Java > Open Source Codes > org > ofbiz > security > OFBizSecurity


1 /*
2  * $Id: OFBizSecurity.java 5462 2005-08-05 18:35:48Z jonesde $
3  *
4  * Copyright (c) 2001, 2002 The Open For Business Project - www.ofbiz.org
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a
7  * copy of this software and associated documentation files (the "Software"),
8  * to deal in the Software without restriction, including without limitation
9  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10  * and/or sell copies of the Software, and to permit persons to whom the
11  * Software is furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included
14  * in all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
17  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
19  * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
20  * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
21  * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
22  * THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23  *
24  */
25 package org.ofbiz.security;
26
27 import java.util.ArrayList ;
28 import java.util.Iterator ;
29 import java.util.LinkedList ;
30 import java.util.List ;
31 import java.util.Map ;
32
33 import javax.servlet.http.HttpSession ;
34
35 import org.ofbiz.base.util.Debug;
36 import org.ofbiz.base.util.UtilMisc;
37 import org.ofbiz.entity.GenericDelegator;
38 import org.ofbiz.entity.GenericEntityException;
39 import org.ofbiz.entity.GenericValue;
40 import org.ofbiz.entity.condition.EntityCondition;
41 import org.ofbiz.entity.condition.EntityConditionList;
42 import org.ofbiz.entity.condition.EntityExpr;
43 import org.ofbiz.entity.condition.EntityOperator;
44 import org.ofbiz.entity.util.EntityUtil;
45
46 /**
47  * <code>OFBizSecurity</code>
48  * This class has not been altered from the original source. It now just extends Security and was therefore renamed to
49  * OFBizSecurity.
50  *
51  * @author <a HREF="mailto:jonesde@ofbiz.org">David E. Jones</a>
52  * @author <a HREF="mailto:hermanns@aixcept.de">Rainer Hermanns</a>
53  * @author <a HREF="mailto:jaz@ofbiz.org">Andy Zeneski</a>
54  * @version $Rev: 5462 $
55  * @since 2.0
56  */
57 public class OFBizSecurity extends org.ofbiz.security.Security {
58     
59     public static final String module = OFBizSecurity.class.getName();
60     
61     public static final Map simpleRoleEntity = UtilMisc.toMap(
62         "ORDERMGR", UtilMisc.toMap("name", "OrderRole", "pkey", "orderId"),
63         "FACILITY", UtilMisc.toMap("name", "FacilityRole", "pkey", "facilityId"),
64         "MARKETING", UtilMisc.toMap("name", "MarketingCampaignRole", "pkey", "marketingCampaignId"));
65
66     GenericDelegator delegator = null;
67
68     protected OFBizSecurity() {}
69
70     protected OFBizSecurity(GenericDelegator delegator) {
71         this.delegator = delegator;
72     }
73
74     public GenericDelegator getDelegator() {
75         return delegator;
76     }
77
78     public void setDelegator(GenericDelegator delegator) {
79         this.delegator = delegator;
80     }
81
82     /**
83      * @see org.ofbiz.security.Security#findUserLoginSecurityGroupByUserLoginId(java.lang.String)
84      */
85     public Iterator findUserLoginSecurityGroupByUserLoginId(String userLoginId) {
86         List collection = (List ) userLoginSecurityGroupByUserLoginId.get(userLoginId);
87
88         if (collection == null) {
89             try {
90                 collection = delegator.findByAnd("UserLoginSecurityGroup", UtilMisc.toMap("userLoginId", userLoginId), null);
91             } catch (GenericEntityException e) {
92                 Debug.logWarning(e, module);
93             }
94             // make an empty collection to speed up the case where a userLogin belongs to no security groups
95 if (collection == null) collection = new LinkedList ();
96             userLoginSecurityGroupByUserLoginId.put(userLoginId, collection);
97         }
98         // filter each time after cache retreival, ie cache will contain entire list
99 collection = EntityUtil.filterByDate(collection, true);
100         return collection.iterator();
101     }
102
103     /**
104      * @see org.ofbiz.security.Security#securityGroupPermissionExists(java.lang.String, java.lang.String)
105      */
106     public boolean securityGroupPermissionExists(String groupId, String permission) {
107         GenericValue securityGroupPermissionValue = delegator.makeValue("SecurityGroupPermission",
108                 UtilMisc.toMap("groupId", groupId, "permissionId", permission));
109         Boolean exists = (Boolean ) securityGroupPermissionCache.get(securityGroupPermissionValue);
110
111         if (exists == null) {
112             try {
113                 if (delegator.findByPrimaryKey(securityGroupPermissionValue.getPrimaryKey()) != null)
114                     exists = Boolean.TRUE;
115                 else
116                     exists = Boolean.FALSE;
117             } catch (GenericEntityException e) {
118                 exists = Boolean.FALSE;
119                 Debug.logWarning(e, module);
120             }
121             securityGroupPermissionCache.put(securityGroupPermissionValue, exists);
122         }
123         return exists.booleanValue();
124     }
125
126     /**
127      * @see org.ofbiz.security.Security#hasPermission(java.lang.String, javax.servlet.http.HttpSession)
128      */
129     public boolean hasPermission(String permission, HttpSession session) {
130         GenericValue userLogin = (GenericValue) session.getAttribute("userLogin");
131
132         if (userLogin == null) return false;
133
134         return hasPermission(permission, userLogin);
135     }
136
137     /**
138      * @see org.ofbiz.security.Security#hasPermission(java.lang.String, org.ofbiz.entity.GenericValue)
139      */
140     public boolean hasPermission(String permission, GenericValue userLogin) {
141         if (userLogin == null) return false;
142
143         Iterator iterator = findUserLoginSecurityGroupByUserLoginId(userLogin.getString("userLoginId"));
144         GenericValue userLoginSecurityGroup = null;
145
146         while (iterator.hasNext()) {
147             userLoginSecurityGroup = (GenericValue) iterator.next();
148             if (securityGroupPermissionExists(userLoginSecurityGroup.getString("groupId"), permission)) return true;
149         }
150
151         return false;
152     }
153
154     /**
155      * @see org.ofbiz.security.Security#hasEntityPermission(java.lang.String, java.lang.String, javax.servlet.http.HttpSession)
156      */
157     public boolean hasEntityPermission(String entity, String action, HttpSession session) {
158         GenericValue userLogin = (GenericValue) session.getAttribute("userLogin");
159
160         if (userLogin == null) return false;
161         return hasEntityPermission(entity, action, userLogin);
162     }
163
164     /**
165      * @see org.ofbiz.security.Security#hasEntityPermission(java.lang.String, java.lang.String, org.ofbiz.entity.GenericValue)
166      */
167     public boolean hasEntityPermission(String entity, String action, GenericValue userLogin) {
168         if (userLogin == null) return false;
169
170         // if (Debug.infoOn()) Debug.logInfo("hasEntityPermission: entity=" + entity + ", action=" + action, module);
171 Iterator iterator = findUserLoginSecurityGroupByUserLoginId(userLogin.getString("userLoginId"));
172         GenericValue userLoginSecurityGroup = null;
173
174         while (iterator.hasNext()) {
175             userLoginSecurityGroup = (GenericValue) iterator.next();
176
177             // if (Debug.infoOn()) Debug.logInfo("hasEntityPermission: userLoginSecurityGroup=" + userLoginSecurityGroup.toString(), module);
178
179             // always try _ADMIN first so that it will cache first, keeping the cache smaller
180 if (securityGroupPermissionExists(userLoginSecurityGroup.getString("groupId"), entity + "_ADMIN"))
181                 return true;
182             if (securityGroupPermissionExists(userLoginSecurityGroup.getString("groupId"), entity + action))
183                 return true;
184         }
185
186         return false;
187     }
188     
189     /**
190      * @see org.ofbiz.security.Security#hasRolePermission(java.lang.String, java.lang.String, java.lang.String, java.lang.String, javax.servlet.http.HttpSession)
191      */
192     public boolean hasRolePermission(String application, String action, String primaryKey, String role, HttpSession session) {
193         GenericValue userLogin = (GenericValue) session.getAttribute("userLogin");
194         return hasRolePermission(application, action, primaryKey, role, userLogin);
195     }
196     
197     /**
198      * @see org.ofbiz.security.Security#hasRolePermission(java.lang.String, java.lang.String, java.lang.String, java.lang.String, org.ofbiz.entity.GenericValue)
199      */
200     public boolean hasRolePermission(String application, String action, String primaryKey, String role, GenericValue userLogin) {
201         List roles = null;
202         if (role != null && !role.equals(""))
203             roles = UtilMisc.toList(role);
204         return hasRolePermission(application, action, primaryKey, roles, userLogin);
205     }
206                 
207     /**
208      * @see org.ofbiz.security.Security#hasRolePermission(java.lang.String, java.lang.String, java.lang.String, java.util.List, javax.servlet.http.HttpSession)
209      */
210     public boolean hasRolePermission(String application, String action, String primaryKey, List roles, HttpSession session) {
211         GenericValue userLogin = (GenericValue) session.getAttribute("userLogin");
212         return hasRolePermission(application, action, primaryKey, roles, userLogin);
213     }
214     
215     /**
216      * @see org.ofbiz.security.Security#hasRolePermission(java.lang.String, java.lang.String, java.lang.String, java.util.List, org.ofbiz.entity.GenericValue)
217      */
218     public boolean hasRolePermission(String application, String action, String primaryKey, List roles, GenericValue userLogin) {
219         String entityName = null;
220         EntityCondition condition = null;
221         
222         if (userLogin == null)
223             return false;
224             
225         // quick test for special cases where were just want to check the permission (find screens)
226 if (primaryKey.equals("") && roles == null) {
227             if (hasEntityPermission(application, action, userLogin)) return true;
228             if (hasEntityPermission(application + "_ROLE", action, userLogin)) return true;
229         }
230         
231         Map simpleRoleMap = (Map ) OFBizSecurity.simpleRoleEntity.get(application);
232         if (simpleRoleMap != null && roles != null) {
233             entityName = (String ) simpleRoleMap.get("name");
234             String pkey = (String ) simpleRoleMap.get("pkey");
235             if (pkey != null) {
236                 List expressions = new ArrayList ();
237                 Iterator i = roles.iterator();
238                 while (i.hasNext()) {
239                     String role = (String ) i.next();
240                     expressions.add(new EntityExpr("roleTypeId", EntityOperator.EQUALS, role));
241                 }
242                 EntityConditionList exprList = new EntityConditionList(expressions, EntityOperator.OR);
243                 EntityExpr keyExpr = new EntityExpr(pkey, EntityOperator.EQUALS, primaryKey);
244                 EntityExpr partyExpr = new EntityExpr("partyId", EntityOperator.EQUALS, userLogin.getString("partyId"));
245                 List joinList = UtilMisc.toList(exprList, keyExpr, partyExpr);
246                 condition = new EntityConditionList(joinList, EntityOperator.AND);
247             }
248             
249         }
250         
251         return hasRolePermission(application, action, entityName, condition, userLogin);
252     }
253     
254     /**
255      * Like hasEntityPermission above, this checks the specified action, as well as for "_ADMIN" to allow for simplified
256      * general administration permission, but also checks action_ROLE and validates the user is a member for the
257      * application.
258      *
259      * @param application The name of the application corresponding to the desired permission.
260      * @param action The action on the application corresponding to the desired permission.
261      * @param entityName The name of the role entity to use for validation.
262      * @param condition EntityCondition used to query the entityName.
263      * @param userLogin The userLogin object for user to check against.
264      * @return Returns true if the currently logged in userLogin has the specified permission, otherwise returns false.
265      */
266     public boolean hasRolePermission(String application, String action, String entityName, EntityCondition condition, GenericValue userLogin) {
267         if (userLogin == null) return false;
268         
269         // first check the standard permission
270 if (hasEntityPermission(application, action, userLogin)) return true;
271         
272         // make sure we have what's needed for role security
273 if (entityName == null || condition == null) return false;
274         
275         // now check the user for the role permission
276 if (hasEntityPermission(application + "_ROLE", action, userLogin)) {
277             // we have the permission now, we check to make sure we are allowed access
278 List roleTest = null;
279             try {
280                 //Debug.logInfo("Doing Role Security Check on [" + entityName + "]" + "using [" + condition + "]", module);
281 roleTest = delegator.findByCondition(entityName, condition, null, null);
282             } catch (GenericEntityException e) {
283                 Debug.logError(e, "Problems doing role security lookup on entity [" + entityName + "] using [" + condition + "]", module);
284                 return false;
285             }
286             
287             // if we pass all tests
288 //Debug.logInfo("Found (" + (roleTest == null ? 0 : roleTest.size()) + ") matches :: " + roleTest, module);
289 if (roleTest != null && roleTest.size() > 0) return true;
290         }
291         
292         return false;
293     }
294             
295 }
296

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags