WorkflowAuthorizer


1   /*
2    * Copyright  1999-2004 The Apache Software Foundation
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   *
16   */
17  
18  /* $Id: WorkflowAuthorizer.java 43242 2004-08-16 16:42:32Z andreas $  */
19  
20  package org.apache.lenya.cms.ac.workflow;
21  
22  import org.apache.avalon.framework.logger.AbstractLogEnabled;
23  import org.apache.avalon.framework.service.ServiceException;
24  import org.apache.avalon.framework.service.ServiceManager;
25  import org.apache.avalon.framework.service.Serviceable;
26  import org.apache.cocoon.environment.Request;
27  import org.apache.excalibur.source.SourceResolver;
28  import org.apache.lenya.ac.AccessControlException;
29  import org.apache.lenya.ac.Authorizer;
30  import org.apache.lenya.cms.cocoon.workflow.WorkflowHelper;
31  import org.apache.lenya.cms.publication.Document;
32  import org.apache.lenya.cms.publication.DocumentBuilder;
33  import org.apache.lenya.cms.publication.Publication;
34  import org.apache.lenya.cms.publication.PublicationFactory;
35  import org.apache.lenya.cms.workflow.WorkflowFactory;
36  import org.apache.lenya.workflow.Event;
37  import org.apache.lenya.workflow.Situation;
38  import org.apache.lenya.workflow.SynchronizedWorkflowInstances;
39  
40  /**
41   * If the client requested invoking a workflow event, this authorizer checks if the current
42   * document state and identity roles allow this transition.
43   */
44  public class WorkflowAuthorizer extends AbstractLogEnabled implements Authorizer, Serviceable {
45  
46      protected static final String   EVENT_PARAMETER = "lenya.event";
47  
48      /**
49       * @see org.apache.lenya.ac.Authorizer#authorize(org.apache.cocoon.environment.Request)
50       */
51      public boolean authorize(Request request) throws AccessControlException {
52  
53          boolean authorized = true;
54  
55          String   requestUri = request.getRequestURI();
56          String   context = request.getContextPath();
57  
58          if (context == null) {
59              context = "";
60          }
61  
62          String   url = requestUri.substring(context.length());
63  
64          String   event = request.getParameter(EVENT_PARAMETER);
65          SourceResolver resolver = null;
66  
67          if (getLogger().isDebugEnabled()) {
68              getLogger().debug("Authorizing workflow for event [" + event + "]");
69          }
70  
71          if (event != null) {
72  
73              try {
74                  resolver = (SourceResolver) manager.lookup(SourceResolver.ROLE);
75                  Publication publication = PublicationFactory.getPublication(resolver, request);
76  
77                  DocumentBuilder builder = publication.getDocumentBuilder();
78                  if (builder.isDocument(publication, url)) {
79  
80                      Document document = builder.buildDocument(publication, url);
81                      WorkflowFactory factory = WorkflowFactory.newInstance();
82  
83                      if (factory.hasWorkflow(document)) {
84                          SynchronizedWorkflowInstances instance =
85                              factory.buildSynchronizedInstance(document);
86  
87                          authorized = false;
88  
89                          Situation situation = WorkflowHelper.buildSituation(request);
90                          Event[] events = instance.getExecutableEvents(situation);
91                          int i = 0;
92  
93                          while (!authorized && (i < events.length)) {
94                              if (events[i].getName().equals(event)) {
95                                  authorized = true;
96                              }
97                              if (getLogger().isDebugEnabled()) {
98                                  getLogger().debug("    Event [" + events[i] + "] is executable.");
99                              }
100 
101                             i++;
102                         }
103                     }
104                 }
105 
106             } catch (Exception   e) {
107                 throw new AccessControlException(e);
108             } finally {
109                 if (resolver != null) {
110                     manager.release(resolver);
111                 }
112             }
113         }
114 
115         return authorized;
116     }
117 
118     private ServiceManager manager;
119 
120     /**
121      * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
122      */
123     public void service(ServiceManager manager) throws ServiceException {
124         this.manager = manager;
125     }
126 
127 }
128
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags