HardTokenProfileDataHandler


1   /*************************************************************************
2    *                                                                       *
3    *  EJBCA: The OpenSource Certificate Authority                          *
4    *                                                                       *
5    *  This software is free software; you can redistribute it and/or       *
6    *  modify it under the terms of the GNU Lesser General Public           *
7    *  License as published by the Free Software Foundation; either         *
8    *  version 2.1 of the License, or any later version.                    *
9    *                                                                       *
10   *  See terms of license at gnu.org.                                     *
11   *                                                                       *
12   *************************************************************************/
13   
14  package org.ejbca.ui.web.admin.hardtokeninterface;
15  
16  import java.io.Serializable  ;
17  import java.util.HashMap  ;
18  import java.util.HashSet  ;
19  
20  import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
21  import org.ejbca.core.ejb.ca.store.CertificateDataBean;
22  import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
23  import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocal;
24  import org.ejbca.core.ejb.ra.IUserAdminSessionLocal;
25  import org.ejbca.core.model.authorization.AuthorizationDeniedException;
26  import org.ejbca.core.model.hardtoken.HardTokenProfileExistsException;
27  import org.ejbca.core.model.hardtoken.profiles.EIDProfile;
28  import org.ejbca.core.model.hardtoken.profiles.HardTokenProfile;
29  import org.ejbca.core.model.log.Admin;
30  import org.ejbca.ui.web.admin.configuration.InformationMemory;
31  import org.ejbca.util.Base64PutHashMap;
32  
33  /**
34   * A class handling the hardtoken profile data.
35   *
36   * @author  TomSelleck
37   * @version $Id: HardTokenProfileDataHandler.java,v 1.2 2006/06/26 08:02:12 anatom Exp $
38   */
39  public class HardTokenProfileDataHandler implements Serializable   {
40  
41      
42      
43      /** Creates a new instance of HardTokenProfileDataHandler */
44      public HardTokenProfileDataHandler(Admin administrator, IHardTokenSessionLocal hardtokensession, ICertificateStoreSessionLocal certificatesession, IAuthorizationSessionLocal authorizationsession, 
45                                         IUserAdminSessionLocal useradminsession, InformationMemory info) {
46         this.hardtokensession = hardtokensession;           
47         this.authorizationsession = authorizationsession;
48         this.certificatesession = certificatesession;
49         this.useradminsession = useradminsession;
50         this.administrator = administrator;          
51         this.info = info;       
52      }
53      
54         /** Method to add a hard token profile. 
55          * 
56          * @return false, if the profile have a bad XML encoding.
57          * @throws HardTokenProfileExitsException if profile already exists  */
58      public boolean addHardTokenProfile(String   name, HardTokenProfile profile) throws HardTokenProfileExistsException, AuthorizationDeniedException {
59        boolean success = false;
60        if(authorizedToProfile(profile, true)){
61          if(checkXMLEncoding(profile)){
62            hardtokensession.addHardTokenProfile(administrator, name, profile);
63            this.info.hardTokenDataEdited();
64            success=true;
65          }  
66           
67        }else
68          throw new AuthorizationDeniedException("Not authorized to add hard token profile");
69        
70        return success;
71      }    
72  
73  
74  
75      /** Method to change a hard token profile. 
76          * 
77          * @return false, if the profile have a bad XML encoding.
78          * */     
79      public boolean changeHardTokenProfile(String   name, HardTokenProfile profile) throws AuthorizationDeniedException{
80          boolean success = false;
81        if(authorizedToProfile(profile, true)){
82            if(checkXMLEncoding(profile)){      
83                hardtokensession.changeHardTokenProfile(administrator, name,profile);   
84                this.info.hardTokenDataEdited();
85                success=true;
86            } 
87        }else
88          throw new AuthorizationDeniedException("Not authorized to edit hard token profile");
89        
90        return success;
91      }
92      
93      /** Method to remove a hard token profile, returns true if deletion failed.*/ 
94      public boolean removeHardTokenProfile(String   name) throws AuthorizationDeniedException{
95        boolean returnval = true;  
96        
97        int profileid = getHardTokenProfileId(name);
98        
99        if(useradminsession.checkForHardTokenProfileId(administrator, profileid))
100         return true;
101       
102       if(hardtokensession.existsHardTokenProfileInHardTokenIssuer(administrator, profileid))
103         return true;  
104         
105       if(authorizedToProfileName(name, true)){    
106         hardtokensession.removeHardTokenProfile(administrator, name);
107         this.info.hardTokenDataEdited();
108         returnval = false;
109       }else
110         throw new AuthorizationDeniedException("Not authorized to remove hard token profile");
111         
112       return returnval;          
113     }
114     
115     /** Metod to rename a hard token profile */
116     public void renameHardTokenProfile(String   oldname, String   newname) throws HardTokenProfileExistsException, AuthorizationDeniedException{
117      if(authorizedToProfileName(oldname, true)){    
118         hardtokensession.renameHardTokenProfile(administrator, oldname,newname);
119        this.info.hardTokenDataEdited();
120      }else
121        throw new AuthorizationDeniedException("Not authorized to rename hard token profile");
122     }
123     
124 
125     public void cloneHardTokenProfile(String   originalname, String   newname) throws HardTokenProfileExistsException, AuthorizationDeniedException{         
126       if(authorizedToProfileName(originalname, false)){
127         hardtokensession.cloneHardTokenProfile(administrator, originalname,newname);
128         this.info.hardTokenDataEdited();
129       }else
130          throw new AuthorizationDeniedException("Not authorized to clone hard token profile");          
131     }        
132     
133 
134 
135       /** Method to get a reference to a Hard Token profile.*/ 
136     public HardTokenProfile getHardTokenProfile(int id) throws AuthorizationDeniedException{
137       if(!authorizedToProfileId(id, false))
138         throw new AuthorizationDeniedException("Not authorized to hard token profile");            
139       
140       return hardtokensession.getHardTokenProfile(administrator, id); 
141     }      
142           
143     public HardTokenProfile getHardTokenProfile(String   profilename) throws AuthorizationDeniedException{
144      if(!authorizedToProfileName(profilename, false))
145         throw new AuthorizationDeniedException("Not authorized to hard token profile");            
146          
147       return hardtokensession.getHardTokenProfile(administrator, profilename);
148     }
149    
150       
151     public int getHardTokenProfileId(String   profilename){
152       return hardtokensession.getHardTokenProfileId(administrator, profilename);  
153     }
154     
155     
156     /**
157      * Help function that checks if administrator is authorized to edit profile with given name.
158      */
159     private boolean authorizedToProfileName(String   profilename, boolean editcheck){
160         HardTokenProfile profile = hardtokensession.getHardTokenProfile(administrator, profilename);
161       return authorizedToProfile(profile, editcheck);
162     }
163      
164     
165     /**
166      * Help function that checks if administrator is authorized to edit profile with given name.
167      */
168     private boolean authorizedToProfileId(int profileid, boolean editcheck){
169       HardTokenProfile profile = hardtokensession.getHardTokenProfile(administrator, profileid);
170       return authorizedToProfile(profile, editcheck);
171     }
172     
173     /**
174      * Help function that checks if administrator is authorized to edit profile.
175      */    
176     private boolean authorizedToProfile(HardTokenProfile profile, boolean editcheck){
177       boolean returnval = false;  
178       try{          
179         try{
180           authorizationsession.isAuthorizedNoLog(administrator, "/super_administrator");
181           return true;  
182         }catch(AuthorizationDeniedException ade){}
183         
184         if(editcheck)        
185           authorizationsession.isAuthorizedNoLog(administrator, "/hardtoken_functionality/edit_hardtoken_profiles");
186           HashSet   authorizedcertprofiles = new HashSet  (certificatesession.getAuthorizedCertificateProfileIds(administrator, CertificateDataBean.CERTTYPE_HARDTOKEN));
187           HashSet   authorizedcaids = new HashSet  (authorizationsession.getAuthorizedCAIds(administrator));
188           if(profile instanceof EIDProfile){            
189             if(authorizedcertprofiles.containsAll(((EIDProfile) profile).getAllCertificateProfileIds()) &&
190                authorizedcaids.containsAll(((EIDProfile) profile).getAllCAIds())){
191               returnval = true;                
192             }           
193           }else{
194             //Implement for other profile types
195           }                           
196         
197       }catch(AuthorizationDeniedException e){}
198           
199       return returnval;  
200     }    
201    
202     /**
203      * Method that test to XML encode and decode a profile.
204      * @param profile 
205      * @return false if something went wrong in the encoding process.
206      */
207     private boolean checkXMLEncoding(HardTokenProfile profile) {
208         boolean success = false;
209         try{
210             
211             java.io.ByteArrayOutputStream   baos = new java.io.ByteArrayOutputStream  ();
212             
213             // We must base64 encode string for UTF safety
214             HashMap   a = new Base64PutHashMap();
215             a.putAll((HashMap  )profile.saveData());
216             java.beans.XMLEncoder   encoder = new java.beans.XMLEncoder  (baos);
217             encoder.writeObject(a);
218             encoder.close();
219             String   data = baos.toString("UTF8");
220             java.beans.XMLDecoder   decoder = new java.beans.XMLDecoder  (
221                         new java.io.ByteArrayInputStream  (data.getBytes("UTF8")));
222             decoder.readObject();
223             decoder.close();
224             
225             success = true;
226         } catch (Exception   e) {
227             success = false;  
228         }
229 
230         return success;
231     }
232     
233     private IHardTokenSessionLocal         hardtokensession; 
234     private Admin                          administrator;
235     private IAuthorizationSessionLocal     authorizationsession;
236     private ICertificateStoreSessionLocal  certificatesession;
237     private IUserAdminSessionLocal         useradminsession;
238     private InformationMemory              info;
239 }
240
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags