KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ofbiz > content > content > ContentPermissionServices


1 /*
2  * $Id: ContentPermissionServices.java 5462 2005-08-05 18:35:48Z jonesde $
3  *
4  * Copyright (c) 2003-2005 The Open For Business Project - www.ofbiz.org
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a
7  * copy of this software and associated documentation files (the "Software"),
8  * to deal in the Software without restriction, including without limitation
9  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10  * and/or sell copies of the Software, and to permit persons to whom the
11  * Software is furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included
14  * in all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
17  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
19  * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
20  * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
21  * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
22  * THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23  *
24  */
25 package org.ofbiz.content.content;
26
27 import java.util.ArrayList JavaDoc;
28 import java.util.HashMap JavaDoc;
29 import java.util.List JavaDoc;
30 import java.util.Map JavaDoc;
31
32 import org.ofbiz.base.util.Debug;
33 import org.ofbiz.base.util.StringUtil;
34 import org.ofbiz.base.util.UtilMisc;
35 import org.ofbiz.base.util.UtilValidate;
36 import org.ofbiz.entity.GenericDelegator;
37 import org.ofbiz.entity.GenericEntityException;
38 import org.ofbiz.entity.GenericValue;
39 import org.ofbiz.entityext.permission.EntityPermissionChecker;
40 import org.ofbiz.security.Security;
41 import org.ofbiz.service.DispatchContext;
42 import org.ofbiz.service.ModelService;
43 import org.ofbiz.service.ServiceUtil;
44 import org.ofbiz.service.GenericServiceException;
45 import org.ofbiz.service.LocalDispatcher;
46
47
48 /**
49  * ContentPermissionServices Class
50  *
51  * @author <a HREF="mailto:byersa@automationgroups.com">Al Byers</a>
52  * @version $Rev: 5462 $
53  * @since 2.2
54  *
55  * Services for granting operation permissions on Content entities in a data-driven manner.
56  */
57 public class ContentPermissionServices {
58
59     public static final String JavaDoc module = ContentPermissionServices.class.getName();
60
61
62     public ContentPermissionServices() {}
63
64     /**
65      * checkContentPermission
66      *
67      *@param dctx The DispatchContext that this service is operating in
68      *@param context Map containing the input parameters
69      *@return Map with the result of the service, the output parameters
70      *
71      * This service goes thru a series of test to determine if the user has
72      * authority to performed anyone of the passed in target operations.
73      *
74      * It expects a Content entity in "currentContent"
75      * It expects a list of contentOperationIds in "targetOperationList" rather
76      * than a scalar because it is thought that sometimes more than one operation
77      * would fit the situation.
78      * Similarly, it expects a list of contentPurposeTypeIds in "contentPurposeList".
79      * Again, normally there will just be one, but it is possible that a Content
80      * entity could have multiple purposes associated with it.
81      * The userLogin GenericValue is also required.
82      * A list of roleTypeIds is also possible.
83      *
84      * The basic sequence of testing events is:
85      * First the ContentPurposeOperation table is checked to see if there are any
86      * entries with matching purposes (and operations) with no roleTypeId (ie. _NA_).
87      * This is done because it would be the most common scenario and is quick to check.
88      *
89      * Secondly, the CONTENTMGR permission is checked.
90      *
91      * Thirdly, the ContentPurposeOperation table is rechecked to see if there are
92      * any conditions with roleTypeIds that match associated ContentRoles tied to the
93      * user.
94      * If a Party of "PARTY_GROUP" type is found, the PartyRelationship table is checked
95      * to see if the current user is linked to that group.
96      *
97      * If no match is found to this point and the current Content entity has a value for
98      * ownerContentId, then the last step is recusively applied, using the ContentRoles
99      * associated with the ownerContent entity.
100      */
101     public static Map JavaDoc checkContentPermission(DispatchContext dctx, Map JavaDoc context) {
102
103         Security security = dctx.getSecurity();
104         GenericDelegator delegator = dctx.getDelegator();
105         String JavaDoc statusId = (String JavaDoc) context.get("statusId");
106         String JavaDoc privilegeEnumId = (String JavaDoc) context.get("privilegeEnumId");
107         GenericValue content = (GenericValue) context.get("currentContent");
108         Boolean JavaDoc bDisplayFailCond = (Boolean JavaDoc)context.get("displayFailCond");
109         boolean displayFailCond = false;
110         if (bDisplayFailCond != null && bDisplayFailCond.booleanValue()) {
111              displayFailCond = true;
112         }
113                 Debug.logInfo("displayFailCond(0):" + displayFailCond, "");
114         Boolean JavaDoc bDisplayPassCond = (Boolean JavaDoc)context.get("displayPassCond");
115         boolean displayPassCond = false;
116         if (bDisplayPassCond != null && bDisplayPassCond.booleanValue()) {
117              displayPassCond = true;
118         }
119                 Debug.logInfo("displayPassCond(0):" + displayPassCond, "");
120         Map JavaDoc results = new HashMap JavaDoc();
121         String JavaDoc contentId = null;
122         if (content != null)
123             contentId = content.getString("contentId");
124         GenericValue userLogin = (GenericValue) context.get("userLogin");
125         String JavaDoc partyId = (String JavaDoc) context.get("partyId");
126         if (UtilValidate.isEmpty(partyId)) {
127             String JavaDoc passedUserLoginId = (String JavaDoc)context.get("userLoginId");
128             if (UtilValidate.isNotEmpty(passedUserLoginId)) {
129                 try {
130                     userLogin = delegator.findByPrimaryKeyCache("UserLogin", UtilMisc.toMap("userLoginId", passedUserLoginId));
131                     if (userLogin != null) {
132                         partyId = userLogin.getString("partyId");
133                     }
134                 } catch(GenericEntityException e) {
135                     ServiceUtil.returnError(e.getMessage());
136                 }
137             }
138         }
139         if (UtilValidate.isEmpty(partyId) && userLogin != null) {
140             partyId = userLogin.getString("partyId");
141         }
142
143  
144         // Do entity permission check. This will pass users with administrative permissions.
145 boolean passed = false;
146         // I realized, belatedly, that I wanted to be able to pass parameters in as
147 // strings so this service could be used in an action event directly,
148 // so I had to write this code to handle both list and strings
149 List JavaDoc passedPurposes = (List JavaDoc) context.get("contentPurposeList");
150         String JavaDoc contentPurposeString = (String JavaDoc) context.get("contentPurposeString");
151         //Debug.logInfo("contentPurposeString(b):" + contentPurposeString, "");
152 if (UtilValidate.isNotEmpty(contentPurposeString)) {
153             List JavaDoc purposesFromString = StringUtil.split(contentPurposeString, "|");
154             if (passedPurposes == null) {
155                 passedPurposes = new ArrayList JavaDoc();
156             }
157             passedPurposes.addAll(purposesFromString);
158         }
159         
160         EntityPermissionChecker.StdAuxiliaryValueGetter auxGetter = new EntityPermissionChecker.StdAuxiliaryValueGetter("ContentPurpose", "contentPurposeTypeId", "contentId");
161         // Sometimes permissions need to be checked before an entity is created, so
162 // there needs to be a method for setting a purpose list
163 auxGetter.setList(passedPurposes);
164         //Debug.logInfo("passedPurposes(b):" + passedPurposes, "");
165 List JavaDoc targetOperations = (List JavaDoc) context.get("targetOperationList");
166         //Debug.logInfo("targetOperations(b):" + targetOperations, "");
167 String JavaDoc targetOperationString = (String JavaDoc) context.get("targetOperationString");
168         //Debug.logInfo("targetOperationString(b):" + targetOperationString, "");
169 if (UtilValidate.isNotEmpty(targetOperationString)) {
170             List JavaDoc operationsFromString = StringUtil.split(targetOperationString, "|");
171             if (targetOperations == null) {
172                 targetOperations = new ArrayList JavaDoc();
173             }
174             targetOperations.addAll(operationsFromString);
175         }
176         //Debug.logInfo("targetOperations(c):" + targetOperations, "");
177 EntityPermissionChecker.StdPermissionConditionGetter permCondGetter = new EntityPermissionChecker.StdPermissionConditionGetter("ContentPurposeOperation", "contentOperationId", "roleTypeId", "statusId", "contentPurposeTypeId", "privilegeEnumId");
178         permCondGetter.setOperationList(targetOperations);
179         
180         EntityPermissionChecker.StdRelatedRoleGetter roleGetter = new EntityPermissionChecker.StdRelatedRoleGetter("Content", "roleTypeId", "contentId", "partyId", "ownerContentId", "ContentRole");
181         //Debug.logInfo("targetOperations(b):" + targetOperations, "");
182 List JavaDoc passedRoles = (List JavaDoc) context.get("roleTypeList");
183         if (passedRoles == null) passedRoles = new ArrayList JavaDoc();
184         String JavaDoc roleTypeString = (String JavaDoc) context.get("roleTypeString");
185         if (UtilValidate.isNotEmpty(roleTypeString)) {
186             List JavaDoc rolesFromString = StringUtil.split(roleTypeString, "|");
187             passedRoles.addAll(rolesFromString);
188         }
189         roleGetter.setList(passedRoles);
190         
191         String JavaDoc entityAction = (String JavaDoc) context.get("entityOperation");
192         if (entityAction == null) entityAction = "_ADMIN";
193         if (userLogin != null && entityAction != null) {
194             passed = security.hasEntityPermission("CONTENTMGR", entityAction, userLogin);
195         }
196         
197         StringBuffer JavaDoc errBuf = new StringBuffer JavaDoc();
198         String JavaDoc permissionStatus = null;
199         List JavaDoc entityIds = new ArrayList JavaDoc();
200         if (passed) {
201             results.put("permissionStatus", "granted");
202             permissionStatus = "granted";
203             if (displayPassCond) {
204                  errBuf.append("\n hasEntityPermission(" + entityAction + "): PASSED" );
205             }
206                 
207         } else {
208             if (displayFailCond) {
209                  errBuf.append("\n hasEntityPermission(" + entityAction + "): FAILED" );
210             }
211
212             if (content != null)
213                 entityIds.add(content);
214             String JavaDoc quickCheckContentId = (String JavaDoc) context.get("quickCheckContentId");
215             if (UtilValidate.isNotEmpty(quickCheckContentId)) {
216                List JavaDoc quickList = StringUtil.split(quickCheckContentId, "|");
217                if (UtilValidate.isNotEmpty(quickList)) entityIds.addAll(quickList);
218             }
219             try {
220                 boolean check = EntityPermissionChecker.checkPermissionMethod(delegator, partyId, "Content", entityIds, auxGetter, roleGetter, permCondGetter);
221                 if (check) {
222                     results.put("permissionStatus", "granted");
223                 } else {
224                     results.put("permissionStatus", "rejected");
225                 }
226             } catch (GenericEntityException e) {
227                 ServiceUtil.returnError(e.getMessage());
228             }
229             permissionStatus = (String JavaDoc)results.get("permissionStatus");
230             errBuf.append("\n permissionStatus:" );
231             errBuf.append(permissionStatus);
232         }
233             
234         if ((permissionStatus.equals("granted") && displayPassCond)
235             || (permissionStatus.equals("rejected") && displayFailCond)) {
236             // Don't show this if passed on 'hasEntityPermission'
237 if (displayFailCond || displayPassCond) {
238               if (!passed) {
239                  errBuf.append("\n targetOperations:" );
240                  errBuf.append(targetOperations);
241
242                  String JavaDoc errMsg = permCondGetter.dumpAsText();
243                  errBuf.append("\n" );
244                  errBuf.append(errMsg);
245                  errBuf.append("\n partyId:" );
246                  errBuf.append(partyId);
247                  errBuf.append("\n entityIds:" );
248                  errBuf.append(entityIds);
249                  
250                  if (auxGetter != null) {
251                      errBuf.append("\n auxList:" );
252                      errBuf.append(auxGetter.getList());
253                  }
254                  
255                  if (roleGetter != null) {
256                      errBuf.append("\n roleList:" );
257                      errBuf.append(roleGetter.getList());
258                  }
259               }
260                  
261             }
262         }
263         Debug.logInfo("displayPass/FailCond(0), errBuf:" + errBuf.toString(), "");
264         results.put(ModelService.ERROR_MESSAGE, errBuf.toString());
265         return results;
266     }
267     
268     public static Map JavaDoc checkAssocPermission(DispatchContext dctx, Map JavaDoc context) {
269     
270         Map JavaDoc results = new HashMap JavaDoc();
271         Security security = dctx.getSecurity();
272         GenericDelegator delegator = dctx.getDelegator();
273         LocalDispatcher dispatcher = dctx.getDispatcher();
274         Boolean JavaDoc bDisplayFailCond = (Boolean JavaDoc)context.get("displayFailCond");
275         String JavaDoc contentIdFrom = (String JavaDoc) context.get("contentIdFrom");
276         String JavaDoc contentIdTo = (String JavaDoc) context.get("contentIdTo");
277         GenericValue userLogin = (GenericValue) context.get("userLogin");
278         String JavaDoc entityAction = (String JavaDoc) context.get("entityOperation");
279         if (entityAction == null) entityAction = "_ADMIN";
280         List JavaDoc roleIds = null;
281         String JavaDoc permissionStatus = null;
282     
283         GenericValue contentTo = null;
284         GenericValue contentFrom = null;
285         try {
286             contentTo = delegator.findByPrimaryKeyCache("Content", UtilMisc.toMap("contentId", contentIdTo) );
287             contentFrom = delegator.findByPrimaryKeyCache("Content", UtilMisc.toMap("contentId", contentIdFrom) );
288         } catch (GenericEntityException e) {
289             return ServiceUtil.returnError("Error in retrieving content To or From. " + e.getMessage());
290         }
291         if (contentTo == null || contentFrom == null) {
292             return ServiceUtil.returnError("contentTo[" + contentTo + "]/From[" + contentFrom + "] is null. ");
293         }
294         Map JavaDoc resultsMap = null;
295         boolean isMatch = false;
296     
297         boolean isMatchTo = false;
298         boolean isMatchFrom = false;
299         Map JavaDoc permResults = new HashMap JavaDoc();
300         String JavaDoc skipPermissionCheck = null;
301     
302         if (skipPermissionCheck == null
303             || skipPermissionCheck.length() == 0
304             || (!skipPermissionCheck.equalsIgnoreCase("true") && !skipPermissionCheck.equalsIgnoreCase("granted"))) {
305             // Use the purposes from the from entity for both cases.
306 List JavaDoc relatedPurposes = EntityPermissionChecker.getRelatedPurposes(contentFrom, null);
307             List JavaDoc relatedPurposesTo = EntityPermissionChecker.getRelatedPurposes(contentTo, relatedPurposes);
308             Map JavaDoc serviceInMap = new HashMap JavaDoc();
309             serviceInMap.put("userLogin", userLogin);
310             serviceInMap.put("targetOperationList", UtilMisc.toList("CONTENT_LINK_TO"));
311             serviceInMap.put("contentPurposeList", relatedPurposesTo);
312             serviceInMap.put("currentContent", contentTo);
313             serviceInMap.put("displayFailCond", bDisplayFailCond);
314     
315             try {
316                 permResults = dispatcher.runSync("checkContentPermission", serviceInMap);
317             } catch (GenericServiceException e) {
318                 Debug.logError(e, "Problem checking permissions", "ContentServices");
319             }
320             permissionStatus = (String JavaDoc)permResults.get("permissionStatus");
321             if(permissionStatus == null || !permissionStatus.equals("granted") ) {
322                 if (bDisplayFailCond != null && bDisplayFailCond.booleanValue()) {
323                      String JavaDoc errMsg = (String JavaDoc)permResults.get(ModelService.ERROR_MESSAGE);
324                      results.put(ModelService.ERROR_MESSAGE, errMsg);
325                 }
326                 return results;
327             }
328             serviceInMap.put("currentContent", contentFrom);
329             serviceInMap.put("targetOperationList", UtilMisc.toList("CONTENT_LINK_FROM"));
330             serviceInMap.put("contentPurposeList", relatedPurposes);
331             try {
332                 permResults = dispatcher.runSync("checkContentPermission", serviceInMap);
333             } catch (GenericServiceException e) {
334                 Debug.logError(e, "Problem checking permissions", "ContentServices");
335             }
336             permissionStatus = (String JavaDoc)permResults.get("permissionStatus");
337             if(permissionStatus != null && permissionStatus.equals("granted") ) {
338                 results.put("permissionStatus", "granted");
339             } else {
340                 if (bDisplayFailCond != null && bDisplayFailCond.booleanValue()) {
341                      String JavaDoc errMsg = (String JavaDoc)permResults.get(ModelService.ERROR_MESSAGE);
342                      results.put(ModelService.ERROR_MESSAGE, errMsg);
343                 }
344             }
345         } else {
346             results.put("permissionStatus", "granted");
347         }
348         return results;
349     }
350     
351 }
352
Popular Tags