KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > ui > web > admin > cainterface > CertificateProfileDataHandler


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13  
14 package org.ejbca.ui.web.admin.cainterface;
15
16 import java.io.Serializable JavaDoc;
17 import java.util.Collection JavaDoc;
18 import java.util.HashSet JavaDoc;
19
20 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
21 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
22 import org.ejbca.core.model.SecConst;
23 import org.ejbca.core.model.authorization.AuthorizationDeniedException;
24 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfile;
25 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfileExistsException;
26 import org.ejbca.core.model.log.Admin;
27 import org.ejbca.ui.web.admin.configuration.InformationMemory;
28
29 /**
30  * A class handling the certificate type data. It saves and retrieves them currently from a database.
31  *
32  * @author TomSelleck
33  * @version $Id: CertificateProfileDataHandler.java,v 1.1 2006/01/17 20:28:08 anatom Exp $
34  */

35 public class CertificateProfileDataHandler implements Serializable JavaDoc {
36
37     public static final int FIXED_CERTIFICATEPROFILE_BOUNDRY = SecConst.FIXED_CERTIFICATEPROFILE_BOUNDRY;
38     /** Creates a new instance of CertificateProfileDataHandler */
39     public CertificateProfileDataHandler(Admin administrator, ICertificateStoreSessionLocal certificatesession, IAuthorizationSessionLocal authorizationsession, InformationMemory info) {
40        this.certificatestoresession = certificatesession;
41        this.authorizationsession = authorizationsession;
42        this.administrator = administrator;
43        this.info = info;
44     }
45     
46        /** Method to add a certificate profile. Throws CertificateProfileExitsException if profile already exists */
47     public void addCertificateProfile(String JavaDoc name, CertificateProfile profile) throws CertificateProfileExistsException, AuthorizationDeniedException {
48       if(authorizedToProfile(profile, true)){
49         certificatestoresession.addCertificateProfile(administrator, name, profile);
50         this.info.certificateProfilesEdited();
51       }else
52         throw new AuthorizationDeniedException("Not authorized to add certificate profile");
53     }
54
55        /** Method to change a certificate profile. */
56     public void changeCertificateProfile(String JavaDoc name, CertificateProfile profile) throws AuthorizationDeniedException{
57       if(authorizedToProfile(profile, true)){
58         certificatestoresession.changeCertificateProfile(administrator, name,profile);
59         this.info.certificateProfilesEdited();
60       }else
61         throw new AuthorizationDeniedException("Not authorized to edit certificate profile");
62     }
63     
64     /** Method to remove a end entity profile.*/
65     public void removeCertificateProfile(String JavaDoc name) throws AuthorizationDeniedException{
66      if(authorizedToProfileName(name, true)){
67         certificatestoresession.removeCertificateProfile(administrator, name);
68         this.info.certificateProfilesEdited();
69      }else
70         throw new AuthorizationDeniedException("Not authorized to remove certificate profile");
71     }
72     
73     /** Metod to rename a end entity profile */
74     public void renameCertificateProfile(String JavaDoc oldname, String JavaDoc newname) throws CertificateProfileExistsException, AuthorizationDeniedException{
75      if(authorizedToProfileName(oldname, true)){
76        certificatestoresession.renameCertificateProfile(administrator, oldname,newname);
77        this.info.certificateProfilesEdited();
78      }else
79        throw new AuthorizationDeniedException("Not authorized to rename certificate profile");
80     }
81     
82
83     public void cloneCertificateProfile(String JavaDoc originalname, String JavaDoc newname) throws CertificateProfileExistsException, AuthorizationDeniedException{
84       if(authorizedToProfileName(originalname, false)){
85         certificatestoresession.cloneCertificateProfile(administrator, originalname,newname);
86         this.info.certificateProfilesEdited();
87       }else
88          throw new AuthorizationDeniedException("Not authorized to clone certificate profile");
89     }
90     
91
92
93       /** Method to get a reference to a end entity profile.*/
94     public CertificateProfile getCertificateProfile(int id) throws AuthorizationDeniedException{
95       if(!authorizedToProfileId(id, false))
96         throw new AuthorizationDeniedException("Not authorized to certificate profile");
97       
98       return certificatestoresession.getCertificateProfile(administrator, id);
99     }
100           
101     public CertificateProfile getCertificateProfile(String JavaDoc profilename) throws AuthorizationDeniedException{
102      if(!authorizedToProfileName(profilename, false))
103         throw new AuthorizationDeniedException("Not authorized to certificate profile");
104          
105       return certificatestoresession.getCertificateProfile(administrator, profilename);
106     }
107    
108       
109     public int getCertificateProfileId(String JavaDoc profilename){
110       return certificatestoresession.getCertificateProfileId(administrator, profilename);
111     }
112     
113     
114     /**
115      * Help function that checks if administrator is authorized to edit profile with given name.
116      */

117     private boolean authorizedToProfileName(String JavaDoc profilename, boolean editcheck){
118       CertificateProfile profile = certificatestoresession.getCertificateProfile(administrator, profilename);
119       return authorizedToProfile(profile, editcheck);
120     }
121      
122     
123     /**
124      * Help function that checks if administrator is authorized to edit profile with given name.
125      */

126     private boolean authorizedToProfileId(int profileid, boolean editcheck){
127       CertificateProfile profile = certificatestoresession.getCertificateProfile(administrator, profileid);
128       return authorizedToProfile(profile, editcheck);
129     }
130     
131     /**
132      * Help function that checks if administrator is authorized to edit profile.
133      */

134     private boolean authorizedToProfile(CertificateProfile profile, boolean editcheck){
135       boolean returnval = false;
136       try{
137         boolean issuperadministrator = false;
138         try{
139           issuperadministrator = authorizationsession.isAuthorizedNoLog(administrator, "/super_administrator");
140         }catch(AuthorizationDeniedException ade){}
141         
142         if(editcheck)
143           authorizationsession.isAuthorizedNoLog(administrator, "/ca_functionality/edit_certificate_profiles");
144           
145         HashSet JavaDoc authorizedcaids = new HashSet JavaDoc(authorizationsession.getAuthorizedCAIds(administrator));
146        
147         if(profile != null){
148           if(!issuperadministrator && profile.getType() != CertificateProfile.TYPE_ENDENTITY)
149             returnval = false;
150           else{
151             Collection JavaDoc availablecas = profile.getAvailableCAs();
152             if(availablecas.contains(new Integer JavaDoc(CertificateProfile.ANYCA))){
153               if(issuperadministrator && editcheck)
154                 returnval = true;
155               if(!editcheck)
156                 returnval = true;
157             }else
158               returnval = authorizedcaids.containsAll(availablecas);
159           }
160         }
161       }catch(AuthorizationDeniedException e){}
162          
163       return returnval;
164     }
165    
166     private ICertificateStoreSessionLocal certificatestoresession;
167     private Admin administrator;
168     private IAuthorizationSessionLocal authorizationsession;
169     private InformationMemory info;
170 }
171
Popular Tags