ForumFactoryProxy


1   /*
2    * NEMESIS-FORUM.
3    * Copyright (C) 2002  David Laurent(lithium2@free.fr). All rights reserved.
4    * 
5    * Copyright (c) 2000 The Apache Software Foundation. All rights reserved.
6    * 
7    * Copyright (C) 2001 Yasna.com. All rights reserved.
8    * 
9    * Copyright (C) 2000 CoolServlets.com. All rights reserved.
10   * 
11   * NEMESIS-FORUM. is free software; you can redistribute it and/or
12   * modify it under the terms of the Apache Software License, Version 1.1,
13   * or (at your option) any later version.
14   * 
15   * NEMESIS-FORUM core framework, NEMESIS-FORUM backoffice, NEMESIS-FORUM frontoffice
16   * application are parts of NEMESIS-FORUM and are distributed under
17   * same terms of licence.
18   * 
19   * 
20   * NEMESIS-FORUM includes software developed by the Apache Software Foundation (http://www.apache.org/)
21   * and software developed by CoolServlets.com (http://www.coolservlets.com).
22   * and software developed by Yasna.com (http://www.yasna.com).
23   * 
24   */
25  package org.nemesis.forum.proxy;
26  
27  import java.util.Iterator  ;
28  
29  import org.nemesis.forum.Authorization;
30  import org.nemesis.forum.Forum;
31  import org.nemesis.forum.ForumFactory;
32  import org.nemesis.forum.ForumPermissions;
33  import org.nemesis.forum.ProfileManager;
34  import org.nemesis.forum.config.Constants;
35  import org.nemesis.forum.exception.ForumAlreadyExistsException;
36  import org.nemesis.forum.exception.ForumNotFoundException;
37  import org.nemesis.forum.exception.UnauthorizedException;
38  
39  /**
40   * A protection proxy for ForumFactory. It ensures that only authorized users
41   * are allowed to access restricted methods.
42   */
43  public class ForumFactoryProxy extends ForumFactory {
44  
45      private ForumFactory factory;
46      private Authorization authorization;
47      private ForumPermissions permissions;
48  
49      public ForumFactoryProxy(ForumFactory factory, Authorization authorization, ForumPermissions permissions) {
50          this.factory = factory;
51          this.authorization = authorization;
52          this.permissions = permissions;
53      }
54  
55      public Forum createForum(String   name, String   description) throws UnauthorizedException, ForumAlreadyExistsException {
56          if (permissions.get(Constants.SYSTEM_ADMIN)) {
57              Forum newForum = factory.createForum(name, description);
58              return new ForumProxy(newForum, authorization, permissions);
59          } else {
60              throw new UnauthorizedException();
61          }
62      }
63  
64      public void deleteForum(Forum forum) throws UnauthorizedException {
65          if (permissions.get(Constants.SYSTEM_ADMIN)) {
66              factory.deleteForum(forum);
67          } else {
68              throw new UnauthorizedException();
69          }
70      }
71  
72      public Forum getForum(int forumID) throws ForumNotFoundException, UnauthorizedException {
73          Forum forum = factory.getForum(forumID);
74          ForumPermissions forumPermissions = forum.getPermissions(authorization);
75          //Create a new permissions object with the combination of the
76          //permissions of this object and tempPermissions.
77          
78          //:ICI: ************************************************** ilya une erreur
79          
80          ForumPermissions newPermissions = (/*new ForumPermissions(permissions,*/ forumPermissions);
81          //Check and see if the user has READ permissions. If not, throw an
82          //an UnauthorizedException.
83          if (!(newPermissions.get(Constants.READ)
84              || newPermissions.get(Constants.FORUM_ADMIN)
85              || newPermissions.get(Constants.MODERATOR)
86              || newPermissions.get(Constants.SYSTEM_ADMIN))) {
87              throw new UnauthorizedException();
88          }
89          return new ForumProxy(forum, authorization, newPermissions);
90      }
91  
92      public Forum getForum(String   name) throws ForumNotFoundException, UnauthorizedException {
93          Forum forum = factory.getForum(name);
94          ForumPermissions forumPermissions = forum.getPermissions(authorization);
95          //Create a new permissions object with the combination of the
96          //permissions of this object and tempPermissions.
97          //:ICI: **************************************************
98          
99          ForumPermissions newPermissions = (/*new ForumPermissions(permissions,*/ forumPermissions);
100         //Check and see if the user has READ permissions. If not, throw an
101         //an UnauthorizedException.
102         if (!(newPermissions.get(Constants.READ)
103             || newPermissions.get(Constants.FORUM_ADMIN)
104             || newPermissions.get(Constants.MODERATOR)
105             || newPermissions.get(Constants.SYSTEM_ADMIN))) {
106             throw new UnauthorizedException();
107         }
108         return new ForumProxy(forum, authorization, newPermissions);
109     }
110 
111     public int getForumCount() {
112         return factory.getForumCount();
113     }
114 
115     public Iterator   forums() {
116         return new ForumIteratorProxy(factory.forums(), authorization, permissions);
117     }
118     public Iterator   forumsModeration() {
119         return new ForumModeratorIteratorProxy(factory.forums(), authorization, permissions);
120     }
121   
122     public ProfileManager getProfileManager() {
123         ProfileManager profileManager = factory.getProfileManager();
124         return new ProfileManagerProxy(profileManager, authorization, permissions);
125     }
126 
127     /*public SearchIndexer getSearchIndexer() throws UnauthorizedException {
128         if (permissions.get(Constants.SYSTEM_ADMIN)) {
129             return factory.getSearchIndexer();
130         } else {
131             throw new UnauthorizedException();
132         }
133     }*/
134 
135     public int[] usersWithPermission(int permissionType) throws UnauthorizedException {
136         if (permissions.get(Constants.SYSTEM_ADMIN)) {
137             return factory.usersWithPermission(permissionType);
138         } else {
139             throw new UnauthorizedException();
140         }
141     }
142 
143     public int[] groupsWithPermission(int permissionType) throws UnauthorizedException {
144         if (permissions.get(Constants.SYSTEM_ADMIN)) {
145             return factory.groupsWithPermission(permissionType);
146         } else {
147             throw new UnauthorizedException();
148         }
149     }
150 
151     public ForumPermissions getPermissions(Authorization authorization) {
152         return factory.getPermissions(authorization);
153     }
154 
155     public boolean hasPermission(int type) {
156         return permissions.get(type);
157     }
158 
159     /**
160      * Returns the forum factory class that the proxy wraps. In some cases,
161      * this is necessary so that an outside class can get at methods that only
162      * a particular forum factory sublclass contains. Because this is
163      * potentially a dangerours operation, access to the underlying class is
164      * restricted to those with SYSTEM_ADMIN permissions.
165      *
166      * @throws UnauthorizedException if does not have ADMIN permissions.
167      */
168     public ForumFactory getUnderlyingForumFactory() throws UnauthorizedException {
169         if (permissions.get(Constants.SYSTEM_ADMIN)) {
170             return factory;
171         } else {
172             throw new UnauthorizedException();
173         }
174     }
175 }
176
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags