Java > Open Source Codes > org > ejbca > core > model > approval > ApprovalRequest


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/
13 package org.ejbca.core.model.approval;
14
15 import java.io.ByteArrayInputStream ;
16 import java.io.Externalizable ;
17 import java.io.IOException ;
18 import java.io.ObjectInput ;
19 import java.io.ObjectOutput ;
20 import java.security.cert.CertificateException ;
21 import java.security.cert.CertificateFactory ;
22 import java.security.cert.X509Certificate ;
23 import java.util.List ;
24
25 import javax.ejb.CreateException ;
26 import javax.ejb.EJBException ;
27
28 import org.apache.commons.lang.StringUtils;
29 import org.apache.log4j.Logger;
30 import org.ejbca.core.ejb.ServiceLocator;
31 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal;
32 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocalHome;
33 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
34 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocalHome;
35 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocal;
36 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocalHome;
37 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal;
38 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocalHome;
39 import org.ejbca.core.model.SecConst;
40 import org.ejbca.core.model.log.Admin;
41 import org.ejbca.util.Base64;
42 import org.ejbca.util.CertTools;
43
44
45
46 /**
47  * Abstract Base class representing one approval request created when
48  * an administrator performs an action that requires an approval.
49  *
50  *
51  * Contains information like:
52  * Admin that performs the request
53  * Data necessary to display the request to the approver
54  * Eventual data necessary to execute the request.
55  *
56  *
57  *
58  * @author Philip Vendil
59  * @version $Id: ApprovalRequest.java,v 1.8 2006/08/13 10:13:58 anatom Exp $
60  */
61
62 public abstract class ApprovalRequest implements Externalizable {
63     
64     private static final long serialVersionUID = -1L;
65     
66     private static final Logger log = Logger.getLogger(ApprovalRequest.class);
67     
68     private static final int LATEST_VERSION = 2;
69         
70     /**
71      * Simple request type means that the approver will only see new data about the
72      * action and will not compare it to old data
73      */
74     public static final int REQUESTTYPE_SIMPLE = 1;
75     
76     /**
77      * Comparing request type means that the approving administrator have to
78      * compare old data with new data in the request.
79      *
80      */
81     public static final int REQUESTTYPE_COMPARING = 2;
82     
83     /**
84      * The default request validity used if not method getRequestValidity is overridden
85      *
86      */
87     protected static final long DEFAULT_REQUESTVALIDITY = 28800 * 1000;
88     protected static final String DEFAULT_REQUESTVALIDITYSTRING = "@approval.defaultrequestvalidity@";
89
90     /**
91      * The default approval validity used if not method getApprovalValidity is overridden
92      *
93      */
94     protected static final long DEFAULT_APPROVALVALIDITY = 28800 * 1000;
95     protected static final String DEFAULT_APPROVALVALIDITYSTRING = "@approval.defaultapprovalvalidity@";
96
97     private Admin requestAdmin = null; // Base64 encoding of x509certificate
98
99     private String requestSignature = null;
100     
101     private int approvalRequestType = REQUESTTYPE_SIMPLE;
102     
103     private int numOfRequiredApprovals = 0;
104     
105     private int cAId = 0;
106     
107     private int endEntityProfileId = 0;
108    
109     /**
110      * Main constructor of an approval request
111      * @param requestAdminCert the certificate of the requesting admin
112      * @param requestSignature signature of the requestor (OPTIONAL, for future use)
113      * @param approvalRequestType one of TYPE_ constants
114      * @param numOfRequiredApprovals
115      * @param cAId the related cAId of the request that the approver must be authorized to or ApprovalDataVO.ANY_CA in applicable to any ca
116      * @param endEntityProfileId the related profile id that the approver must be authorized to or ApprovalDataVO.ANY_ENDENTITYPROFILE if applicable to any end entity profile
117      */
118     protected ApprovalRequest(Admin requestAdmin, String requestSignature,
119                               int approvalRequestType, int numOfRequiredApprovals, int cAId, int endEntityProfileId) {
120         super();
121         
122         setRequestAdmin(requestAdmin);
123         this.requestSignature = requestSignature;
124         this.approvalRequestType = approvalRequestType;
125         this.numOfRequiredApprovals = numOfRequiredApprovals;
126         this.cAId = cAId;
127         this.endEntityProfileId = endEntityProfileId;
128     }
129     
130     /**
131      * Constuctor used in externaliziation only
132      */
133     public ApprovalRequest(){
134     }
135     
136     /**
137      * Should return true if the request if of the type that should be executed
138      * by the last approver.
139      *
140      * False if the request admin should do a polling action to try again.
141      */
142     public abstract boolean isExecutable();
143     
144     /**
145      * A main function of the ApprovalRequest, the execute() method
146      * is run when all required approvals have been made.
147      *
148      * execute should perform the action or nothing if the requesting admin
149      * is supposed to try his action again.
150      */
151     public abstract void execute() throws ApprovalRequestExecutionException;
152     
153     /**
154      * Method that should generate an approval id for this type of
155      * approval, the same request i.e the same admin want's to do the
156      * same thing twice should result in the same approvalId.
157      */
158     public abstract int generateApprovalId();
159     
160     /**
161      * This method should return the request data in text representation.
162      * This text is presented for the approving administrator in order
163      * for him to make a desition about the request.
164      *
165      * Should return a List of ApprovalDataText, one for each row
166      */
167     public abstract List getNewRequestDataAsText(Admin admin);
168     
169     /**
170      * This method should return the original request data in text representation.
171      * Should only be implemented by TYPE_COMPARING ApprovalRequests.
172      * TYPE_SIMPLE requests should return null;
173      *
174      * This text is presented for the approving administrator for him to
175      * compare of what will be done.
176      *
177      * Should return a Collection of ApprovalDataText, one for each row
178      */
179     public abstract List getOldRequestDataAsText(Admin admin);
180         
181     /**
182      * This method is used to check if this is an allowed transition between
183      * two states, so that it does not require approval.
184      * Override this method to add allowed transitions.
185      *
186      * @return true if this transition does not require approval, false by default.
187      *
188      */
189     public boolean isAllowedTransition() {
190         return false;
191     }
192
193     /**
194      * Should return the time in millisecond that the request should be valid
195      * or Long.MAX_VALUE if it should never expire
196      *
197      * Default if will return the value defined in the ejbca.properties
198      */
199     public long getRequestValidity(){
200         long ret = DEFAULT_REQUESTVALIDITY;
201         if (StringUtils.isNotEmpty(DEFAULT_REQUESTVALIDITYSTRING)) {
202             ret = Long.parseLong(DEFAULT_REQUESTVALIDITYSTRING) * 1000;
203         }
204         return ret;
205     }
206     
207     /**
208      * Should return the time in millisecond that the approval should be valid
209      * or Long.MAX_VALUE if it should never expire
210      *
211      * Default if will return the value defined in the ejbca.properties
212      */
213     public long getApprovalValidity(){
214         long ret = DEFAULT_APPROVALVALIDITY;
215         if (StringUtils.isNotEmpty(DEFAULT_APPROVALVALIDITYSTRING)) {
216             ret = Long.parseLong(DEFAULT_APPROVALVALIDITYSTRING) * 1000;
217         }
218         return ret;
219     }
220     
221     
222     /**
223      * Should return one of the ApprovalDataVO.APPROVALTYPE_ constants
224      */
225     public abstract int getApprovalType();
226     
227     
228
229     /**
230      * Method returning the number of required approvals in order to execute the request.
231      */
232     public int getNumOfRequiredApprovals(){
233         return numOfRequiredApprovals;
234     }
235
236
237     /**
238      * The type of requesttype, one of TYPE_ constants
239      *
240      */
241     public int getApprovalRequestType() {
242         return approvalRequestType;
243     }
244
245     /**
246      * @return Returns the requestSignature. OPTIONAL
247      */
248     public String getRequestSignature() {
249         return requestSignature;
250     }
251
252     /**
253      * Returns the related ca id.
254      * The approving administrator must be authorized to this ca
255      * in order to approve it.
256      */
257     public int getCAId() {
258         return cAId;
259     }
260     
261     /**
262      * Returns the related end entity profile id.
263      * The approving administrator must be authorized to this profile
264      * in order to approve it.
265      */
266     public int getEndEntityProfileId() {
267         return endEntityProfileId;
268     }
269
270
271     private void setRequestAdmin(Admin requestAdmin) {
272         this.requestAdmin = requestAdmin;
273     }
274     
275     /**
276      * Returns the certificate of the request admin.
277      */
278     public X509Certificate getRequestAdminCert() {
279       return requestAdmin.getAdminInformation().getX509Certificate();
280     }
281
282     
283     public Admin getRequestAdmin() {
284         return requestAdmin;
285     }
286     
287
288     public void writeExternal(ObjectOutput out) throws IOException {
289         out.writeInt(LATEST_VERSION);
290         out.writeObject(this.requestAdmin);
291         out.writeObject(this.requestSignature);
292         out.writeInt(this.approvalRequestType);
293         out.writeInt(this.numOfRequiredApprovals);
294         out.writeInt(this.cAId);
295         out.writeInt(this.endEntityProfileId);
296     }
297
298     public void readExternal(ObjectInput in) throws IOException , ClassNotFoundException {
299         
300         int version = in.readInt();
301         if(version == 1){
302             String requestAdminCert = (String ) in.readObject();
303             byte[] certbuf = Base64.decode(requestAdminCert.getBytes());
304               CertificateFactory cf = CertTools.getCertificateFactory();
305               X509Certificate x509cert = null;
306               try {
307                   x509cert = (X509Certificate )cf.generateCertificate(new ByteArrayInputStream (certbuf));
308               } catch (CertificateException e) {
309                   log.error(e);
310               }
311             this.requestAdmin = new Admin(x509cert);
312             
313             this.requestSignature = (String ) in.readObject();
314             this.approvalRequestType = in.readInt();
315             this.numOfRequiredApprovals = in.readInt();
316             this.cAId = in.readInt();
317             this.endEntityProfileId = in.readInt();
318         }
319         if(version == 2){
320             this.requestAdmin = (Admin) in.readObject();
321             this.requestSignature = (String ) in.readObject();
322             this.approvalRequestType = in.readInt();
323             this.numOfRequiredApprovals = in.readInt();
324             this.cAId = in.readInt();
325             this.endEntityProfileId = in.readInt();
326         }
327         
328     }
329     
330     // Help Methods for approval requests
331 protected String getCAName(Admin admin,int caid){
332         String caname;
333                 
334         try {
335             ServiceLocator locator = ServiceLocator.getInstance();
336             ICAAdminSessionLocalHome home = (ICAAdminSessionLocalHome) locator.getLocalHome(ICAAdminSessionLocalHome.COMP_NAME);
337             ICAAdminSessionLocal session = home.create();
338             caname = session.getCAInfo(admin, caid).getName();
339             
340         } catch (CreateException e) {
341             throw new EJBException (e);
342         }
343         
344         return caname;
345     }
346     
347     protected String getEndEntityProfileName(Admin admin,int profileid){
348         String name;
349         
350         try {
351             ServiceLocator locator = ServiceLocator.getInstance();
352             IRaAdminSessionLocalHome home = (IRaAdminSessionLocalHome) locator.getLocalHome(IRaAdminSessionLocalHome.COMP_NAME);
353             IRaAdminSessionLocal session = home.create();
354             name = session.getEndEntityProfileName(admin, profileid);
355         } catch (CreateException e) {
356             throw new EJBException (e);
357         }
358         
359         return name;
360         
361     }
362     
363     protected String getCertificateProfileName(Admin admin,int profileid){
364         String name;
365         
366         try {
367             ServiceLocator locator = ServiceLocator.getInstance();
368             ICertificateStoreSessionLocalHome home = (ICertificateStoreSessionLocalHome) locator.getLocalHome(ICertificateStoreSessionLocalHome.COMP_NAME);
369             ICertificateStoreSessionLocal session = home.create();
370             name = session.getCertificateProfileName(admin, profileid);
371         } catch (CreateException e) {
372             throw new EJBException (e);
373         }
374         
375         return name;
376     }
377         
378     protected ApprovalDataText getTokenName(Admin admin,int tokenid){
379         ApprovalDataText retval;
380         
381         try {
382             if(tokenid <= SecConst.TOKEN_SOFT ){
383                 int tokenindex=0;
384                 for(int i=0;i<SecConst.TOKENIDS.length;i++){
385                     if(SecConst.TOKENIDS[i] == tokenid){
386                       tokenindex = i;
387                     }
388                 }
389                 retval = new ApprovalDataText("TOKEN" ,SecConst.TOKENTEXTS[tokenindex],true,true);
390                 
391             }else{
392               ServiceLocator locator = ServiceLocator.getInstance();
393               IHardTokenSessionLocalHome home = (IHardTokenSessionLocalHome) locator.getLocalHome(IHardTokenSessionLocalHome.COMP_NAME);
394               IHardTokenSessionLocal session = home.create();
395               String name = session.getHardTokenProfileName(admin, tokenid);
396               retval = new ApprovalDataText("TOKEN" ,name,true,false);
397             }
398         } catch (CreateException e) {
399             throw new EJBException (e);
400         }
401         
402         return retval;
403     }
404
405     protected String getHardTokenIssuerName(Admin admin,int issuerid){
406         String name;
407         
408         try {
409             ServiceLocator locator = ServiceLocator.getInstance();
410             IHardTokenSessionLocalHome home = (IHardTokenSessionLocalHome) locator.getLocalHome(IHardTokenSessionLocalHome.COMP_NAME);
411             IHardTokenSessionLocal session = home.create();
412             name = session.getHardTokenIssuerAlias(admin, issuerid);
413         } catch (CreateException e) {
414             throw new EJBException (e);
415         }
416         
417         return name;
418     }
419
420 }
421

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags