1 13 14 package org.ejbca.ui.web.admin.cainterface; 15 16 import java.io.Serializable ; 17 import java.util.ArrayList ; 18 import java.util.Collection ; 19 import java.util.HashMap ; 20 import java.util.Iterator ; 21 import java.util.TreeMap ; 22 23 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal; 24 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal; 25 import org.ejbca.core.ejb.ca.store.CertificateDataBean; 26 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal; 27 import org.ejbca.core.model.SecConst; 28 import org.ejbca.core.model.authorization.AuthorizationDeniedException; 29 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfile; 30 import org.ejbca.core.model.log.Admin; 31 32 37 public class CAAuthorization implements Serializable { 38 39 40 41 42 public CAAuthorization(Admin admin, 43 ICAAdminSessionLocal caadminsession, 44 ICertificateStoreSessionLocal certificatestoresession, 45 IAuthorizationSessionLocal authorizationsession) { 46 this.admin=admin; 47 this.caadminsession=caadminsession; 48 this.certificatestoresession=certificatestoresession; 49 this.authorizationsession=authorizationsession; 50 } 51 52 53 54 58 public Collection getAuthorizedCAIds() { 59 if(authcas ==null || authcas.size() == 0){ 60 authcas = this.authorizationsession.getAuthorizedCAIds(admin); 61 } 62 63 return authcas; 64 } 65 66 67 68 public TreeMap getAuthorizedEndEntityCertificateProfileNames(boolean usehardtokenprofiles){ 69 if(profilenamesendentity==null){ 70 profilenamesendentity = new TreeMap (); 71 Iterator iter = null; 72 if(usehardtokenprofiles) 73 iter = certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_HARDTOKEN).iterator(); 74 else 75 iter = certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_ENDENTITY).iterator(); 76 HashMap idtonamemap = certificatestoresession.getCertificateProfileIdToNameMap(admin); 77 while(iter.hasNext()){ 78 Integer id = (Integer ) iter.next(); 79 profilenamesendentity.put(idtonamemap.get(id),id); 80 } 81 } 82 return profilenamesendentity; 83 } 84 85 public TreeMap getAuthorizedSubCACertificateProfileNames(){ 86 if(profilenamessubca==null){ 87 profilenamessubca = new TreeMap (); 88 Iterator iter = certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_SUBCA).iterator(); 89 HashMap idtonamemap = certificatestoresession.getCertificateProfileIdToNameMap(admin); 90 while(iter.hasNext()){ 91 Integer id = (Integer ) iter.next(); 92 profilenamessubca.put(idtonamemap.get(id),id); 93 } 94 } 95 return profilenamessubca; 96 } 97 98 99 public TreeMap getAuthorizedRootCACertificateProfileNames(){ 100 if(profilenamesrootca==null){ 101 profilenamesrootca = new TreeMap (); 102 Iterator iter = certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_ROOTCA).iterator(); 103 HashMap idtonamemap = certificatestoresession.getCertificateProfileIdToNameMap(admin); 104 while(iter.hasNext()){ 105 Integer id = (Integer ) iter.next(); 106 profilenamesrootca.put(idtonamemap.get(id),id); 107 } 108 } 109 return profilenamesrootca; 110 } 111 112 public TreeMap getEditCertificateProfileNames(boolean includefixedhardtokenprofiles){ 113 if(allprofilenames==null){ 114 boolean superadministrator = false; 116 try{ 117 superadministrator = authorizationsession.isAuthorizedNoLog(admin, "/super_administrator"); 118 }catch(AuthorizationDeniedException ade){} 119 120 allprofilenames = new TreeMap (); 121 Iterator iter= null; 122 if(includefixedhardtokenprofiles){ 123 iter = certificatestoresession.getAuthorizedCertificateProfileIds(admin, 0).iterator(); 124 }else{ 125 ArrayList certprofiles = new ArrayList (); 126 certprofiles.addAll(certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_ENDENTITY)); 127 certprofiles.addAll(certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_ROOTCA)); 128 certprofiles.addAll(certificatestoresession.getAuthorizedCertificateProfileIds(admin, CertificateDataBean.CERTTYPE_SUBCA)); 129 iter = certprofiles.iterator(); 130 } 131 HashMap idtonamemap = certificatestoresession.getCertificateProfileIdToNameMap(admin); 132 while(iter.hasNext()){ 133 134 Integer id = (Integer ) iter.next(); 135 CertificateProfile certprofile = certificatestoresession.getCertificateProfile(admin,id.intValue()); 136 137 if(superadministrator || certprofile.getType() == CertificateProfile.TYPE_ENDENTITY){ 139 if(id.intValue() <= SecConst.FIXED_CERTIFICATEPROFILE_BOUNDRY || 141 (!superadministrator && certprofile.isApplicableToAnyCA())) 142 allprofilenames.put(idtonamemap.get(id) + " (FIXED)",id); 143 else 144 allprofilenames.put(idtonamemap.get(id),id); 145 } 146 } 147 } 148 return allprofilenames; 149 } 150 151 152 153 public TreeMap getCANames(){ 154 if(canames==null){ 155 canames = new TreeMap (); 156 HashMap idtonamemap = this.caadminsession.getCAIdToNameMap(admin); 157 Iterator iter = getAuthorizedCAIds().iterator(); 158 while(iter.hasNext()){ 159 Integer id = (Integer ) iter.next(); 160 canames.put(idtonamemap.get(id),id); 161 } 162 } 163 return canames; 164 } 165 166 public TreeMap getAllCANames(){ 167 allcanames = new TreeMap (); 168 HashMap idtonamemap = this.caadminsession.getCAIdToNameMap(admin); 169 Iterator iter = idtonamemap.keySet().iterator(); 170 while(iter.hasNext()){ 171 Integer id = (Integer ) iter.next(); 172 allcanames.put(idtonamemap.get(id),id); 173 } 174 175 return allcanames; 176 } 177 public void clear(){ 178 authcas=null; 179 profilenamesendentity = null; 180 profilenamessubca = null; 181 profilenamesrootca = null; 182 allprofilenames = null; 183 canames=null; 184 allcanames=null; 185 } 186 187 private Collection authcas = null; 189 private TreeMap profilenamesendentity = null; 190 private TreeMap profilenamessubca = null; 191 private TreeMap profilenamesrootca = null; 192 private TreeMap canames = null; 193 private TreeMap allcanames = null; 194 private TreeMap allprofilenames = null; 195 private Admin admin; 196 private ICAAdminSessionLocal caadminsession; 197 private IAuthorizationSessionLocal authorizationsession; 198 private ICertificateStoreSessionLocal certificatestoresession; 199 200 } 201 202 203 | Popular Tags |