KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > ui > web > admin > configuration > InformationMemory


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/
13  
14 /*
15  * InformationMemory.java
16  *
17  * Created on den 14 juli 2003, 14:05
18  */
19
20 package org.ejbca.ui.web.admin.configuration;
21 import java.util.ArrayList JavaDoc;
22 import java.util.Collection JavaDoc;
23 import java.util.HashMap JavaDoc;
24 import java.util.HashSet JavaDoc;
25 import java.util.Iterator JavaDoc;
26 import java.util.TreeMap JavaDoc;
27
28 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
29 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal;
30 import org.ejbca.core.ejb.ca.publisher.IPublisherSessionLocal;
31 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
32 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocal;
33 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal;
34 import org.ejbca.core.model.SecConst;
35 import org.ejbca.core.model.authorization.AdminGroup;
36 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfile;
37 import org.ejbca.core.model.log.Admin;
38 import org.ejbca.core.model.ra.RAAuthorization;
39 import org.ejbca.core.model.ra.raadmin.EndEntityProfile;
40 import org.ejbca.core.model.ra.raadmin.GlobalConfiguration;
41 import org.ejbca.ui.web.admin.cainterface.CAAuthorization;
42 import org.ejbca.ui.web.admin.cainterface.CertificateProfileNameProxy;
43 import org.ejbca.ui.web.admin.hardtokeninterface.HardTokenAuthorization;
44 import org.ejbca.ui.web.admin.loginterface.LogAuthorization;
45 import org.ejbca.ui.web.admin.rainterface.EndEntityProfileNameProxy;
46
47
48 /**
49  * A class used to improve performance by proxying authorization information about the administrator.
50  * It should be used in all jsp interface bean classes.
51  * @author TomSelleck
52  * @version $Id: InformationMemory.java,v 1.2 2006/08/09 07:29:47 herrvendil Exp $
53  */
54 public class InformationMemory implements java.io.Serializable JavaDoc {
55     
56     /** Creates a new instance of ProfileNameProxy */
57     public InformationMemory(Admin administrator,
58                              ICAAdminSessionLocal caadminsession,
59                              IRaAdminSessionLocal raadminsession,
60                              IAuthorizationSessionLocal authorizationsession,
61                              ICertificateStoreSessionLocal certificatestoresession,
62                              IHardTokenSessionLocal hardtokensession,
63                              IPublisherSessionLocal publishersession,
64                              GlobalConfiguration globalconfiguration){
65       this.caadminsession = caadminsession;
66       this.administrator = administrator;
67       this.raadminsession = raadminsession;
68       this.authorizationsession = authorizationsession;
69       this.certificatestoresession = certificatestoresession;
70       this.publishersession = publishersession;
71       this.globalconfiguration = globalconfiguration;
72       
73       this.raauthorization = new RAAuthorization(administrator, raadminsession, authorizationsession);
74       this.caauthorization = new CAAuthorization(administrator, caadminsession, certificatestoresession, authorizationsession);
75       this.logauthorization = new LogAuthorization(administrator, authorizationsession);
76       this.hardtokenauthorization = new HardTokenAuthorization(administrator, hardtokensession, authorizationsession);
77     }
78     
79     
80     /**
81      * Returns a Map of end entity profile id (Integer) -> end entity profile name (String).
82      */
83     public HashMap JavaDoc getEndEntityProfileIdToNameMap(){
84       if(endentityprofileidtonamemap == null){
85         endentityprofileidtonamemap = raadminsession.getEndEntityProfileIdToNameMap(administrator);
86       }
87       
88       return endentityprofileidtonamemap;
89     }
90     
91
92     /**
93      * Returns a Map of certificate profile id (Integer) -> certificate name (String).
94      */
95     public HashMap JavaDoc getCertificateProfileIdToNameMap(){
96       if(certificateprofileidtonamemap == null){
97         certificateprofileidtonamemap = this.certificatestoresession.getCertificateProfileIdToNameMap(administrator);
98       }
99       
100       return certificateprofileidtonamemap;
101     }
102
103     /**
104      * Returns a Map of CA id (Integer) -> CA name (String).
105      */
106     public HashMap JavaDoc getCAIdToNameMap(){
107       if(caidtonamemap == null){
108         caidtonamemap = caadminsession.getCAIdToNameMap(administrator);
109       }
110       
111       return caidtonamemap;
112     }
113     
114     /**
115      * Returns a Map of hard token profile id (Integer) -> hard token profile name (String).
116      */
117     public HashMap JavaDoc getHardTokenProfileIdToNameMap(){
118       return this.hardtokenauthorization.getHardTokenProfileIdToNameMap();
119     }
120     
121     /**
122      * Returns authorized end entity profile names as a treemap of name (String) -> id (Integer)
123      */
124     public TreeMap JavaDoc getAuthorizedEndEntityProfileNames(){
125       return this.raauthorization.getAuthorizedEndEntityProfileNames();
126     }
127     
128     /**
129      * Returns end entity profile names with create rights as a treemap of name (String) -> id (Integer)
130      */
131     public TreeMap JavaDoc getCreateAuthorizedEndEntityProfileNames(){
132         if(globalconfiguration.getEnableEndEntityProfileLimitations())
133           return this.raauthorization.getCreateAuthorizedEndEntityProfileNames();
134           
135         return this.raauthorization.getAuthorizedEndEntityProfileNames();
136     }
137
138     /**
139      * Returns end entity profile names with view rights as a treemap of name (String) -> id (Integer)
140      */
141     public TreeMap JavaDoc getViewAuthorizedEndEntityProfileNames(){
142         if(globalconfiguration.getEnableEndEntityProfileLimitations())
143           return this.raauthorization.getViewAuthorizedEndEntityProfileNames();
144           
145         return this.raauthorization.getAuthorizedEndEntityProfileNames();
146     }
147
148     
149     /**
150      * Returns authorized end entity certificate profile names as a treemap of name (String) -> id (Integer)
151      */
152     public TreeMap JavaDoc getAuthorizedEndEntityCertificateProfileNames(){
153       return this.caauthorization.getAuthorizedEndEntityCertificateProfileNames(getGlobalConfiguration().getIssueHardwareTokens());
154     }
155
156     /**
157      * Returns authorized sub CA certificate profile names as a treemap of name (String) -> id (Integer)
158      */
159     public TreeMap JavaDoc getAuthorizedSubCACertificateProfileNames(){
160       return this.caauthorization.getAuthorizedSubCACertificateProfileNames();
161     }
162     
163     /**
164      * Returns authorized root CA certificate profile names as a treemap of name (String) -> id (Integer)
165      */
166     public TreeMap JavaDoc getAuthorizedRootCACertificateProfileNames(){
167       return this.caauthorization.getAuthorizedRootCACertificateProfileNames();
168     }
169     
170     /**
171      * Returns all authorized certificate profile names as a treemap of name (String) -> id (Integer)
172      */
173     public TreeMap JavaDoc getEditCertificateProfileNames(){
174       return this.caauthorization.getEditCertificateProfileNames(getGlobalConfiguration().getIssueHardwareTokens());
175     }
176     
177     /**
178      * Returns a CA names as a treemap of name (String) -> id (Integer).
179      * Doesn't include external CAs.
180      */
181     public TreeMap JavaDoc getCANames(){
182       return this.caauthorization.getCANames();
183     }
184  
185     /**
186      * Returns a CA names as a treemap of name (String) -> id (Integer).
187      * Also includes external CAs
188      */
189     public TreeMap JavaDoc getAllCANames(){
190       return this.caauthorization.getAllCANames();
191     }
192
193
194     /**
195      * Returns string used in view log queries.
196      */
197     public String JavaDoc getViewLogQueryString(){
198       return this.logauthorization.getViewLogRights();
199     }
200
201     /**
202      * Returns string used in view log queries.
203      */
204     public String JavaDoc getViewLogCAIdString(){
205       return this.logauthorization.getCARights();
206     }
207     
208     /**
209      * Returns a collection of module ids the administrator is authorized to view log of.
210      */
211     public Collection JavaDoc getAuthorizedModules(){
212         return this.logauthorization.getAuthorizedModules();
213     }
214     
215     /**
216      * Returns CA authorization string used in userdata queries.
217      */
218     public String JavaDoc getUserDataQueryCAAuthoorizationString(){
219       return this.raauthorization.getCAAuthorizationString();
220     }
221
222     /**
223      * Returns CA authorization string used in userdata queries.
224      */
225     public String JavaDoc getUserDataQueryEndEntityProfileAuthorizationString(){
226       return this.raauthorization.getEndEntityProfileAuthorizationString(true);
227     }
228     
229     
230     /**
231      * Returns a Collection of Integer containing authorized CA ids.
232      */
233     public Collection JavaDoc getAuthorizedCAIds(){
234       return caauthorization.getAuthorizedCAIds();
235     }
236     
237     /**
238      * Returns the system configuration (GlobalConfiguration).
239      */
240     public GlobalConfiguration getGlobalConfiguration(){
241       return globalconfiguration;
242     }
243     
244     /**
245      * Returns the end entity profile name proxy
246      */
247     public EndEntityProfileNameProxy getEndEntityProfileNameProxy(){
248       if(endentityprofilenameproxy == null)
249         endentityprofilenameproxy = new EndEntityProfileNameProxy(administrator, raadminsession);
250         
251       return endentityprofilenameproxy;
252     }
253     
254     /**
255      * Returns the end entity profile name proxy
256      */
257     public CertificateProfileNameProxy getCertificateProfileNameProxy(){
258       if(certificateprofilenameproxy == null)
259         certificateprofilenameproxy = new CertificateProfileNameProxy(administrator, certificatestoresession);
260         
261       return certificateprofilenameproxy;
262     }
263     
264     /**
265      * Method returning the all available publishers id to name.
266      *
267      * @return the publisheridtonamemap (HashMap)
268      */
269     public HashMap JavaDoc getPublisherIdToNameMap(){
270         if(publisheridtonamemap == null)
271            publisheridtonamemap = publishersession.getPublisherIdToNameMap(administrator);
272            
273          return publisheridtonamemap;
274     }
275     
276     /**
277      * Returns all authorized publishers names as a treemap of name (String) -> id (Integer).
278      */
279     public TreeMap JavaDoc getAuthorizedPublisherNames(){
280         if(publishernames==null){
281             publishernames = new TreeMap JavaDoc();
282             Iterator JavaDoc iter = publishersession.getAuthorizedPublisherIds(administrator).iterator();
283             HashMap JavaDoc idtonamemap = getPublisherIdToNameMap();
284             while(iter.hasNext()){
285                 Integer JavaDoc id = (Integer JavaDoc) iter.next();
286                 publishernames.put(idtonamemap.get(id),id);
287             }
288         }
289         return publishernames;
290     }
291         
292     /**
293      * Method that calculates the available cas to an end entity. Used in add/edit end entity pages.
294      * It calculates a set of available CAs as an intersection of:
295      * - The administrators authorized CAs
296      * - The end entity profiles available CAs
297      * - The certificate profiles available CAs.
298      *
299      * @param The id of end entity profile to retrieve set form.
300      * @returns a HashMap of CertificateProfileId to Collection. It returns a set of avialable CAs per certificate profile.
301      */
302     
303     public HashMap JavaDoc getEndEntityAvailableCAs(int endentityprofileid){
304       if(endentityavailablecas == null){
305         // Build new structure.
306 Collection JavaDoc authorizedcas = getAuthorizedCAIds();
307           
308         HashMap JavaDoc certproftemp = new HashMap JavaDoc();
309           
310         endentityavailablecas = new HashMap JavaDoc();
311         Iterator JavaDoc endentityprofileiter = raadminsession.getAuthorizedEndEntityProfileIds(administrator).iterator();
312         while(endentityprofileiter.hasNext()){
313            Integer JavaDoc nextendentityprofileid = (Integer JavaDoc) endentityprofileiter.next();
314            EndEntityProfile endentityprofile = raadminsession.getEndEntityProfile(administrator,nextendentityprofileid.intValue());
315            String JavaDoc[] values = endentityprofile.getValue(EndEntityProfile.AVAILCAS,0).split(EndEntityProfile.SPLITCHAR);
316            ArrayList JavaDoc endentityprofileavailcas = new ArrayList JavaDoc();
317            for(int i=0;i < values.length;i++){
318              endentityprofileavailcas.add(new Integer JavaDoc(values[i]));
319            }
320            
321            boolean endentityprofileallcas = false;
322            if(endentityprofileavailcas.contains(new Integer JavaDoc(SecConst.ALLCAS))){
323              endentityprofileallcas = true;
324            }
325            
326            values = endentityprofile.getValue(EndEntityProfile.AVAILCERTPROFILES,0).split(EndEntityProfile.SPLITCHAR);
327            HashMap JavaDoc certificateprofilemap = new HashMap JavaDoc();
328            for(int i=0;i < values.length;i++){
329              Integer JavaDoc nextcertprofileid = new Integer JavaDoc(values[i]);
330              CertificateProfile certprofile = (CertificateProfile) certproftemp.get(nextcertprofileid);
331              if(certprofile == null){
332                certprofile = certificatestoresession.getCertificateProfile(administrator,nextcertprofileid.intValue());
333                certproftemp.put(nextcertprofileid,certprofile);
334              }
335              
336              Collection JavaDoc certprofilesavailablecas = certprofile.getAvailableCAs();
337              if(certprofilesavailablecas.contains(new Integer JavaDoc(CertificateProfile.ANYCA))){
338                ArrayList JavaDoc authorizedcastemp = new ArrayList JavaDoc(authorizedcas);
339                if(!endentityprofileallcas)
340                  authorizedcastemp.retainAll(endentityprofileavailcas);
341                certificateprofilemap.put(nextcertprofileid,authorizedcastemp);
342              }else{
343                ArrayList JavaDoc authorizedcastemp = new ArrayList JavaDoc(authorizedcas);
344                if(!endentityprofileallcas)
345                  authorizedcastemp.retainAll(endentityprofileavailcas);
346                authorizedcastemp.retainAll(certprofilesavailablecas);
347                certificateprofilemap.put(nextcertprofileid,authorizedcastemp);
348              }
349            }
350            endentityavailablecas.put(nextendentityprofileid, certificateprofilemap);
351         }
352       }
353         
354       return (HashMap JavaDoc) endentityavailablecas.get(new Integer JavaDoc(endentityprofileid));
355     }
356
357     /**
358      * Returns a administrators set of authorized available accessrules.
359      *
360      * @return A HashSet containing the administrators authorized available accessrules.
361      */
362
363     public HashSet JavaDoc getAuthorizedAccessRules(){
364       if(authorizedaccessrules == null)
365         authorizedaccessrules = new HashSet JavaDoc(authorizationsession.getAuthorizedAvailableAccessRules(administrator));
366         
367        return authorizedaccessrules;
368     }
369
370     /**
371      * @see org.ejbca.ui.web.admin.hardtokeninterface.HardTokenAuthorization.java
372      */
373     public TreeMap JavaDoc getHardTokenProfiles(){
374        return hardtokenauthorization.getHardTokenProfiles();
375     }
376     
377     /**
378      * @see org.ejbca.ui.web.admin.hardtokeninterface.HardTokenAuthorization.java
379      */
380     public boolean authorizedToHardTokenProfiles(String JavaDoc name){
381        return hardtokenauthorization.authorizedToHardTokenProfile(name);
382     }
383     
384     /**
385      * @see org.ejbca.ui.web.admin.hardtokeninterface.HardTokenAuthorization.java
386      */
387     public TreeMap JavaDoc getHardTokenIssuers(){
388        return hardtokenauthorization.getHardTokenIssuers();
389     }
390     
391     /**
392      * @see org.ejbca.ui.web.admin.hardtokeninterface.HardTokenAuthorization.java
393      */
394     public boolean authorizedToHardTokenIssuer(String JavaDoc alias){
395        return hardtokenauthorization.authorizedToHardTokenIssuer(alias);
396     }
397
398
399     /**
400      * @see org.ejbca.ui.web.admin.hardtokeninterface.HardTokenAuthorization.java
401      */
402     public Collection JavaDoc getHardTokenIssuingAdminGroups(){
403       return hardtokenauthorization.getHardTokenIssuingAdminGroups();
404     }
405
406     /**
407      * Returns a sorted map with authorized admingroupname -> admingroupid
408      */
409
410     public TreeMap JavaDoc getAuthorizedAdminGroups(){
411       if(authgroups == null){
412         authgroups = new TreeMap JavaDoc();
413         HashMap JavaDoc caidtoname = getCAIdToNameMap();
414         Iterator JavaDoc iter = this.authorizationsession.getAuthorizedAdminGroupNames(administrator).iterator();
415         while(iter.hasNext()){
416           AdminGroup admingroup = (AdminGroup) iter.next();
417           authgroups.put(admingroup.getAdminGroupName() + ", CA: " + caidtoname.get(new Integer JavaDoc(admingroup.getCAId())),new Integer JavaDoc(admingroup.getAdminGroupId()));
418         }
419       }
420         
421       return authgroups;
422     }
423
424
425     /**
426      * Returns a map with authorized admingroupid -> admingroupname
427      */
428     
429     public HashMap JavaDoc getAdminGroupIdToNameMap(){
430       if(admingrpidmap == null){
431         TreeMap JavaDoc admingrpnames = getAuthorizedAdminGroups();
432         admingrpidmap = new HashMap JavaDoc();
433         Iterator JavaDoc iter = admingrpnames.keySet().iterator();
434         while(iter.hasNext()){
435             Object JavaDoc next = iter.next();
436             admingrpidmap.put(admingrpnames.get(next) ,next);
437         }
438         
439       }
440         
441       return admingrpidmap;
442     }
443
444     
445     /**
446      * Method that should be called every time CA configuration is edited.
447      */
448     public void cAsEdited(){
449       authgroups = null;
450       admingrpidmap = null;
451       caidtonamemap = null;
452       endentityavailablecas = null;
453       authorizedaccessrules = null;
454       logauthorization.clear();
455       raauthorization.clear();
456       caauthorization.clear();
457       hardtokenauthorization.clear();
458     }
459     
460
461     /**
462      * Method that should be called every time a end entity profile has been edited
463      */
464     public void endEntityProfilesEdited(){
465       endentityprofileidtonamemap = null;
466       endentityprofilenameproxy = null;
467       endentityavailablecas = null;
468       authorizedaccessrules = null;
469       raauthorization.clear();
470     }
471     
472     /**
473      * Method that should be called every time a certificate profile has been edited
474      */
475     public void certificateProfilesEdited(){
476       certificateprofileidtonamemap = null;
477       certificateprofilenameproxy = null;
478       endentityavailablecas = null;
479       raauthorization.clear();
480       caauthorization.clear();
481       hardtokenauthorization.clear();
482     }
483     
484     /**
485      * Method that should be called every time a publisher has been edited
486      */
487     public void publishersEdited(){
488         publisheridtonamemap = null;
489         publishernames = null;
490     }
491     
492     /**
493      * Method that should be called every time a administrative privilegdes has been edited
494      */
495     public void administrativePriviledgesEdited(){
496       endentityavailablecas = null;
497       authgroups = null;
498       admingrpidmap = null;
499       logauthorization.clear();
500       raauthorization.clear();
501       caauthorization.clear();
502       hardtokenauthorization.clear();
503     }
504
505     /**
506      * Method that should be called every time hard token issuers has been edited
507      */
508     public void hardTokenDataEdited(){
509       hardtokenauthorization.clear();
510     }
511
512     
513     /**
514      * Method that should be called every time the system configuration has been edited
515      */
516     public void systemConfigurationEdited(GlobalConfiguration globalconfiguration){
517       this.globalconfiguration = globalconfiguration;
518       logauthorization.clear();
519       raauthorization.clear();
520       caauthorization.clear();
521       hardtokenauthorization.clear();
522     }
523     
524     
525     // Private fields
526 private Admin administrator;
527     // Session Bean interfaces
528 private ICAAdminSessionLocal caadminsession;
529     private IRaAdminSessionLocal raadminsession;
530     private IAuthorizationSessionLocal authorizationsession;
531     private IPublisherSessionLocal publishersession;
532     private ICertificateStoreSessionLocal certificatestoresession;
533     
534     // Memory variables.
535 LogAuthorization logauthorization = null;
536     RAAuthorization raauthorization = null;
537     CAAuthorization caauthorization = null;
538     HardTokenAuthorization hardtokenauthorization = null;
539     
540     HashMap JavaDoc endentityprofileidtonamemap = null;
541     HashMap JavaDoc caidtonamemap = null;
542     HashMap JavaDoc certificateprofileidtonamemap = null;
543     HashMap JavaDoc endentityavailablecas = null;
544     HashMap JavaDoc publisheridtonamemap = null;
545
546     TreeMap JavaDoc authgroups = null;
547     TreeMap JavaDoc publishernames = null;
548     HashMap JavaDoc admingrpidmap = null;
549     
550     HashSet JavaDoc authorizedaccessrules = null;
551     
552     GlobalConfiguration globalconfiguration = null;
553     EndEntityProfileNameProxy endentityprofilenameproxy = null;
554     CertificateProfileNameProxy certificateprofilenameproxy = null;
555 }
556
Popular Tags