Security


1   /*
2    * This file is part of "SnipSnap Wiki/Weblog".
3    *
4    * Copyright (c) 2002 Stephan J. Schmidt, Matthias L. Jugel
5    * All Rights Reserved.
6    *
7    * Please visit http://snipsnap.org/ for updates and contact.
8    *
9    * --LICENSE NOTICE--
10   * This program is free software; you can redistribute it and/or
11   * modify it under the terms of the GNU General Public License
12   * as published by the Free Software Foundation; either version 2
13   * of the License, or (at your option) any later version.
14   *
15   * This program is distributed in the hope that it will be useful,
16   * but WITHOUT ANY WARRANTY; without even the implied warranty of
17   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18   * GNU General Public License for more details.
19   *
20   * You should have received a copy of the GNU General Public License
21   * along with this program; if not, write to the Free Software
22   * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23   * --LICENSE NOTICE--
24   */
25  
26  package org.snipsnap.user;
27  
28  import org.snipsnap.snip.Ownable;
29  import org.snipsnap.snip.Snip;
30  import org.snipsnap.container.Components;
31  
32  /**
33   * Security manager for checking permission, roles etc.
34   *
35   * @author stephan
36   * @version $Id: Security.java 1256 2003-12-11 13:24:57Z leo $
37   */
38  
39  public class Security {
40    /**
41     * Adds authenticated role to user roles
42     *
43     * @param user User to check
44     * @return List of roles
45     */
46    public static Roles getRoles(User user) {
47      Roles userRoles = new Roles(user.getRoles());
48      AuthenticationService service = (AuthenticationService) Components.getComponent(AuthenticationService.class);
49  
50      if (service.isAuthenticated(user)) {
51        userRoles.add(Roles.AUTHENTICATED);
52      }
53      return userRoles;
54    }
55  
56    /**
57     * Adds owner role to roles list
58     *
59     * @param user User to check
60     * @param object Object with possible owner
61     * @return List of roles for user and object
62     */
63    public static Roles getRoles(User user, Snip object) {
64      Roles roles = getRoles(user);
65      if (object instanceof Ownable) {
66        Ownable o = object;
67        if (o.isOwner(user)) {
68          roles.add(Roles.OWNER);
69        }
70      }
71      return roles;
72    }
73  
74    /**
75     * Checks whether a object has the given permissiom, e.g.
76     * if a snip has the permission "Edit" for the roles "Owner".
77     * Returns false if there is no "Edit" permission.
78     *
79     * @param permission String with the permission to check, e.g. "Edit"
80     * @param object Object to check permission agains
81     * @param roles Roles object containing the roles
82     * @return true if the object has the permission for the roles
83     */
84    public static boolean existsPermission(String   permission, Snip object, Roles roles) {
85      Permissions permissions = object.getPermissions();
86      return permissions.exists(permission, roles);
87    }
88  
89    public static boolean hasRoles(User user, Roles roles) {
90      Roles userRoles = getRoles(user);
91      return userRoles.containsAny(roles);
92    }
93  
94    public static boolean hasRoles(User user, Snip object, Roles roles) {
95      Roles userRoles = getRoles(user, object);
96      return userRoles.containsAny(roles);
97    }
98  
99    /**
100    * Check if the user has the permission on the object.
101    * Returns true if there is e.g no "Edit" permission.
102    *
103    * @param permission the permission to check, e.g. "Edit"
104    * @param user the user to check permissions for, e.g. "funzel"
105    * @param object the object that should be manipulated
106    * @return
107    */
108   public static boolean checkPermission(String   permission, User user, Snip object) {
109     Permissions permissions = object.getPermissions();
110     if (null == permissions || permissions.empty()) {
111       return true;
112     } else {
113       return permissions.check(permission, getRoles(user, object));
114     }
115   }
116 }
117
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags