KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > lenya > ac > file > FilePolicyManager


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17
18 /* $Id: FilePolicyManager.java 169196 2005-05-09 00:02:50Z gregor $ */
19
20 package org.apache.lenya.ac.file;
21
22 import java.io.File JavaDoc;
23 import java.io.FileFilter JavaDoc;
24 import java.io.FileInputStream JavaDoc;
25 import java.io.InputStream JavaDoc;
26 import java.net.URI JavaDoc;
27 import java.util.ArrayList JavaDoc;
28 import java.util.List JavaDoc;
29
30 import org.apache.avalon.framework.activity.Disposable;
31 import org.apache.avalon.framework.logger.AbstractLogEnabled;
32 import org.apache.avalon.framework.parameters.ParameterException;
33 import org.apache.avalon.framework.parameters.Parameterizable;
34 import org.apache.avalon.framework.parameters.Parameters;
35 import org.apache.avalon.framework.service.ServiceException;
36 import org.apache.avalon.framework.service.ServiceManager;
37 import org.apache.avalon.framework.service.Serviceable;
38 import org.apache.cocoon.util.NetUtils;
39 import org.apache.excalibur.source.Source;
40 import org.apache.excalibur.source.SourceResolver;
41 import org.apache.lenya.ac.AccessControlException;
42 import org.apache.lenya.ac.Accreditable;
43 import org.apache.lenya.ac.AccreditableManager;
44 import org.apache.lenya.ac.Policy;
45 import org.apache.lenya.ac.Role;
46 import org.apache.lenya.ac.User;
47 import org.apache.lenya.ac.cache.CachingException;
48 import org.apache.lenya.ac.cache.SourceCache;
49 import org.apache.lenya.ac.impl.Credential;
50 import org.apache.lenya.ac.impl.DefaultPolicy;
51 import org.apache.lenya.ac.impl.InheritingPolicyManager;
52 import org.apache.lenya.ac.impl.PolicyBuilder;
53 import org.apache.lenya.ac.impl.RemovedAccreditablePolicyBuilder;
54 import org.apache.lenya.ac.impl.URLPolicy;
55 import org.apache.lenya.xml.DocumentHelper;
56 import org.w3c.dom.Document JavaDoc;
57
58 /**
59  * A PolicyBuilder is used to build policies.
60  */
61 public class FilePolicyManager extends AbstractLogEnabled implements InheritingPolicyManager,
62         Parameterizable, Disposable, Serviceable {
63
64     /**
65      * Creates a new FilePolicyManager.
66      */
67     public FilePolicyManager() {
68     }
69
70     /**
71      * Returns the source cache.
72      *
73      * @return A source cache.
74      */
75     protected SourceCache getCache() {
76         return cache;
77     }
78
79     private SourceCache cache;
80
81     protected static final String JavaDoc URL_FILENAME = "url-policy.acml";
82     protected static final String JavaDoc SUBTREE_FILENAME = "subtree-policy.acml";
83     protected static final String JavaDoc USER_ADMIN_URL = "/admin/users/";
84
85     /**
86      * Builds the URL policy for a URL from a file. When the file is not present, an empty policy is
87      * returned.
88      *
89      * @param controller The access controller to use.
90      * @param url The URL inside the web application.
91      * @return A policy.
92      * @throws AccessControlException when something went wrong.
93      */
94     public DefaultPolicy buildURLPolicy(AccreditableManager controller, String JavaDoc url)
95             throws AccessControlException {
96         return buildPolicy(controller, url, URL_FILENAME);
97     }
98
99     /**
100      * Builds a subtree policy from a file. When the file is not present, an empty policy is
101      * returned.
102      *
103      * @param controller The access controller to use.
104      * @param url The URL inside the web application.
105      * @return A policy.
106      * @throws AccessControlException when something went wrong.
107      */
108     public DefaultPolicy buildSubtreePolicy(AccreditableManager controller, String JavaDoc url)
109             throws AccessControlException {
110         return buildPolicy(controller, url, SUBTREE_FILENAME);
111     }
112
113     /**
114      * Builds a policy from a file. When the file is not present, an empty policy is returned.
115      *
116      * @param controller The access controller to use.
117      * @param url The url.
118      * @param policyFilename The policy filename.
119      * @return A policy.
120      * @throws AccessControlException when something went wrong.
121      */
122     protected DefaultPolicy buildPolicy(AccreditableManager controller, String JavaDoc url,
123             String JavaDoc policyFilename) throws AccessControlException {
124
125         if (getLogger().isDebugEnabled()) {
126             getLogger().debug("Building policy for URL [" + url + "]");
127         }
128
129         DefaultPolicy policy = null;
130
131         String JavaDoc policyUri = getPolicySourceURI(url, policyFilename);
132         if (getLogger().isDebugEnabled()) {
133             getLogger().debug("Policy source URI resolved to: " + policyUri);
134         }
135
136         try {
137             PolicyBuilder builder = new PolicyBuilder(controller);
138             policy = (DefaultPolicy) getCache().get(policyUri, builder);
139         } catch (CachingException e) {
140             throw new AccessControlException(e);
141         }
142
143         if (getLogger().isDebugEnabled()) {
144             getLogger().debug("Policy exists: [" + (policy != null) + "]");
145         }
146
147         if (policy == null) {
148             policy = new DefaultPolicy();
149         }
150         return policy;
151     }
152
153     /**
154      * Returns the policy file URI for a URL and a policy filename.
155      *
156      * @param url The url to get the file for.
157      * @param policyFilename The name of the policy file.
158      * @return A String.
159      *
160      * @throws AccessControlException if an error occurs
161      */
162     protected String JavaDoc getPolicySourceURI(String JavaDoc url, String JavaDoc policyFilename)
163             throws AccessControlException {
164         if (url.startsWith("/")) {
165             url = url.substring(1);
166         }
167
168         File JavaDoc policyFile = new File JavaDoc(getPoliciesDirectory(), url + File.separator + policyFilename);
169         String JavaDoc policyUri = policyFile.toURI().toString();
170         if (getLogger().isDebugEnabled()) {
171             getLogger().debug("Computing policy URI [" + policyUri + "]");
172         }
173         return policyUri;
174     }
175
176     /**
177      * Returns the policy file for a certain URL.
178      *
179      * @param url The URL to get the policy for.
180      * @param policyFilename The policy filename.
181      * @return A file.
182      * @throws AccessControlException when an error occurs.
183      */
184     protected File JavaDoc getPolicyFile(String JavaDoc url, String JavaDoc policyFilename) throws AccessControlException {
185         String JavaDoc fileUri = getPolicySourceURI(url, policyFilename);
186         File JavaDoc file;
187         try {
188             file = new File JavaDoc(new URI JavaDoc(NetUtils.encodePath(fileUri)));
189         } catch (final Exception JavaDoc e) {
190             throw new AccessControlException(e);
191         }
192         return file;
193     }
194
195     /**
196      * Saves a URL policy.
197      *
198      * @param url The URL to save the policy for.
199      * @param policy The policy to save.
200      * @throws AccessControlException when something went wrong.
201      */
202     public void saveURLPolicy(String JavaDoc url, DefaultPolicy policy) throws AccessControlException {
203         getLogger().debug("Saving URL policy for URL [" + url + "]");
204         savePolicy(url, policy, URL_FILENAME);
205     }
206
207     /**
208      * Saves a Subtree policy.
209      *
210      * @param url The url to save the policy for.
211      * @param policy The policy to save.
212      * @throws AccessControlException when something went wrong.
213      */
214     public void saveSubtreePolicy(String JavaDoc url, DefaultPolicy policy) throws AccessControlException {
215         getLogger().debug("Saving subtree policy for URL [" + url + "]");
216         savePolicy(url, policy, SUBTREE_FILENAME);
217     }
218
219     /**
220      * Saves a policy to a file.
221      *
222      * @param url The URL to save the policy for.
223      * @param policy The policy.
224      * @param filename The file.
225      * @throws AccessControlException if something goes wrong.
226      */
227     protected void savePolicy(String JavaDoc url, DefaultPolicy policy, String JavaDoc filename)
228             throws AccessControlException {
229
230         File JavaDoc file = getPolicyFile(url, filename);
231         savePolicy(policy, file);
232     }
233
234     /**
235      * Saves a policy to a file.
236      *
237      * @param policy The policy to save.
238      * @param file The file.
239      * @throws AccessControlException when an error occurs.
240      */
241     protected void savePolicy(DefaultPolicy policy, File JavaDoc file) throws AccessControlException {
242         Document JavaDoc document = PolicyBuilder.savePolicy(policy);
243
244         try {
245             if (!file.exists()) {
246                 file.getParentFile().mkdirs();
247                 if (!file.createNewFile()) {
248                     throw new AccessControlException("File [" + file + "] could not be created.");
249                 }
250             }
251             DocumentHelper.writeDocument(document, file);
252         } catch (AccessControlException e) {
253             throw e;
254         } catch (Exception JavaDoc e) {
255             throw new AccessControlException("Path: [" + file.getAbsolutePath() + "]", e);
256         }
257     }
258
259     /**
260      * @see org.apache.lenya.ac.PolicyManager#getPolicy(org.apache.lenya.ac.AccreditableManager,
261      * java.lang.String)
262      */
263     public Policy getPolicy(AccreditableManager controller, String JavaDoc url)
264             throws AccessControlException {
265
266         return new URLPolicy(controller, url, this);
267     }
268
269     protected static final String JavaDoc DIRECTORY_PARAMETER = "directory";
270
271     private String JavaDoc policiesDirectoryUri;
272     private File JavaDoc policiesDirectory;
273
274     /**
275      * @see org.apache.avalon.framework.parameters.Parameterizable#parameterize(org.apache.avalon.framework.parameters.Parameters)
276      */
277     public void parameterize(Parameters parameters) throws ParameterException {
278         if (parameters.isParameter(DIRECTORY_PARAMETER)) {
279             policiesDirectoryUri = parameters.getParameter(DIRECTORY_PARAMETER);
280             if (getLogger().isDebugEnabled()) {
281                 getLogger().debug("Policies directory URI: " + policiesDirectoryUri);
282             }
283         }
284     }
285
286     /**
287      * Get the path to the policies directory.
288      *
289      * @return the path to the policies directory
290      *
291      * @throws AccessControlException if an error occurs
292      */
293     public File JavaDoc getPoliciesDirectory() throws AccessControlException {
294
295         if (policiesDirectory == null) {
296             SourceResolver resolver = null;
297             Source source = null;
298             File JavaDoc directory;
299
300             try {
301                 resolver = (SourceResolver) getServiceManager().lookup(SourceResolver.ROLE);
302                 source = resolver.resolveURI(policiesDirectoryUri);
303                 getLogger().debug("Policies directory source: [" + source.getURI() + "]");
304                 directory = new File JavaDoc(new URI JavaDoc(NetUtils.encodePath(source.getURI())));
305             } catch (final Exception JavaDoc e) {
306                 throw new AccessControlException("Resolving policies directory failed: ", e);
307             } finally {
308                 if (resolver != null) {
309                     if (source != null) {
310                         resolver.release(source);
311                     }
312                     getServiceManager().release(resolver);
313                 }
314             }
315
316             getLogger().debug(
317                     "Policies directory resolved to [" + directory.getAbsolutePath() + "]");
318             setPoliciesDirectory(directory);
319         }
320
321         return policiesDirectory;
322     }
323
324     /**
325      * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
326      */
327     public void service(ServiceManager manager) throws ServiceException {
328         this.serviceManager = manager;
329         this.cache = (SourceCache) manager.lookup(SourceCache.ROLE);
330     }
331
332     /**
333      * Sets the policies directory.
334      *
335      * @param directory The directory.
336      *
337      * @throws AccessControlException if the directory is not a directory
338      */
339     public void setPoliciesDirectory(File JavaDoc directory) throws AccessControlException {
340         getLogger().debug("Setting policies directory [" + directory.getAbsolutePath() + "]");
341         if (!directory.isDirectory()) {
342             throw new AccessControlException("Policies directory invalid: ["
343                     + directory.getAbsolutePath() + "]");
344         }
345         policiesDirectory = directory;
346     }
347
348     /**
349      * @see org.apache.lenya.ac.impl.InheritingPolicyManager#getPolicies(org.apache.lenya.ac.AccreditableManager,
350      * java.lang.String)
351      */
352     public DefaultPolicy[] getPolicies(AccreditableManager controller, String JavaDoc url)
353             throws AccessControlException {
354
355         List JavaDoc policies = new ArrayList JavaDoc();
356
357         Policy policy = buildURLPolicy(controller, url);
358         policies.add(policy);
359
360         String JavaDoc[] directories = url.split("/");
361         url = "";
362
363         for (int i = 0; i < directories.length; i++) {
364             url += directories[i] + "/";
365             policy = buildSubtreePolicy(controller, url);
366             policies.add(policy);
367         }
368
369         return (DefaultPolicy[]) policies.toArray(new DefaultPolicy[policies.size()]);
370     }
371
372     /**
373      * @see org.apache.avalon.framework.activity.Disposable#dispose()
374      */
375     public void dispose() {
376
377         if (getCache() != null) {
378             getServiceManager().release(getCache());
379         }
380
381         if (getLogger().isDebugEnabled()) {
382             getLogger().debug("Disposing [" + this + "]");
383         }
384     }
385
386     /**
387      * Removes an accreditable from all policies within a certain directory tree.
388      *
389      * @param manager The accreditable manager which owns the accreditable.
390      * @param accreditable The accreditable to remove.
391      * @param policyDirectory The directory where the policies are located.
392      * @throws AccessControlException when an error occurs.
393      */
394     protected void removeAccreditable(AccreditableManager manager, Accreditable accreditable,
395             File JavaDoc policyDirectory) throws AccessControlException {
396
397         File JavaDoc[] policyFiles = policyDirectory.listFiles(new FileFilter JavaDoc() {
398             public boolean accept(File JavaDoc file) {
399                 return file.getName().equals(SUBTREE_FILENAME)
400                         || file.getName().equals(URL_FILENAME);
401             }
402         });
403
404         try {
405             RemovedAccreditablePolicyBuilder builder = new RemovedAccreditablePolicyBuilder(manager);
406             builder.setRemovedAccreditable(accreditable);
407             for (int i = 0; i < policyFiles.length; i++) {
408
409                 if (getLogger().isDebugEnabled()) {
410                     getLogger().debug("Removing roles");
411                     getLogger().debug(" Accreditable: [" + accreditable + "]");
412                     getLogger().debug(
413                             " File: [" + policyFiles[i].getAbsolutePath() + "]");
414                 }
415
416                 InputStream JavaDoc stream = new FileInputStream JavaDoc(policyFiles[i]);
417                 DefaultPolicy policy = builder.buildPolicy(stream);
418                 policy.removeRoles(accreditable);
419                 savePolicy(policy, policyFiles[i]);
420             }
421         } catch (Exception JavaDoc e) {
422             throw new AccessControlException(e);
423         }
424
425         File JavaDoc[] directories = policyDirectory.listFiles(new FileFilter JavaDoc() {
426             public boolean accept(File JavaDoc file) {
427                 return file.isDirectory();
428             }
429         });
430
431         for (int i = 0; i < directories.length; i++) {
432             removeAccreditable(manager, accreditable, directories[i]);
433         }
434
435     }
436
437     /**
438      * @see org.apache.lenya.ac.PolicyManager#accreditableRemoved(org.apache.lenya.ac.AccreditableManager,
439      * org.apache.lenya.ac.Accreditable)
440      */
441     public void accreditableRemoved(AccreditableManager manager, Accreditable accreditable)
442             throws AccessControlException {
443
444         if (getLogger().isDebugEnabled()) {
445             getLogger().debug("An accreditable was removed: [" + accreditable + "]");
446         }
447
448         removeAccreditable(manager, accreditable, getPoliciesDirectory());
449
450         if (accreditable instanceof User) {
451             Role role = URLPolicy.getAuthorRole(manager);
452             if (role != null) {
453                 String JavaDoc url = USER_ADMIN_URL + ((User) accreditable).getId() + ".html";
454                 DefaultPolicy policy = buildSubtreePolicy(manager, url);
455                 Credential credential = policy.getCredential(accreditable);
456                 if (credential != null && credential.contains(role)) {
457                     policy.removeRole(accreditable, role);
458                 }
459                 saveSubtreePolicy(url, policy);
460             }
461         }
462     }
463
464     private ServiceManager serviceManager;
465
466     /**
467      * Returns the service manager.
468      *
469      * @return A service manager.
470      */
471     protected ServiceManager getServiceManager() {
472         return serviceManager;
473     }
474
475     /**
476      * @see org.apache.lenya.ac.PolicyManager#accreditableAdded(org.apache.lenya.ac.AccreditableManager,
477      * org.apache.lenya.ac.Accreditable)
478      */
479     public void accreditableAdded(AccreditableManager manager, Accreditable accreditable)
480             throws AccessControlException {
481         if (accreditable instanceof User) {
482             Role role = URLPolicy.getAuthorRole(manager);
483             if (role != null) {
484                 String JavaDoc url = USER_ADMIN_URL + ((User) accreditable).getId() + ".html";
485                 DefaultPolicy policy = buildSubtreePolicy(manager, url);
486                 policy.addRole(accreditable, role);
487                 saveSubtreePolicy(url, policy);
488             }
489         }
490     }
491
492 }
Popular Tags