|
1
13
14 package org.ejbca.ui.web.admin.rainterface;
15
16 import java.util.HashSet  ;
17
18 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
19 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal;
20 import org.ejbca.core.ejb.ra.raadmin.LocalRaAdminSessionBean;
21 import org.ejbca.core.model.authorization.AuthorizationDeniedException;
22 import org.ejbca.core.model.log.Admin;
23 import org.ejbca.core.model.ra.raadmin.EndEntityProfile;
24 import org.ejbca.core.model.ra.raadmin.EndEntityProfileExistsException;
25 import org.ejbca.ui.web.admin.configuration.InformationMemory;
26
27
32 public class EndEntityProfileDataHandler implements java.io.Serializable {
33
34 public static final String EMPTY_PROFILE = LocalRaAdminSessionBean.EMPTY_ENDENTITYPROFILE;
35
36 public EndEntityProfileDataHandler(Admin administrator, IRaAdminSessionLocal raadminsession, IAuthorizationSessionLocal authorizationsession, InformationMemory info) {
37 this.raadminsession = raadminsession;
38 this.authorizationsession = authorizationsession;
39 this.administrator = administrator;
40 this.info = info;
41 }
42
43
44 public void addEndEntityProfile(String name, EndEntityProfile profile) throws EndEntityProfileExistsException, AuthorizationDeniedException {
45 if(authorizedToProfile(profile, true)){
46 raadminsession.addEndEntityProfile(administrator, name, profile);
47 this.info.endEntityProfilesEdited();
48 }else
49 throw new AuthorizationDeniedException("Not authorized to add end entity profile");
50 }
51
52
53 public void changeEndEntityProfile(String name, EndEntityProfile profile) throws AuthorizationDeniedException{
54 if(authorizedToProfile(profile, true)){
55 raadminsession.changeEndEntityProfile(administrator, name,profile);
56 this.info.endEntityProfilesEdited();
57 }else
58 throw new AuthorizationDeniedException("Not authorized to edit end entity profile");
59 }
60
61
62 public void removeEndEntityProfile(String name) throws AuthorizationDeniedException{
63 if(authorizedToProfileName(name, true)){
64 raadminsession.removeEndEntityProfile(administrator, name);
65 this.info.endEntityProfilesEdited();
66 }else
67 throw new AuthorizationDeniedException("Not authorized to remove end entity profile");
68 }
69
70
71 public void renameEndEntityProfile(String oldname, String newname) throws EndEntityProfileExistsException, AuthorizationDeniedException{
72 if(authorizedToProfileName(oldname, true)){
73 raadminsession.renameEndEntityProfile(administrator, oldname,newname);
74 this.info.endEntityProfilesEdited();
75 }else
76 throw new AuthorizationDeniedException("Not authorized to rename end entity profile");
77 }
78
79
80 public void cloneEndEntityProfile(String originalname, String newname) throws EndEntityProfileExistsException, AuthorizationDeniedException{
81 if(authorizedToProfileName(originalname, true)){
82 raadminsession.cloneEndEntityProfile(administrator, originalname,newname);
83 this.info.endEntityProfilesEdited();
84 }else
85 throw new AuthorizationDeniedException("Not authorized to clone end entity profile");
86 }
87
88
89 public EndEntityProfile getEndEntityProfile(int id) throws AuthorizationDeniedException{
90 if(!authorizedToProfileId(id, false))
91 throw new AuthorizationDeniedException("Not authorized to end entity profile");
92
93 return raadminsession.getEndEntityProfile(administrator, id);
94 }
95
96 public EndEntityProfile getEndEntityProfile(String profilename) throws AuthorizationDeniedException{
97 if(!authorizedToProfileName(profilename, false))
98 throw new AuthorizationDeniedException("Not authorized to end entity profile");
99
100 return raadminsession.getEndEntityProfile(administrator, profilename);
101 }
102
103
104 public int getEndEntityProfileId(String profilename){
105 return raadminsession.getEndEntityProfileId(administrator, profilename);
106 }
107
108
109
110
113 private boolean authorizedToProfileName(String profilename, boolean editcheck){
114 EndEntityProfile profile = null;
115 if(profilename.equals(LocalRaAdminSessionBean.EMPTY_ENDENTITYPROFILE))
116 profile = null;
117 else
118 profile = raadminsession.getEndEntityProfile(administrator, profilename);
119
120 return authorizedToProfile(profile, editcheck);
121 }
122
123
124
127 private boolean authorizedToProfileId(int profileid, boolean editcheck){
128 EndEntityProfile profile = null;
129 if(profileid == LocalRaAdminSessionBean.EMPTY_ENDENTITYPROFILEID)
130 profile = null;
131 else
132 profile = raadminsession.getEndEntityProfile(administrator, profileid);
133
134 return authorizedToProfile(profile, editcheck);
135 }
136
137
140 private boolean authorizedToProfile(EndEntityProfile profile, boolean editcheck){
141 boolean returnval = false;
142 boolean allexists = false;
143 try{
144 if(editcheck)
145 authorizationsession.isAuthorizedNoLog(administrator, "/ra_functionality/edit_end_entity_profiles");
146
147 HashSet authorizedcaids = new HashSet (authorizationsession.getAuthorizedCAIds(administrator));
148
149 if(profile == null && editcheck){
150 authorizationsession.isAuthorizedNoLog(administrator, "/super_administrator");
151 }
152 if(profile == null){
153 returnval = true;
154 }else{
155 String availablecasstring = profile.getValue(EndEntityProfile.AVAILCAS, 0);
156 if(availablecasstring == null || availablecasstring.equals("")){
157 allexists = true;
158 }else{
159 String [] availablecas = profile.getValue(EndEntityProfile.AVAILCAS, 0).split(EndEntityProfile.SPLITCHAR);
160 allexists = true;
161 for(int j=0; j < availablecas.length; j++){
162 if(!authorizedcaids.contains( new Integer (availablecas[j]))){
163 allexists = false;
164 }
165 }
166 }
167 returnval = allexists;
168 }
169 }catch(AuthorizationDeniedException e){}
170
171 return returnval;
172 }
173
174 private IRaAdminSessionLocal raadminsession;
175 private Admin administrator;
176 private IAuthorizationSessionLocal authorizationsession;
177 private InformationMemory info;
178 }
179 |
Popular Tags |
Java API By Example, From Geeks To Geeks.