KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > lucane > server > acl > DefaultAccessController


1 /*
2  * Lucane - a collaborative platform
3  * Copyright (C) 2004 Vincent Fiack <vfiack@mail15.com>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19 package org.lucane.server.acl;
20
21 import java.sql.*;
22 import java.util.ArrayList JavaDoc;
23 import java.util.Iterator JavaDoc;
24
25 import org.lucane.common.acl.AclInfo;
26 import org.lucane.common.concepts.*;
27 import org.lucane.server.store.*;
28 import org.lucane.server.Server;
29 import org.lucane.server.database.DatabaseAbstractionLayer;
30
31 public class DefaultAccessController extends AccessController
32 {
33     private static final String JavaDoc TABLENAME = "AccessControl";
34     private DatabaseAbstractionLayer layer;
35     
36     protected DefaultAccessController() throws Exception JavaDoc
37     {
38         this.layer = Server.getInstance().getDBLayer();
39         
40         if(!layer.hasTable(TABLENAME))
41         {
42             String JavaDoc dbDescription = "jar:file:///"
43                 + Server.getInstance().getWorkingDirectory()
44                 + "lib/lucane-server-" +Server.VERSION+ ".jar!/"
45                 + "db-access-control.xml";
46
47             layer.getTableCreator().createFromXml(dbDescription);
48         }
49     }
50     
51     /**
52      * Write an acl in database
53      */
54     private void writeAcl(String JavaDoc appName, String JavaDoc item, String JavaDoc access, boolean allow, String JavaDoc groupName, String JavaDoc userName)
55     throws Exception JavaDoc
56     {
57         Connection connection = layer.getConnection();
58         PreparedStatement insert = connection.prepareStatement(
59                 "INSERT INTO " + TABLENAME + " VALUES(?, ?, ?, ?, ?, ?)");
60         
61         insert.setString(1, appName);
62         insert.setString(2, item);
63         insert.setString(3, access);
64         insert.setInt(4, allow ? 1 : 0);
65         if(groupName == null)
66             insert.setNull(5, Types.VARCHAR);
67         else
68             insert.setString(5, groupName);
69         if(userName == null)
70             insert.setNull(6, Types.VARCHAR);
71         else
72             insert.setString(6, userName);
73
74         insert.execute();
75         insert.close();
76         connection.close();
77     }
78     
79     
80     //-- interface : add ACL
81
82     /**
83      * Allow access to an item for a user
84      */
85     public void allowUser(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc userName)
86     throws Exception JavaDoc
87     {
88         removeAclForUser(appName, item, access, userName);
89         writeAcl(appName, item, access, true, null, userName);
90     }
91     
92     /**
93      * Allow access to an item for a group
94      */
95     public void allowGroup(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc groupName)
96     throws Exception JavaDoc
97     {
98         removeAclForGroup(appName, item, access, groupName);
99         writeAcl(appName, item, access, true, groupName, null);
100     }
101
102     
103     /**
104      * Deny access to an item for a user
105      */
106     public void denyUser(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc userName)
107     throws Exception JavaDoc
108     {
109         removeAclForUser(appName, item, access, userName);
110         writeAcl(appName, item, access, false, null, userName);
111     }
112
113     /**
114      * Deny access to an item for a group
115      */
116     public void denyGroup(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc groupName)
117     throws Exception JavaDoc
118     {
119         removeAclForGroup(appName, item, access, groupName);
120         writeAcl(appName, item, access, false, groupName, null);
121     }
122
123
124     //-- interface : remove ACL
125
126     /**
127      * Remove access information for a user on an item
128      */
129     public void removeAclForUser(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc userName)
130     throws Exception JavaDoc
131     {
132         Connection connection = layer.getConnection();
133         PreparedStatement delete = connection.prepareStatement(
134                 "DELETE FROM " + TABLENAME + " WHERE appName=? AND item=? AND access=? AND userName=?");
135         
136         delete.setString(1, appName);
137         delete.setString(2, item);
138         delete.setString(3, access);
139         delete.setString(4, userName);
140         delete.execute();
141         
142         delete.close();
143         connection.close();
144     }
145     
146     /**
147      * Remove access information for a group on an item
148      */
149     public void removeAclForGroup(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc groupName)
150     throws Exception JavaDoc
151     {
152         Connection connection = layer.getConnection();
153         PreparedStatement delete = connection.prepareStatement(
154                 "DELETE FROM " + TABLENAME + " WHERE appName=? AND item=? AND access=? AND groupName=?");
155         
156         delete.setString(1, appName);
157         delete.setString(2, item);
158         delete.setString(3, access);
159         delete.setString(4, groupName);
160         delete.execute();
161         
162         delete.close();
163         connection.close();
164     }
165     
166     //-- interface : read ACL
167
168     /**
169      * Get all ACLS for a specific item
170      */
171     public AclInfo[] getAcls(String JavaDoc appName, String JavaDoc item)
172     throws Exception JavaDoc
173     {
174         Connection connection = layer.getConnection();
175         PreparedStatement select = connection.prepareStatement(
176                 "SELECT access, allow, groupName, userName FROM " + TABLENAME +
177                 " WHERE appName=? AND item=?");
178
179         select.setString(1, appName);
180         select.setString(2, item);
181         ResultSet rs = select.executeQuery();
182         
183         ArrayList JavaDoc acls = new ArrayList JavaDoc();
184         while(rs.next())
185         {
186             String JavaDoc access = rs.getString(1);
187             int allow = rs.getInt(2);
188             String JavaDoc groupName = rs.getString(3);
189             String JavaDoc userName = rs.getString(4);
190             
191             AclInfo info = new AclInfo(access, allow==1, groupName, userName);
192             acls.add(info);
193         }
194         
195         rs.close();
196         select.close();
197         connection.close();
198         
199         AclInfo[] infos = new AclInfo[acls.size()];
200         for(int i=0;i<acls.size();i++)
201             infos[i] = (AclInfo)acls.get(i);
202         
203         return infos;
204     }
205     
206     /**
207      * Check if a userName is in a groupName
208      */
209     private boolean userNameIsInGroup(String JavaDoc userName, String JavaDoc groupName)
210     throws Exception JavaDoc
211     {
212         UserStore userNameStore = Server.getInstance().getStore().getUserStore();
213         UserConcept concept = userNameStore.getUser(userName);
214         Iterator JavaDoc groups = userNameStore.getAllUserGroups(concept);
215         
216         while(groups.hasNext())
217         {
218             GroupConcept group = (GroupConcept)groups.next();
219             if(group.getName().equals(groupName))
220                 return true;
221         }
222         
223         return false;
224     }
225
226     
227     /**
228      * Get all accesses for a user on an item
229      */
230     public String JavaDoc[] getAccesses(String JavaDoc appName, String JavaDoc item, String JavaDoc userName)
231     throws Exception JavaDoc
232     {
233         AclInfo[] infos = getAcls(appName, item);
234         ArrayList JavaDoc allow = new ArrayList JavaDoc();
235         ArrayList JavaDoc deny = new ArrayList JavaDoc();
236         
237         //separate acl in allow and deny
238 //discard those that don't have anything to do with this userName
239 for(int i=0;i<infos.length;i++)
240         {
241             AclInfo info = infos[i];
242
243             boolean userNameIsConcerned = (info.getUser() != null && info.getUser().equals(userName));
244             if(!userNameIsConcerned)
245                 userNameIsConcerned = (info.getGroup() != null && userNameIsInGroup(userName, info.getGroup()));
246             
247             if(userNameIsConcerned && info.isAllow())
248                 allow.add(info.getAccess());
249             else if(userNameIsConcerned && info.isDeny())
250                 deny.add(info.getAccess());
251         }
252         
253         //deny is prioritary, so we remove denied accesses
254 allow.removeAll(deny);
255                 
256         String JavaDoc[] accesses = new String JavaDoc[allow.size()];
257         for(int i=0;i<allow.size();i++)
258             accesses[i] = (String JavaDoc)allow.get(i);
259         
260         return accesses;
261     }
262     
263     
264     /**
265      * Check if a userName has a specific access on an item
266      */
267     public boolean hasAccess(String JavaDoc appName, String JavaDoc item, String JavaDoc access, String JavaDoc userName)
268     throws Exception JavaDoc
269     {
270         String JavaDoc[] accesses = getAccesses(appName, item, userName);
271         for(int i=0;i<accesses.length;i++)
272         {
273             if(accesses[i].equals(access))
274                 return true;
275         }
276         
277         return false;
278     }
279
280     //-- interface : remove ACL elements
281
282     /**
283      * Remove an item and all linked ACLs
284      */
285     public void removeItem(String JavaDoc appName, String JavaDoc item)
286     throws Exception JavaDoc
287     {
288         Connection connection = layer.getConnection();
289         PreparedStatement delete = connection.prepareStatement(
290                 "DELETE FROM " + TABLENAME + " WHERE appName=? AND item=?");
291         
292         delete.setString(1, appName);
293         delete.setString(2, item);
294         delete.execute();
295         
296         delete.close();
297         connection.close();
298     }
299
300     /**
301      * Remove an user and all linked ACLs
302      */
303     public void removeUser(String JavaDoc userName)
304     throws Exception JavaDoc
305     {
306         Connection connection = layer.getConnection();
307         PreparedStatement delete = connection.prepareStatement(
308                 "DELETE FROM " + TABLENAME + " WHERE userName=?");
309         
310         delete.setString(1, userName);
311         delete.execute();
312         
313         delete.close();
314         connection.close();
315     }
316     
317     
318     /**
319      * Remove an application and all linked ACLs
320      */
321     public void removeApplication(String JavaDoc appName)
322     throws Exception JavaDoc
323     {
324         Connection connection = layer.getConnection();
325         PreparedStatement delete = connection.prepareStatement(
326                 "DELETE FROM " + TABLENAME + " WHERE appName=?");
327         
328         delete.setString(1, appName);
329         delete.execute();
330         
331         delete.close();
332         connection.close();
333     }
334
335     /**
336      * Remove a group and all linked ACLs
337      */
338     public void removeGroup(String JavaDoc groupName)
339     throws Exception JavaDoc
340     {
341         Connection connection = layer.getConnection();
342         PreparedStatement delete = connection.prepareStatement(
343                 "DELETE FROM " + TABLENAME + " WHERE groupName=?");
344         
345         delete.setString(1, groupName);
346         delete.execute();
347         
348         delete.close();
349         connection.close();
350     }
351 }
Popular Tags