1 22 package org.jboss.test.security.proxy; 23 24 import java.rmi.RemoteException ; 25 import java.security.AccessController ; 26 import java.security.Principal ; 27 import javax.ejb.EJBContext ; 28 import javax.naming.Name ; 29 import javax.naming.NamingException ; 30 import javax.naming.directory.Attribute ; 31 import javax.naming.directory.Attributes ; 32 33 import org.jboss.test.security.test.NamespacePermission; 34 import org.jboss.test.security.interfaces.IProjRepository; 35 36 45 public class ProjRepositorySecurityProxy2 implements IProjRepository 46 { 47 org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(getClass()); 48 49 54 private IProjRepository projRepository; 55 private EJBContext ctx; 56 57 public void setEJBContext(EJBContext ctx) 58 { 59 this.ctx = ctx; 60 log.debug("ProjRepositorySecurityProxy2.setEJBContext, ctx="+ctx); 61 } 62 public void setBean(Object bean) 63 { 64 projRepository = (IProjRepository) bean; 65 log.debug("ProjRepositorySecurityProxy2.setBean, bean="+projRepository); 66 } 67 68 public void ejbCreate(Name projectName) 69 { 70 Principal user = ctx.getCallerPrincipal(); 71 String userID = user.getName(); 72 log.debug("ProjRepositorySecurityProxy2.ejbCreate, projectName="+projectName); 73 if( userID.equals("scott") == false && userID.equals("starksm") == false ) 75 throw new SecurityException ("Invalid project userID: "+userID); 76 } 77 78 public void createFolder(Name folderPath) 80 { 81 log.debug("ProjRepositorySecurityProxy2.createFolder, folderPath="+folderPath); 82 } 83 84 public void deleteFolder(Name folderPath,boolean recursive) 85 { 86 log.debug("ProjRepositorySecurityProxy2.deleteFolder, folderPath="+folderPath); 87 } 88 89 public void createItem(Name itemPath,Attributes attributes) 90 { 91 log.debug("ProjRepositorySecurityProxy2.createItem, itemPath="+itemPath); 92 } 93 94 public void updateItem(Name itemPath,Attributes attributes) 95 { 96 log.debug("ProjRepositorySecurityProxy2.updateItem, itemPath="+itemPath); 97 } 98 99 public void deleteItem(Name itemPath) 100 { 101 Principal user = ctx.getCallerPrincipal(); 102 String userID = user.getName(); 103 log.debug("ProjRepositorySecurityProxy2.deleteItem, itemPath="+itemPath); 104 String owner = null; 106 try 107 { 108 Attributes attributes = projRepository.getItem(itemPath); 109 if( attributes != null ) 110 { 111 Attribute attr = attributes.get("owner"); 112 if( attr != null ) 113 owner = (String ) attr.get(); 114 } 115 } 116 catch(Exception e) 117 { 118 log.debug("failed", e); 119 throw new SecurityException ("Failed to obtain owner for: "+itemPath); 120 } 121 122 if( owner == null ) 123 throw new SecurityException ("No owner assigned to: "+itemPath); 124 if( owner.equals(userID) == false ) 125 throw new SecurityException ("User: "+userID+" is not the owner of: "+itemPath); 126 } 127 128 public Attributes getItem(Name itemPath) 129 { 130 NamespacePermission p = new NamespacePermission(itemPath, "r---"); 131 AccessController.checkPermission(p); 132 log.debug("ProjRepositorySecurityProxy2.getItem, itemPath="+itemPath); 133 return null; 134 } 135 137 } 138 | Popular Tags |