KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > lenya > cms > ac > cocoon > PolicyHelper


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17
18 /* $Id: PolicyHelper.java 42616 2004-03-03 12:56:33Z gregor $ */
19
20 package org.apache.lenya.cms.ac.cocoon;
21
22 import java.util.ArrayList JavaDoc;
23 import java.util.Iterator JavaDoc;
24 import java.util.List JavaDoc;
25 import java.util.Map JavaDoc;
26
27 import org.apache.avalon.framework.component.ComponentManager;
28 import org.apache.avalon.framework.component.ComponentSelector;
29 import org.apache.cocoon.ProcessingException;
30 import org.apache.lenya.ac.AccessControlException;
31 import org.apache.lenya.ac.AccessControllerResolver;
32 import org.apache.lenya.ac.Accreditable;
33 import org.apache.lenya.ac.AccreditableManager;
34 import org.apache.lenya.ac.Identity;
35 import org.apache.lenya.ac.Item;
36 import org.apache.lenya.ac.Policy;
37 import org.apache.lenya.ac.Role;
38 import org.apache.lenya.ac.User;
39 import org.apache.lenya.ac.UserManager;
40 import org.apache.lenya.ac.impl.Credential;
41 import org.apache.lenya.ac.impl.DefaultAccessController;
42 import org.apache.lenya.ac.impl.DefaultPolicy;
43 import org.apache.lenya.ac.impl.InheritingPolicyManager;
44 import org.apache.lenya.cms.publication.PageEnvelope;
45 import org.apache.lenya.cms.publication.PageEnvelopeException;
46 import org.apache.lenya.cms.publication.PageEnvelopeFactory;
47
48 /**
49  * Helper class for the policy GUI.
50  */
51 public class PolicyHelper {
52
53     /**
54      * Ctor.
55      */
56     public PolicyHelper() {
57     }
58
59     private DefaultAccessController accessController;
60     private ComponentSelector selector;
61     private AccessControllerResolver resolver;
62     private InheritingPolicyManager policyManager;
63     private ComponentManager manager;
64     private String JavaDoc url;
65
66     /**
67      * Initializes this helper.
68      * @param objectModel The Cocoon object model.
69      * @param manager The component manager.
70      * @param area The selected area.
71      * @throws ProcessingException when something went wrong.
72      */
73     public void setup(Map JavaDoc objectModel, ComponentManager manager, String JavaDoc area)
74         throws ProcessingException {
75
76         this.manager = manager;
77
78         accessController = null;
79         selector = null;
80         resolver = null;
81         policyManager = null;
82
83         url = computeUrl(objectModel, area);
84
85         try {
86             selector =
87                 (ComponentSelector) manager.lookup(AccessControllerResolver.ROLE + "Selector");
88             resolver =
89                 (AccessControllerResolver) selector.select(
90                     AccessControllerResolver.DEFAULT_RESOLVER);
91
92             accessController = (DefaultAccessController) resolver.resolveAccessController(url);
93
94             policyManager = (InheritingPolicyManager) accessController.getPolicyManager();
95         } catch (Exception JavaDoc e) {
96             throw new ProcessingException("Obtaining credentials failed: ", e);
97         }
98     }
99
100     /**
101      * Releases all obtained components.
102      */
103     public void tearDown() {
104         if (selector != null) {
105             if (resolver != null) {
106                 if (accessController != null) {
107                     resolver.release(accessController);
108                 }
109                 selector.release(resolver);
110             }
111             manager.release(selector);
112         }
113     }
114
115     /**
116      * Returns the URI credential wrappers for the request of this object model.
117      * @return An array of CredentialWrappers.
118      * @throws ProcessingException when something went wrong.
119      */
120     public CredentialWrapper[] getURICredentials() throws ProcessingException {
121         return getCredentials(true);
122     }
123
124     /**
125      * Returns the credential wrappers for the parent URI of the URL
126      * belonging to the request of this object model.
127      * @return An array of CredentialWrappers.
128      * @throws ProcessingException when something went wrong.
129      */
130     public CredentialWrapper[] getParentCredentials() throws ProcessingException {
131         return getCredentials(false);
132     }
133
134     /**
135      * Returns the credentials of the policy of the selected URL.
136      * @param urlOnly If true, the URL policy credentials are returned.
137      * If false, the credentials of all ancestor policies are returned.
138      * @return An array of CredentialWrappers.
139      * @throws ProcessingException when something went wrong.
140      */
141     public CredentialWrapper[] getCredentials(boolean urlOnly) throws ProcessingException {
142
143         List JavaDoc credentials = new ArrayList JavaDoc();
144
145         DefaultPolicy policies[] = getPolicies(urlOnly);
146         List JavaDoc policyCredentials = new ArrayList JavaDoc();
147         for (int i = 0; i < policies.length; i++) {
148             Credential[] creds = policies[i].getCredentials();
149             for (int j = 0; j < creds.length; j++) {
150                 policyCredentials.add(creds[j]);
151             }
152         }
153         for (Iterator JavaDoc i = policyCredentials.iterator(); i.hasNext();) {
154             Credential credential = (Credential) i.next();
155             Accreditable accreditable = credential.getAccreditable();
156             Role[] roles = credential.getRoles();
157             for (int j = 0; j < roles.length; j++) {
158                 credentials.add(new CredentialWrapper(accreditable, roles[j]));
159             }
160         }
161         return (CredentialWrapper[]) credentials.toArray(new CredentialWrapper[credentials.size()]);
162     }
163
164     /**
165      * Computes the webapp URL belonging to an object model with respect to the selected
166      * area.
167      * @param objectModel The Cocoon object model.
168      * @param area The selected area.
169      * @return A string.
170      * @throws ProcessingException when something went wrong.
171      */
172     private static String JavaDoc computeUrl(Map JavaDoc objectModel, String JavaDoc area) throws ProcessingException {
173         PageEnvelope envelope;
174         try {
175             envelope = PageEnvelopeFactory.getInstance().getPageEnvelope(objectModel);
176         } catch (PageEnvelopeException e) {
177             throw new ProcessingException(e);
178         }
179         String JavaDoc url =
180             "/" + envelope.getPublication().getId() + "/" + area + envelope.getDocument().getId();
181         return url;
182     }
183
184     /**
185      * Returns the policies for a certain URL.
186      * @param onlyUrl If true, only the URL policies are returned.
187      * Otherwise, all ancestor policies are returned.
188      * @return An array of DefaultPolicy objects.
189      * @throws ProcessingException when something went wrong.
190      */
191     protected DefaultPolicy[] getPolicies(boolean onlyUrl) throws ProcessingException {
192
193         DefaultPolicy[] policies;
194
195         try {
196             if (onlyUrl) {
197                 policies = new DefaultPolicy[1];
198                 AccreditableManager manager = accessController.getAccreditableManager();
199                 policies[0] = policyManager.buildSubtreePolicy(manager, url);
200             } else {
201                 String JavaDoc ancestorUrl = "";
202                 
203                 String JavaDoc currentUrl = url;
204                 if (currentUrl.endsWith("/")) {
205                     currentUrl = currentUrl.substring(0, currentUrl.length() - 1);
206                 }
207                 
208                 int lastSlashIndex = currentUrl.lastIndexOf("/");
209                 if (lastSlashIndex != -1) {
210                     ancestorUrl = currentUrl.substring(0, lastSlashIndex);
211                 }
212                 policies =
213                     policyManager.getPolicies(
214                         accessController.getAccreditableManager(),
215                         ancestorUrl);
216             }
217         } catch (AccessControlException e) {
218             throw new ProcessingException(e);
219         }
220
221         return policies;
222     }
223
224     public static final String JavaDoc ADD = "add";
225     public static final String JavaDoc DELETE = "delete";
226
227     /**
228      * Changes a credential by adding or deleting an item for a role.
229      * @param item The item to add or delete.
230      * @param role The role.
231      * @param operation The operation, either {@link #ADD} or {@link #DELETE}.
232      * @throws ProcessingException when something went wrong.
233      */
234     public void manipulateCredential(Item item, Role role, String JavaDoc operation)
235         throws ProcessingException {
236
237         try {
238             DefaultPolicy policy =
239                 policyManager.buildSubtreePolicy(accessController.getAccreditableManager(), url);
240             Accreditable accreditable = (Accreditable) item;
241
242             if (operation.equals(ADD)) {
243                 policy.addRole(accreditable, role);
244             } else if (operation.equals(DELETE)) {
245                 policy.removeRole(accreditable, role);
246             }
247
248             policyManager.saveSubtreePolicy(url, policy);
249
250         } catch (Exception JavaDoc e) {
251             throw new ProcessingException("Manipulating credential failed: ", e);
252         }
253     }
254
255     /**
256      * Returns if one of the ancestors of this URL is SSL protected.
257      * @return A boolean value.
258      * @throws ProcessingException when something went wrong.
259      */
260     public boolean isAncestorSSLProtected() throws ProcessingException {
261         boolean ssl;
262         try {
263             String JavaDoc ancestorUrl = "";
264             int lastSlashIndex = url.lastIndexOf("/");
265             if (lastSlashIndex != -1) {
266                 ancestorUrl = url.substring(0, lastSlashIndex);
267             }
268             Policy policy =
269                 policyManager.getPolicy(accessController.getAccreditableManager(), ancestorUrl);
270             ssl = policy.isSSLProtected();
271         } catch (AccessControlException e) {
272             throw new ProcessingException("Resolving policy failed: ", e);
273         }
274         return ssl;
275     }
276
277     /**
278      * Returns if this URL is SSL protected.
279      * @return A boolean value.
280      * @throws ProcessingException when something went wrong.
281      */
282     public boolean isUrlSSLProtected() throws ProcessingException {
283         boolean ssl;
284         try {
285             DefaultPolicy policy =
286                 policyManager.buildSubtreePolicy(accessController.getAccreditableManager(), url);
287             ssl = policy.isSSLProtected();
288         } catch (AccessControlException e) {
289             throw new ProcessingException("Resolving policy failed: ", e);
290         }
291         return ssl;
292     }
293
294     /**
295      * Sets if this URL is SSL protected.
296      * @param ssl A boolean value.
297      * @throws ProcessingException when something went wrong.
298      */
299     public void setUrlSSLProtected(boolean ssl) throws ProcessingException {
300         try {
301             DefaultPolicy policy =
302                 policyManager.buildSubtreePolicy(accessController.getAccreditableManager(), url);
303             policy.setSSL(ssl);
304             policyManager.saveSubtreePolicy(url, policy);
305         } catch (AccessControlException e) {
306             throw new ProcessingException("Resolving policy failed: ", e);
307         }
308     }
309
310     /**
311      * Returns the users with a certain role on the current URL.
312      * @param roleId The role ID.
313      * @return An array of users.
314      * @throws ProcessingException when something went wrong.
315      */
316     public User[] getUsersWithRole(String JavaDoc roleId) throws ProcessingException {
317         List JavaDoc users = new ArrayList JavaDoc();
318         try {
319             Policy policy =
320                 policyManager.getPolicy(accessController.getAccreditableManager(), getUrl());
321             UserManager userManager = accessController.getAccreditableManager().getUserManager();
322             User[] userArray = userManager.getUsers();
323             for (int i = 0; i < userArray.length; i++) {
324                 Identity identity = new Identity();
325                 identity.addIdentifiable(userArray[i]);
326                 Role[] roles = policy.getRoles(identity);
327                 for (int roleIndex = 0; roleIndex < roles.length; roleIndex++) {
328                     if (roles[roleIndex].getId().equals(roleId)) {
329                         users.add(userArray[i]);
330                     }
331                 }
332             }
333         } catch (AccessControlException e) {
334             throw new ProcessingException(e);
335         }
336         return (User[]) users.toArray(new User[users.size()]);
337     }
338
339     /**
340      * Returns the URL.
341      * @return A string.
342      */
343     public String JavaDoc getUrl() {
344         return url;
345     }
346
347 }
348
Popular Tags