Java > Open Source Codes > org > apache > turbine > util > security > TurbineAccessControlList


1 package org.apache.turbine.util.security;
2
3 /*
4  * Copyright 2001-2004 The Apache Software Foundation.
5  *
6  * Licensed under the Apache License, Version 2.0 (the "License")
7  * you may not use this file except in compliance with the License.
8  * You may obtain a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  */
18
19 import java.util.Iterator ;
20 import java.util.Map ;
21
22 import org.apache.turbine.om.security.Group;
23 import org.apache.turbine.om.security.Permission;
24 import org.apache.turbine.om.security.Role;
25 import org.apache.turbine.services.security.TurbineSecurity;
26
27 /**
28  * This is a control class that makes it easy to find out if a
29  * particular User has a given Permission. It also determines if a
30  * User has a a particular Role.
31  *
32  * @author <a HREF="mailto:jmcnally@collab.net">John D. McNally</a>
33  * @author <a HREF="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
34  * @author <a HREF="mailto:greg@shwoop.com">Greg Ritter</a>
35  * @author <a HREF="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
36  * @author <a HREF="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
37  * @author <a HREF="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
38  * @version $Id: TurbineAccessControlList.java,v 1.8.2.2 2004/05/20 03:27:24 seade Exp $
39  */
40 public class TurbineAccessControlList
41         implements AccessControlList
42 {
43     /** The sets of roles that the user has in different groups */
44     private Map roleSets;
45
46     /** The sets of permissions that the user has in different groups */
47     private Map permissionSets;
48
49     /** The name of this ACL. Needed for the SecurityEntity Interface */
50     private String name;
51
52     /**
53      * Constructs a new AccessControlList.
54      *
55      * This class follows 'immutable' pattern - it's objects can't be modified
56      * once they are created. This means that the permissions the users have are
57      * in effect form the moment they log in to the moment they log out, and
58      * changes made to the security settings in that time are not reflected
59      * in the state of this object. If you need to reset an user's permissions
60      * you need to invalidate his session. <br>
61      * The objects that constructs an AccessControlList must supply hashtables
62      * of role/permission sets keyed with group objects. <br>
63      *
64      * @param roleSets a hashtable containing RoleSet objects keyed with Group objects
65      * @param permissionSets a hashtable containing PermissionSet objects keyed with Group objects
66      */
67     public TurbineAccessControlList(Map roleSets, Map permissionSets)
68     {
69         this.roleSets = roleSets;
70         this.permissionSets = permissionSets;
71     }
72
73     /**
74      * Returns the name of this ACL.
75      *
76      * @return The ACL Name
77      *
78      */
79     public String getName()
80     {
81         return this.name;
82     }
83
84     /**
85      * Sets the name of this ACL.
86      *
87      * @param name The new ACL name.
88      *
89      */
90     public void setName(String name)
91     {
92         this.name = name;
93     }
94
95     /**
96      * Retrieves a set of Roles an user is assigned in a Group.
97      *
98      * @param group the Group
99      * @return the set of Roles this user has within the Group.
100      */
101     public RoleSet getRoles(Group group)
102     {
103         if (group == null)
104         {
105             return null;
106         }
107         return (RoleSet) roleSets.get(group);
108     }
109
110     /**
111      * Retrieves a set of Roles an user is assigned in the global Group.
112      *
113      * @return the set of Roles this user has within the global Group.
114      */
115     public RoleSet getRoles()
116     {
117         return getRoles(TurbineSecurity.getGlobalGroup());
118     }
119
120     /**
121      * Retrieves a set of Permissions an user is assigned in a Group.
122      *
123      * @param group the Group
124      * @return the set of Permissions this user has within the Group.
125      */
126     public PermissionSet getPermissions(Group group)
127     {
128         if (group == null)
129         {
130             return null;
131         }
132         return (PermissionSet) permissionSets.get(group);
133     }
134
135     /**
136      * Retrieves a set of Permissions an user is assigned in the global Group.
137      *
138      * @return the set of Permissions this user has within the global Group.
139      */
140     public PermissionSet getPermissions()
141     {
142         return getPermissions(TurbineSecurity.getGlobalGroup());
143     }
144
145     /**
146      * Checks if the user is assigned a specific Role in the Group.
147      *
148      * @param role the Role
149      * @param group the Group
150      * @return <code>true</code> if the user is assigned the Role in the Group.
151      */
152     public boolean hasRole(Role role, Group group)
153     {
154         RoleSet set = getRoles(group);
155         if (set == null || role == null)
156         {
157             return false;
158         }
159         return set.contains(role);
160     }
161
162     /**
163      * Checks if the user is assigned a specific Role in any of the given
164      * Groups
165      *
166      * @param role the Role
167      * @param groupset a Groupset
168      * @return <code>true</code> if the user is assigned the Role in any of
169      * the given Groups.
170      */
171     public boolean hasRole(Role role, GroupSet groupset)
172     {
173         if (role == null)
174         {
175             return false;
176         }
177         for (Iterator groups = groupset.iterator(); groups.hasNext();)
178         {
179             Group group = (Group) groups.next();
180             RoleSet roles = getRoles(group);
181             if (roles != null)
182             {
183                 if (roles.contains(role))
184                 {
185                     return true;
186                 }
187             }
188         }
189         return false;
190     }
191
192     /**
193      * Checks if the user is assigned a specific Role in the Group.
194      *
195      * @param role the Role
196      * @param group the Group
197      * @return <code>true</code> if the user is assigned the Role in the Group.
198      */
199     public boolean hasRole(String role, String group)
200     {
201         try
202         {
203             return hasRole(TurbineSecurity.getRoleByName(role),
204                     TurbineSecurity.getGroupByName(group));
205         }
206         catch (Exception e)
207         {
208             return false;
209         }
210     }
211
212     /**
213      * Checks if the user is assigned a specifie Role in any of the given
214      * Groups
215      *
216      * @param rolename the name of the Role
217      * @param groupset a Groupset
218      * @return <code>true</code> if the user is assigned the Role in any of
219      * the given Groups.
220      */
221     public boolean hasRole(String rolename, GroupSet groupset)
222     {
223         Role role;
224         try
225         {
226             role = TurbineSecurity.getRoleByName(rolename);
227         }
228         catch (TurbineSecurityException e)
229         {
230             return false;
231         }
232         if (role == null)
233         {
234             return false;
235         }
236         for (Iterator groups = groupset.iterator(); groups.hasNext();)
237         {
238             Group group = (Group) groups.next();
239             RoleSet roles = getRoles(group);
240             if (roles != null)
241             {
242                 if (roles.contains(role))
243                 {
244                     return true;
245                 }
246             }
247         }
248         return false;
249     }
250
251     /**
252      * Checks if the user is assigned a specific Role in the global Group.
253      *
254      * @param role the Role
255      * @return <code>true</code> if the user is assigned the Role in the global Group.
256      */
257     public boolean hasRole(Role role)
258     {
259         return hasRole(role, TurbineSecurity.getGlobalGroup());
260     }
261
262     /**
263      * Checks if the user is assigned a specific Role in the global Group.
264      *
265      * @param role the Role
266      * @return <code>true</code> if the user is assigned the Role in the global Group.
267      */
268     public boolean hasRole(String role)
269     {
270         try
271         {
272             return hasRole(TurbineSecurity.getRoleByName(role));
273         }
274         catch (Exception e)
275         {
276             return false;
277         }
278     }
279
280     /**
281      * Checks if the user is assigned a specific Permission in the Group.
282      *
283      * @param permission the Permission
284      * @param group the Group
285      * @return <code>true</code> if the user is assigned the Permission in the Group.
286      */
287     public boolean hasPermission(Permission permission, Group group)
288     {
289         PermissionSet set = getPermissions(group);
290         if (set == null || permission == null)
291         {
292             return false;
293         }
294         return set.contains(permission);
295     }
296
297     /**
298      * Checks if the user is assigned a specific Permission in any of the given
299      * Groups
300      *
301      * @param permission the Permission
302      * @param groupset a Groupset
303      * @return <code>true</code> if the user is assigned the Permission in any
304      * of the given Groups.
305      */
306     public boolean hasPermission(Permission permission, GroupSet groupset)
307     {
308         if (permission == null)
309         {
310             return false;
311         }
312         for (Iterator groups = groupset.iterator(); groups.hasNext();)
313         {
314             Group group = (Group) groups.next();
315             PermissionSet permissions = getPermissions(group);
316             if (permissions != null)
317             {
318                 if (permissions.contains(permission))
319                 {
320                     return true;
321                 }
322             }
323         }
324         return false;
325     }
326
327     /**
328      * Checks if the user is assigned a specific Permission in the Group.
329      *
330      * @param permission the Permission
331      * @param group the Group
332      * @return <code>true</code> if the user is assigned the Permission in the Group.
333      */
334     public boolean hasPermission(String permission, String group)
335     {
336         try
337         {
338             return hasPermission(TurbineSecurity.getPermissionByName(permission),
339                     TurbineSecurity.getGroupByName(group));
340         }
341         catch (Exception e)
342         {
343             return false;
344         }
345     }
346
347     /**
348      * Checks if the user is assigned a specific Permission in the Group.
349      *
350      * @param permission the Permission
351      * @param group the Group
352      * @return <code>true</code> if the user is assigned the Permission in the Group.
353      */
354     public boolean hasPermission(String permission, Group group)
355     {
356         try
357         {
358             return hasPermission(
359                     TurbineSecurity.getPermissionByName(permission), group);
360         }
361         catch (Exception e)
362         {
363             return false;
364         }
365     }
366
367     /**
368      * Checks if the user is assigned a specifie Permission in any of the given
369      * Groups
370      *
371      * @param permissionName the name of the Permission
372      * @param groupset a Groupset
373      * @return <code>true</code> if the user is assigned the Permission in any
374      * of the given Groups.
375      */
376     public boolean hasPermission(String permissionName, GroupSet groupset)
377     {
378         Permission permission;
379         try
380         {
381             permission = TurbineSecurity.getPermissionByName(permissionName);
382         }
383         catch (TurbineSecurityException e)
384         {
385             return false;
386         }
387         if (permission == null)
388         {
389             return false;
390         }
391         for (Iterator groups = groupset.iterator(); groups.hasNext();)
392         {
393             Group group = (Group) groups.next();
394             PermissionSet permissions = getPermissions(group);
395             if (permissions != null)
396             {
397                 if (permissions.contains(permission))
398                 {
399                     return true;
400                 }
401             }
402         }
403         return false;
404     }
405
406     /**
407      * Checks if the user is assigned a specific Permission in the global Group.
408      *
409      * @param permission the Permission
410      * @return <code>true</code> if the user is assigned the Permission in the global Group.
411      */
412     public boolean hasPermission(Permission permission)
413     {
414         return hasPermission(permission, TurbineSecurity.getGlobalGroup());
415     }
416
417     /**
418      * Checks if the user is assigned a specific Permission in the global Group.
419      *
420      * @param permission the Permission
421      * @return <code>true</code> if the user is assigned the Permission in the global Group.
422      */
423     public boolean hasPermission(String permission)
424     {
425         try
426         {
427             return hasPermission(TurbineSecurity.getPermissionByName(permission));
428         }
429         catch (Exception e)
430         {
431             return false;
432         }
433     }
434
435     /**
436      * Returns all groups definded in the system.
437      *
438      * This is useful for debugging, when you want to display all roles
439      * and permissions an user is assingned. This method is needed
440      * because you can't call static methods of TurbineSecurity class
441      * from within WebMacro/Velocity template
442      *
443      * @return A Group [] of all groups in the system.
444      */
445     public Group[] getAllGroups()
446     {
447         try
448         {
449             return TurbineSecurity.getAllGroups().getGroupsArray();
450         }
451         catch (TurbineSecurityException e)
452         {
453             return new Group[0];
454         }
455     }
456 }
457

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags