KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > lenya > cms > ac > usecase > UsecaseAuthorizer


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17
18 package org.apache.lenya.cms.ac.usecase;
19
20 import java.util.Arrays JavaDoc;
21 import java.util.List JavaDoc;
22
23 import org.apache.avalon.framework.activity.Disposable;
24 import org.apache.avalon.framework.logger.AbstractLogEnabled;
25 import org.apache.avalon.framework.parameters.ParameterException;
26 import org.apache.avalon.framework.parameters.Parameterizable;
27 import org.apache.avalon.framework.parameters.Parameters;
28 import org.apache.avalon.framework.service.ServiceException;
29 import org.apache.avalon.framework.service.ServiceManager;
30 import org.apache.avalon.framework.service.Serviceable;
31 import org.apache.cocoon.environment.Request;
32 import org.apache.excalibur.source.SourceResolver;
33 import org.apache.lenya.ac.AccessControlException;
34 import org.apache.lenya.ac.Authorizer;
35 import org.apache.lenya.ac.Role;
36 import org.apache.lenya.ac.cache.CachingException;
37 import org.apache.lenya.ac.cache.SourceCache;
38 import org.apache.lenya.ac.impl.PolicyAuthorizer;
39 import org.apache.lenya.cms.publication.Publication;
40 import org.apache.lenya.cms.publication.PublicationFactory;
41
42 /**
43  * Authorizer for usecases.
44  * @version $Id: UsecaseAuthorizer.java 43242 2004-08-16 16:42:32Z andreas $
45  */
46 public class UsecaseAuthorizer
47     extends AbstractLogEnabled
48     implements Authorizer, Serviceable, Disposable, Parameterizable {
49
50     public static final String JavaDoc TYPE = "usecase";
51     public static final String JavaDoc USECASE_PARAMETER = "lenya.usecase";
52
53     private SourceCache cache;
54     private String JavaDoc configurationUri;
55
56     /**
57      * Returns the configuration source cache.
58      *
59      * @return A source cache.
60      */
61     public SourceCache getCache() {
62         return cache;
63     }
64
65     /**
66      * Returns the source URI of the usecase role configuration file for a certain publication.
67      *
68      * @param publication The publication.
69      * @return A string representing a URI.
70      */
71     protected String JavaDoc getConfigurationURI(Publication publication) {
72         return "context:///"
73             + Publication.PUBLICATION_PREFIX_URI
74             + "/"
75             + publication.getId()
76             + CONFIGURATION_FILE;
77     }
78
79     /**
80      * @see org.apache.lenya.ac.Authorizer#authorize(org.apache.cocoon.environment.Request)
81      */
82     public boolean authorize(Request request) throws AccessControlException {
83
84         String JavaDoc usecase = request.getParameter(USECASE_PARAMETER);
85         boolean authorized = true;
86
87         SourceResolver resolver = null;
88         try {
89             resolver = (SourceResolver) manager.lookup(SourceResolver.ROLE);
90             if (usecase != null) {
91
92                 String JavaDoc configurationUri;
93                 if (getConfigurationURI() != null) {
94                     configurationUri = getConfigurationURI();
95                 } else {
96                     Publication publication = PublicationFactory.getPublication(resolver, request);
97                     configurationUri = getConfigurationURI(publication);
98                 }
99
100                 Role[] roles = PolicyAuthorizer.getRoles(request);
101                 authorized = authorizeUsecase(usecase, roles, configurationUri);
102             } else {
103                 getLogger().debug("No usecase to authorize. Granting access.");
104             }
105         } catch (Exception JavaDoc e) {
106             throw new AccessControlException(e);
107         } finally {
108             if (resolver != null) {
109                 manager.release(resolver);
110             }
111         }
112
113         return authorized;
114     }
115
116     /**
117      * Authorizes a usecase.
118      *
119      * @param usecase The usecase ID.
120      * @param roles The roles of the current identity.
121      * @param configurationUri The URI to retrieve the policy configuration from.
122      * @return A boolean value.
123      * @throws AccessControlException when something went wrong.
124      */
125     public boolean authorizeUsecase(String JavaDoc usecase, Role[] roles, String JavaDoc configurationUri)
126         throws AccessControlException {
127         getLogger().debug("Authorizing usecase [" + usecase + "]");
128         boolean authorized = true;
129
130         UsecaseRolesBuilder builder = new UsecaseRolesBuilder();
131         UsecaseRoles usecaseRoles;
132         try {
133             usecaseRoles = (UsecaseRoles) getCache().get(configurationUri, builder);
134         } catch (CachingException e) {
135             throw new AccessControlException(e);
136         }
137         
138         if (usecaseRoles == null) {
139             throw new AccessControlException("Usecase policies configuration not found at [" + configurationUri + "]");
140         }
141         
142         if (usecaseRoles.hasRoles(usecase)) {
143
144             getLogger().debug("Roles for usecase found.");
145
146             List JavaDoc usecaseRoleIds = Arrays.asList(usecaseRoles.getRoles(usecase));
147
148             int i = 0;
149             authorized = false;
150             while (!authorized && i < roles.length) {
151                 authorized = usecaseRoleIds.contains(roles[i].getId());
152                 getLogger().debug(
153                     "Authorization for role [" + roles[i].getId() + "] is [" + authorized + "]");
154                 i++;
155             }
156         } else {
157             getLogger().debug("No roles for usecase found. Granting access.");
158         }
159         return authorized;
160     }
161
162     private ServiceManager manager;
163
164     /**
165      * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
166      */
167     public void service(ServiceManager manager) throws ServiceException {
168         getLogger().debug("Servicing [" + getClass().getName() + "]");
169         this.manager = manager;
170         this.cache = (SourceCache) manager.lookup(SourceCache.ROLE);
171     }
172
173     /**
174      * @see org.apache.avalon.framework.activity.Disposable#dispose()
175      */
176     public void dispose() {
177         if (getCache() != null) {
178             manager.release(getCache());
179         }
180     }
181
182     public static final String JavaDoc CONFIGURATION_FILE = "/config/ac/usecase-policies.xml";
183     public static final String JavaDoc PARAMETER_CONFIGURATION = "configuration";
184
185     /**
186      * @see org.apache.avalon.framework.parameters.Parameterizable#parameterize(org.apache.avalon.framework.parameters.Parameters)
187      */
188     public void parameterize(Parameters parameters) throws ParameterException {
189         if (parameters.isParameter(PARAMETER_CONFIGURATION)) {
190             this.configurationUri = parameters.getParameter(PARAMETER_CONFIGURATION);
191         }
192     }
193
194     /**
195      * Returns the configuration URL.
196      *
197      * @return The configuration URL.
198      */
199     public String JavaDoc getConfigurationURI() {
200         return configurationUri;
201     }
202
203     /**
204      * Authorizes a usecase.
205      *
206      * @param usecase The usecase to authorize.
207      * @param roles The roles of the identity.
208      * @param publication The publication.
209      * @return A boolean value.
210      * @throws AccessControlException when something went wrong.
211      */
212     public boolean authorizeUsecase(String JavaDoc usecase, Role[] roles, Publication publication)
213         throws AccessControlException {
214         return authorizeUsecase(usecase, roles, getConfigurationURI(publication));
215     }
216
217 }
218
Popular Tags