Java > Open Source Codes > org > apache > lenya > cms > cocoon > components > modules > input > AccessControlModule


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17
18 /* $Id: AccessControlModule.java 42598 2004-03-01 16:18:28Z gregor $ */
19
20 package org.apache.lenya.cms.cocoon.components.modules.input;
21
22 import java.util.Arrays ;
23 import java.util.Iterator ;
24 import java.util.Map ;
25
26 import org.apache.avalon.framework.configuration.Configuration;
27 import org.apache.avalon.framework.configuration.ConfigurationException;
28 import org.apache.avalon.framework.service.ServiceException;
29 import org.apache.avalon.framework.service.ServiceManager;
30 import org.apache.avalon.framework.service.ServiceSelector;
31 import org.apache.avalon.framework.service.Serviceable;
32 import org.apache.cocoon.components.modules.input.AbstractInputModule;
33 import org.apache.cocoon.environment.ObjectModelHelper;
34 import org.apache.cocoon.environment.Request;
35 import org.apache.cocoon.environment.Session;
36 import org.apache.lenya.ac.AccessControlException;
37 import org.apache.lenya.ac.AccessController;
38 import org.apache.lenya.ac.AccessControllerResolver;
39 import org.apache.lenya.ac.AccreditableManager;
40 import org.apache.lenya.ac.Identity;
41 import org.apache.lenya.ac.ItemManager;
42 import org.apache.lenya.ac.Machine;
43 import org.apache.lenya.ac.Role;
44 import org.apache.lenya.ac.User;
45 import org.apache.lenya.ac.impl.DefaultAccessController;
46 import org.apache.lenya.ac.impl.PolicyAuthorizer;
47
48 /**
49  * Input module for access control attributes.
50  */
51 public class AccessControlModule extends AbstractInputModule implements Serviceable {
52
53     public static final String USER_ID = "user-id";
54     public static final String USER_NAME = "user-name";
55     public static final String USER_EMAIL = "user-email";
56     public static final String IP_ADDRESS = "ip-address";
57     public static final String ROLE_IDS = "role-ids";
58
59     public static final String USER_MANAGER = "user-manager";
60     public static final String GROUP_MANAGER = "group-manager";
61     public static final String ROLE_MANAGER = "role-manager";
62     public static final String IP_RANGE_MANAGER = "iprange-manager";
63
64     /**
65       * The names of the AccessControlModule parameters.
66       */
67     public static final String [] PARAMETER_NAMES =
68         {
69             IP_ADDRESS,
70             USER_ID,
71             USER_NAME,
72             USER_EMAIL,
73             ROLE_IDS,
74             USER_MANAGER,
75             GROUP_MANAGER,
76             ROLE_MANAGER,
77             IP_RANGE_MANAGER };
78
79     /**
80      *
81      * @see org.apache.cocoon.components.modules.input.InputModule#getAttribute(java.lang.String, org.apache.avalon.framework.configuration.Configuration, java.util.Map)
82      */
83     public Object getAttribute(String name, Configuration modeConf, Map objectModel)
84         throws ConfigurationException {
85
86         Request request = ObjectModelHelper.getRequest(objectModel);
87         Session session = request.getSession();
88         Object value = null;
89
90         if (!Arrays.asList(PARAMETER_NAMES).contains(name)) {
91             throw new ConfigurationException("The attribute [" + name + "] is not supported!");
92         }
93
94         if (session != null) {
95             Identity identity = (Identity) session.getAttribute(Identity.class.getName());
96             if (identity != null) {
97                 if (name.equals(USER_ID)) {
98                     User user = identity.getUser();
99                     if (user != null) {
100                         value = user.getId();
101                     }
102                 } else if (name.equals(USER_NAME)) {
103                     User user = identity.getUser();
104                     if (user != null) {
105                         value = user.getName();
106                     }
107                 } else if (name.equals(USER_EMAIL)) {
108                     User user = identity.getUser();
109                     if (user != null) {
110                         value = user.getEmail();
111                     }
112                 } else if (name.equals(IP_ADDRESS)) {
113                     Machine machine = identity.getMachine();
114                     if (machine != null) {
115                         value = machine.getIp();
116                     }
117                 } else if (name.equals(ROLE_IDS)) {
118                     try {
119                         Role[] roles = PolicyAuthorizer.getRoles(request);
120                         String roleIds = "";
121                         for (int i = 0; i < roles.length; i++) {
122                             if (i > 0) {
123                                 roleIds += ",";
124                             }
125                             roleIds += roles[i].getId();
126                         }
127                         value = roleIds;
128                     } catch (AccessControlException e) {
129                         throw new ConfigurationException(
130                             "Obtaining value for attribute [" + name + "] failed: ",
131                             e);
132                     }
133                 }
134             }
135         }
136
137         if (name.equals(USER_MANAGER)
138             || name.equals(GROUP_MANAGER)
139             || name.equals(ROLE_MANAGER)
140             || name.equals(IP_RANGE_MANAGER)) {
141             value = getItemManager(request, name);
142         }
143
144         return value;
145     }
146
147     /**
148      * @see org.apache.cocoon.components.modules.input.InputModule#getAttributeNames(org.apache.avalon.framework.configuration.Configuration, java.util.Map)
149      */
150     public Iterator getAttributeNames(Configuration modeConf, Map objectModel)
151         throws ConfigurationException {
152         return Arrays.asList(PARAMETER_NAMES).iterator();
153     }
154
155     /**
156      * @see org.apache.cocoon.components.modules.input.InputModule#getAttributeValues(java.lang.String, org.apache.avalon.framework.configuration.Configuration, java.util.Map)
157      */
158     public Object [] getAttributeValues(String name, Configuration modeConf, Map objectModel)
159         throws ConfigurationException {
160         Object [] objects = { getAttribute(name, modeConf, objectModel)};
161
162         return objects;
163     }
164
165     /**
166      * Returns the item manager for a certain name.
167      * @param request The request.
168      * @param name The name of the manager ({@link #USER_MANAGER},
169      * {@link #ROLE_MANAGER}, {@link #GROUP_MANAGER}, or {@link IP_RANGE_MANAGER}
170      * @return An item manager.
171      * @throws ConfigurationException when something went wrong.
172      */
173     protected ItemManager getItemManager(Request request, String name)
174         throws ConfigurationException {
175         AccessController accessController = null;
176         ServiceSelector selector = null;
177         AccessControllerResolver resolver = null;
178         ItemManager itemManager = null;
179
180         try {
181             selector = (ServiceSelector) manager.lookup(AccessControllerResolver.ROLE + "Selector");
182             resolver =
183                 (AccessControllerResolver) selector.select(
184                     AccessControllerResolver.DEFAULT_RESOLVER);
185
186             String requestURI = request.getRequestURI();
187             String context = request.getContextPath();
188             if (context == null) {
189                 context = "";
190             }
191             String url = requestURI.substring(context.length());
192             accessController = resolver.resolveAccessController(url);
193
194             AccreditableManager accreditableManager =
195                 ((DefaultAccessController) accessController).getAccreditableManager();
196
197             if (name.equals(USER_MANAGER)) {
198                 itemManager = accreditableManager.getUserManager();
199             } else if (name.equals(GROUP_MANAGER)) {
200                 itemManager = accreditableManager.getGroupManager();
201             } else if (name.equals(ROLE_MANAGER)) {
202                 itemManager = accreditableManager.getRoleManager();
203             } else if (name.equals(IP_RANGE_MANAGER)) {
204                 itemManager = accreditableManager.getIPRangeManager();
205             }
206
207         } catch (Exception e) {
208             throw new ConfigurationException("Obtaining item manager failed: ", e);
209         } finally {
210             if (selector != null) {
211                 if (resolver != null) {
212                     if (accessController != null) {
213                         resolver.release(accessController);
214                     }
215                     selector.release(resolver);
216                 }
217                 manager.release(selector);
218             }
219         }
220
221         return itemManager;
222     }
223
224     private ServiceManager manager;
225
226     /**
227      * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
228      */
229     public void service(ServiceManager manager) throws ServiceException {
230         this.manager = manager;
231     }
232
233 }
234

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags