are
102      * in effect form the moment they log in to the moment they log out, and
103      * changes made to the security settings in that time are not reflected
104      * in the state of this object. If you need to reset an user's permissions
105      * you need to invalidate his session. <br>
106      * The objects that constructs an AccessControlList must supply hashtables
107      * of role/permission sets keyed with group objects. <br>
108      *
109      * @param roleSets a hashtable containing RoleSet objects keyed with Group objects
110      * @param permissionSets a hashtable containing PermissionSet objects keyed with Group objects
111      */
112     public TurbineAccessControlList(Map JavaDoc roleSets, Map JavaDoc permissionSets)
113     {
114         this.roleSets = roleSets;
115         this.permissionSets = permissionSets;
116     }
117
118     /**
119      * Returns the name of this ACL.
120      *
121      * @return The ACL Name
122      *
123      */
124     public String JavaDoc getName()
125     {
126         return this.name;
127     }
128
129     /**
130      * Sets the name of this ACL.
131      *
132      * @param name The new ACL name.
133      *
134      */
135     public void setName(String JavaDoc name)
136     {
137         this.name = name;
138     }
139
140     /**
141      * Retrieves a set of Roles an user is assigned in a Group.
142      *
143      * @param group the Group
144      * @return the set of Roles this user has within the Group.
145      */
146     public RoleSet getRoles(Group group)
147     {
148         if (group == null)
149         {
150             return null;
151         }
152         return (RoleSet) roleSets.get(group);
153     }
154
155     /**
156      * Retrieves a set of Roles an user is assigned in the global Group.
157      *
158      * @return the set of Roles this user has within the global Group.
159      */
160     public RoleSet getRoles()
161     {
162         return getRoles(TurbineSecurity.getGlobalGroup());
163     }
164
165     /**
166      * Retrieves a set of Permissions an user is assigned in a Group.
167      *
168      * @param group the Group
169      * @return the set of Permissions this user has within the Group.
170      */
171     public PermissionSet getPermissions(Group group)
172     {
173         if (group == null)
174         {
175             return null;
176         }
177         return (PermissionSet) permissionSets.get(group);
178     }
179
180     /**
181      * Retrieves a set of Permissions an user is assigned in the global Group.
182      *
183      * @return the set of Permissions this user has within the global Group.
184      */
185     public PermissionSet getPermissions()
186     {
187         return getPermissions(TurbineSecurity.getGlobalGroup());
188     }
189
190     /**
191      * Checks if the user is assigned a specific Role in the Group.
192      *
193      * @param role the Role
194      * @param group the Group
195      * @return <code>true</code> if the user is assigned the Role in the Group.
196      */
197     public boolean hasRole(Role role, Group group)
198     {
199         RoleSet set = getRoles(group);
200         if (set == null || role == null)
201         {
202             return false;
203         }
204         return set.contains(role);
205     }
206
207     /**
208      * Checks if the user is assigned a specific Role in any of the given
209      * Groups
210      *
211      * @param role the Role
212      * @param groupset a Groupset
213      * @return <code>true</code> if the user is assigned the Role in any of
214      * the given Groups.
215      */
216     public boolean hasRole(Role role, GroupSet groupset)
217     {
218         if (role == null)
219         {
220             return false;
221         }
222         Iterator JavaDoc groups = groupset.elements();
223         while (groups.hasNext())
224         {
225             Group group = (Group) groups.next();
226             RoleSet roles = getRoles(group);
227             if (roles != null)
228             {
229                 if (roles.contains(role))
230                 {
231                     return true;
232                 }
233             }
234         }
235         return false;
236     }
237
238     /**
239      * Checks if the user is assigned a specific Role in the Group.
240      *
241      * @param role the Role
242      * @param group the Group
243      * @return <code>true</code> if the user is assigned the Role in the Group.
244      */
245     public boolean hasRole(String JavaDoc role, String JavaDoc group)
246     {
247         try
248         {
249             return hasRole(TurbineSecurity.getRole(role), TurbineSecurity.getGroup(group));
250         }
251         catch (Exception JavaDoc e)
252         {
253             return false;
254         }
255     }
256
257     /**
258      * Checks if the user is assigned a specifie Role in any of the given
259      * Groups
260      *
261      * @param rolename the name of the Role
262      * @param groupset a Groupset
263      * @return <code>true</code> if the user is assigned the Role in any of
264      * the given Groups.
265      */
266     public boolean hasRole(String JavaDoc rolename, GroupSet groupset)
267     {
268         Role role;
269         try
270         {
271             role = TurbineSecurity.getRole(rolename);
272         }
273         catch (TurbineSecurityException e)
274         {
275             return false;
276         }
277         if (role == null)
278         {
279             return false;
280         }
281         Iterator JavaDoc groups = groupset.elements();
282         while (groups.hasNext())
283         {
284             Group group = (Group) groups.next();
285             RoleSet roles = getRoles(group);
286             if (roles != null)
287             {
288                 if (roles.contains(role))
289                 {
290                     return true;
291                 }
292             }
293         }
294         return false;
295     }
296
297     /**
298      * Checks if the user is assigned a specific Role in the global Group.
299      *
300      * @param role the Role
301      * @return <code>true</code> if the user is assigned the Role in the global Group.
302      */
303     public boolean hasRole(Role role)
304     {
305         return hasRole(role, TurbineSecurity.getGlobalGroup());
306     }
307
308     /**
309      * Checks if the user is assigned a specific Role in the global Group.
310      *
311      * @param role the Role
312      * @return <code>true</code> if the user is assigned the Role in the global Group.
313      */
314     public boolean hasRole(String JavaDoc role)
315     {
316         try
317         {
318             return hasRole(TurbineSecurity.getRole(role));
319         }
320         catch (Exception JavaDoc e)
321         {
322             return false;
323         }
324     }
325
326     /**
327      * Checks if the user is assigned a specific Permission in the Group.
328      *
329      * @param permission the Permission
330      * @param group the Group
331      * @return <code>true</code> if the user is assigned the Permission in the Group.
332      */
333     public boolean hasPermission(Permission permission, Group group)
334     {
335         PermissionSet set = getPermissions(group);
336         if (set == null || permission == null)
337         {
338             return false;
339         }
340         return set.contains(permission);
341     }
342
343     /**
344      * Checks if the user is assigned a specific Permission in any of the given
345      * Groups
346      *
347      * @param permission the Permission
348      * @param groupset a Groupset
349      * @return <code>true</code> if the user is assigned the Permission in any
350      * of the given Groups.
351      */
352     public boolean hasPermission(Permission permission, GroupSet groupset)
353     {
354         if (permission == null)
355         {
356             return false;
357         }
358         Iterator JavaDoc groups = groupset.elements();
359         while (groups.hasNext())
360         {
361             Group group = (Group) groups.next();
362             PermissionSet permissions = getPermissions(group);
363             if (permissions != null)
364             {
365                 if (permissions.contains(permission))
366                 {
367                     return true;
368                 }
369             }
370         }
371         return false;
372     }
373
374     /**
375      * Checks if the user is assigned a specific Permission in the Group.
376      *
377      * @param permission the Permission
378      * @param group the Group
379      * @return <code>true</code> if the user is assigned the Permission in the Group.
380      */
381     public boolean hasPermission(String JavaDoc permission, String JavaDoc group)
382     {
383         try
384         {
385             return hasPermission(TurbineSecurity.getPermission(permission),
386                                  TurbineSecurity.getGroup(group));
387         }
388         catch (Exception JavaDoc e)
389         {
390             return false;
391         }
392     }
393
394     /**
395      * Checks if the user is assigned a specific Permission in the Group.
396      *
397      * @param permission the Permission
398      * @param group the Group
399      * @return <code>true</code> if the user is assigned the Permission in the Group.
400      */
401     public boolean hasPermission(String JavaDoc permission, Group group)
402     {
403         try
404         {
405             return hasPermission(
406                 TurbineSecurity.getPermission(permission), group);
407         }
408         catch (Exception JavaDoc e)
409         {
410             return false;
411         }
412     }
413
414     /**
415      * Checks if the user is assigned a specifie Permission in any of the given
416      * Groups
417      *
418      * @param permissionName the name of the Permission
419      * @param groupset a Groupset
420      * @return <code>true</code> if the user is assigned the Permission in any
421      * of the given Groups.
422      */
423     public boolean hasPermission(String JavaDoc permissionName, GroupSet groupset)
424     {
425         Permission permission;
426         try
427         {
428             permission = TurbineSecurity.getPermission(permissionName);
429         }
430         catch (TurbineSecurityException e)
431         {
432             return false;
433         }
434         if (permission == null)
435         {
436             return false;
437         }
438         Iterator JavaDoc groups = groupset.elements();
439         while (groups.hasNext())
440         {
441             Group group = (Group) groups.next();
442             PermissionSet permissions = getPermissions(group);
443             if (permissions != null)
444             {
445                 if (permissions.contains(permission))
446                 {
447                     return true;
448                 }
449             }
450         }
451         return false;
452     }
453
454     /**
455      * Checks if the user is assigned a specific Permission in the global Group.
456      *
457      * @param permission the Permission
458      * @return <code>true</code> if the user is assigned the Permission in the global Group.
459      */
460     public boolean hasPermission(Permission permission)
461     {
462         return hasPermission(permission, TurbineSecurity.getGlobalGroup());
463     }
464
465     /**
466      * Checks if the user is assigned a specific Permission in the global Group.
467      *
468      * @param permission the Permission
469      * @return <code>true</code> if the user is assigned the Permission in the global Group.
470      */
471     public boolean hasPermission(String JavaDoc permission)
472     {
473         try
474         {
475             return hasPermission(TurbineSecurity.getPermission(permission));
476         }
477         catch (Exception JavaDoc e)
478         {
479             return false;
480         }
481     }
482
483     /**
484      * Returns all groups definded in the system.
485      *
486      * This is useful for debugging, when you want to display all roles
487      * and permissions an user is assingned. This method is needed
488      * because you can't call static methods of TurbineSecurity class
489      * from within WebMacro/Velocity template
490      *
491      * @return A Group [] of all groups in the system.
492      */
493     public Group[] getAllGroups()
494     {
495         try
496         {
497             return TurbineSecurity.getAllGroups().getGroupsArray();
498         }
499         catch (TurbineSecurityException e)
500         {
501             return new Group[0];
502         }
503     }
504 }
505
Popular Tags