KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > ui > web > admin > loginterface > LogAuthorization


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13  
14 package org.ejbca.ui.web.admin.loginterface;
15
16 import java.io.Serializable JavaDoc;
17 import java.util.ArrayList JavaDoc;
18 import java.util.Collection JavaDoc;
19 import java.util.Iterator JavaDoc;
20
21 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
22 import org.ejbca.core.model.authorization.AuthorizationDeniedException;
23 import org.ejbca.core.model.authorization.AvailableAccessRules;
24 import org.ejbca.core.model.log.Admin;
25 import org.ejbca.core.model.log.LogConstants;
26 import org.ejbca.core.model.log.LogEntry;
27
28 /**
29  * A class that looks up the which modules a administrator have right to view.
30  * This is done by looking up an administrators privileges in the tree and returning a string to be used in SQL-queries.
31  *
32  * @version $Id: LogAuthorization.java,v 1.1 2006/01/17 20:32:20 anatom Exp $
33  */

34 public class LogAuthorization implements Serializable JavaDoc {
35     
36   
37     
38     /** Creates a new instance of LogAuthorization. */
39     public LogAuthorization(Admin administrator, IAuthorizationSessionLocal authorizationsession) {
40        this.administrator = administrator;
41        this.authorizationsession = authorizationsession;
42     }
43
44     
45     
46     /**
47      * Method that checks the administrators view log privileges to the different modules and returns a string that should be used in where clause of SQL queries.
48      *
49      * @return a string of log module privileges that should be used in the where clause of SQL queries.
50      */

51     public String JavaDoc getViewLogRights() {
52       if(querystring == null){
53         querystring = "";
54         boolean first = true;
55         boolean authorized = false;
56         
57         for(int i = 0 ; i < LogEntry.MODULETEXTS.length; i++){
58           authorized = false;
59           String JavaDoc resource = AvailableAccessRules.VIEWLOGACCESSRULES[i];
60           try{
61             authorized = this.authorizationsession.isAuthorizedNoLog(administrator,resource);
62           }catch(AuthorizationDeniedException e){}
63           if(authorized){
64             if(first){
65               querystring = "(";
66               first = false;
67             }
68             else
69              querystring += " OR ";
70              
71             querystring += "module=" + i;
72           }
73         }
74        
75        if(!querystring.equals(""))
76         querystring += ")";
77         
78      }
79               
80       return querystring;
81     }
82     
83     /**
84      * Method that checks the administrators view log privileges to the different CAs and returns a string that should be used in where clause of SQL queries.
85      *
86      * @return a string of log module privileges that should be used in the where clause of SQL queries.
87      */

88     public String JavaDoc getCARights(){
89       if(caidstring == null){
90         caidstring = "";
91         
92         Iterator JavaDoc iter = this.authorizationsession.getAuthorizedCAIds(administrator).iterator();
93          
94         try{
95           this.authorizationsession.isAuthorizedNoLog(administrator, "/super_administrator");
96           caidstring = " caid = " + LogConstants.INTERNALCAID;
97         }catch(AuthorizationDeniedException e){}
98       
99         
100         while(iter.hasNext()){
101           if(caidstring.equals(""))
102             caidstring = " caid = " + ((Integer JavaDoc) iter.next()).toString();
103           else
104             caidstring = caidstring + " OR caid = " + ((Integer JavaDoc) iter.next()).toString();
105         }
106           
107       }
108       
109       return caidstring;
110     }
111     
112     public void clear(){
113       this.querystring = null;
114       this.caidstring = null;
115       this.authorizedmodules = null;
116     }
117     
118     public Collection JavaDoc getAuthorizedModules(){
119        if(authorizedmodules == null){
120          authorizedmodules = new ArrayList JavaDoc();
121          
122          for(int i=0; i < AvailableAccessRules.VIEWLOGACCESSRULES.length; i++){
123              try{
124                 this.authorizationsession.isAuthorizedNoLog(administrator,AvailableAccessRules.VIEWLOGACCESSRULES[i]);
125                 authorizedmodules.add(new Integer JavaDoc(i));
126              }catch(AuthorizationDeniedException ade){}
127          }
128       }
129        return authorizedmodules;
130     }
131  
132     
133     
134     // Private fields.
135
private String JavaDoc querystring = null;
136     private String JavaDoc caidstring = null;
137     private Collection JavaDoc authorizedmodules = null;
138     private IAuthorizationSessionLocal authorizationsession;
139     private Admin administrator;
140
141 }
142
143
144
Popular Tags