AccessController


1   /**
2    * Copyright 2004-2005 jManage.org
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.jmanage.core.services;
17  
18  import org.jmanage.core.services.ServiceContext;
19  import org.jmanage.core.auth.ACL;
20  import org.jmanage.core.auth.ACLStore;
21  import org.jmanage.core.auth.ACLContext;
22  import org.jmanage.core.auth.UnAuthorizedAccessException;
23  
24  /**
25   * TODO: it may make sense to move this to services package - rk
26   *
27   * Date: Mar 14, 2005 12:16:11 AM
28   * @author Shashank Bellary
29   * @author Rakesh Kalra
30   */
31  public class AccessController {
32  
33      /**
34       * This method is normaly ued to conditionalize content.
35       *
36       * @param context   the service context for this call
37       * @param aclName
38       * @return true if the curren tuser can access give acl
39       */
40      public static boolean canAccess(ServiceContext context,
41                                      String   aclName,
42                                      String   targetName){
43  
44          ACL acl = ACLStore.getInstance().getACL(aclName);
45          if(acl == null){
46              /* if acl is not specified, user has access by default */
47              return true;
48          }
49  
50          /* construct ACLContext from ServiceContext */
51          ACLContext aclContext = getACLContext(context, targetName);
52          if(acl.isAuthorized(aclContext, context.getUser())){
53              return true;
54          }
55          return false;
56      }
57  
58      public static boolean canAccess(ServiceContext context,
59                                          String   aclName){
60          return canAccess(context, aclName, null);
61      }
62  
63      public static void checkAccess(ServiceContext context,
64                                      String   aclName,
65                                      String   targetName)
66          throws UnAuthorizedAccessException {
67  
68          if(!canAccess(context, aclName, targetName)){
69              throw new UnAuthorizedAccessException("Insufficient Privileges");
70          }
71      }
72  
73      public static void checkAccess(ServiceContext context,
74                                      String   aclName)
75          throws UnAuthorizedAccessException {
76  
77          checkAccess(context, aclName, null);
78      }
79  
80      private static ACLContext getACLContext(ServiceContext context,
81                                              String   targetName){
82          String   appName = null;
83          String   mbeanName = null;
84          if(context.getApplicationConfig() != null){
85              appName = context.getApplicationConfig().getName();
86          }
87          if(context.getObjectName() != null){
88              mbeanName = context.getObjectName().getCanonicalName();
89          }
90          return new ACLContext(appName, mbeanName, targetName);
91      }
92  }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags