ScarabSecurity


1   package org.tigris.scarab.services.security;
2   
3   /* ================================================================
4    * Copyright (c) 2001 Collab.Net.  All rights reserved.
5    * 
6    * Redistribution and use in source and binary forms, with or without
7    * modification, are permitted provided that the following conditions are
8    * met:
9    * 
10   * 1. Redistributions of source code must retain the above copyright
11   * notice, this list of conditions and the following disclaimer.
12   * 
13   * 2. Redistributions in binary form must reproduce the above copyright
14   * notice, this list of conditions and the following disclaimer in the
15   * documentation and/or other materials provided with the distribution.
16   * 
17   * 3. The end-user documentation included with the redistribution, if
18   * any, must include the following acknowlegement: "This product includes
19   * software developed by Collab.Net <http://www.Collab.Net/>."
20   * Alternately, this acknowlegement may appear in the software itself, if
21   * and wherever such third-party acknowlegements normally appear.
22   * 
23   * 4. The hosted project names must not be used to endorse or promote
24   * products derived from this software without prior written
25   * permission. For written permission, please contact info@collab.net.
26   * 
27   * 5. Products derived from this software may not use the "Tigris" or 
28   * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without 
29   * prior written permission of Collab.Net.
30   * 
31   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
32   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
33   * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
34   * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
35   * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36   * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
37   * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
38   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
39   * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
40   * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
41   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42   *
43   * ====================================================================
44   * 
45   * This software consists of voluntary contributions made by many
46   * individuals on behalf of Collab.Net.
47   */ 
48  
49  import java.util.List  ;
50  import java.util.ArrayList  ;
51  
52  import org.apache.commons.configuration.Configuration;
53  import org.apache.fulcrum.Service;
54  import org.apache.fulcrum.BaseService;
55  import org.apache.fulcrum.TurbineServices;
56  
57  /**
58   * This class provides access to security properties
59   *
60   * @author <a HREF="mailto:jmcnally@collab.net">John McNally</a>
61   * @version $Id: ScarabSecurity.java 9340 2004-12-29 00:29:51Z jorgeuriarte $
62   */
63  public class ScarabSecurity 
64      extends BaseService
65      implements Service
66  {
67      /** The name of the service */
68      public static final String   SERVICE_NAME = "ScarabSecurity";
69  
70      public static final String   TOOL_KEY = 
71          "services.PullService.tool.request.security";
72  
73      private static final String   SCREEN_PREFIX = "screen.";
74      private static final String   ACTION_PREFIX = "action.";
75  
76      protected static final String   MAP_PREFIX = "map.";
77  
78      /**
79       * String used to indicate that an Action module does not require
80       * a permission.
81       */
82      public static final String   NONE = "None";
83  
84      /** 
85       * Specifies that a User is valid as an assignee for an issue.
86       */
87      public static final String   ISSUE__EDIT = 
88          getService().getPermissionImpl("Issue__Edit");
89  
90      /** 
91       * Specifies that a User is allowed to enter an issue.
92       */
93      public static final String   ISSUE__ENTER = 
94          getService().getPermissionImpl("Issue__Enter");
95  
96      /** 
97       * Specifies that a User is allowed to view an issue.
98       */
99      public static final String   ISSUE__VIEW = 
100         getService().getPermissionImpl("Issue__View");
101 
102     /** 
103      * Specifies that a User is allowed to search for issues.
104      */
105     public static final String   ISSUE__SEARCH = 
106         getService().getPermissionImpl("Issue__Search");
107 
108     /** 
109      * Specifies that a User is allowed to move or copy an issue.
110      */
111     public static final String   ISSUE__MOVE = 
112         getService().getPermissionImpl("Issue__Move");
113 
114     /** 
115      * Specifies that a User is allowed to search for issues.
116      */
117     public static final String   ISSUE__ATTACH = 
118         getService().getPermissionImpl("Issue__Attach");
119 
120     /** 
121      * Specifies that a User is allowed to search for issues.
122      */
123     public static final String   ISSUE__ASSIGN = 
124         getService().getPermissionImpl("Issue__Assign");
125 
126     /** 
127      * Specifies that a User is allowed to approve a query.
128      */
129     public static final String   ITEM__APPROVE = 
130         getService().getPermissionImpl("Item__Approve");
131 
132     /** 
133      * Specifies that a User is allowed to delete a query.
134      */
135     public static final String   ITEM__DELETE = 
136         getService().getPermissionImpl("Item__Delete");
137 
138     /** 
139      * Specifies that a User is allowed to edit preferences.
140      */
141     public static final String   USER__EDIT_PREFERENCES =         
142         getService().getPermissionImpl("User__Edit_Preferences");
143 
144     /** 
145      * Specifies that a User is allowed to administer a domain.
146      */
147     public static final String   DOMAIN__ADMIN = 
148         getService().getPermissionImpl("Domain__Admin");
149 
150     /** 
151      * Specifies that a User is allowed to edit a domain.
152      */
153     public static final String   DOMAIN__EDIT = 
154         getService().getPermissionImpl("Domain__Edit");
155 
156     /** 
157      * Specifies that a User is allowed to modify a project.
158      */
159     public static final String   MODULE__EDIT = 
160         getService().getPermissionImpl("Module__Edit");
161 
162     /** 
163      * Specifies that a User is allowed to configure a project.
164      */
165     public static final String   MODULE__CONFIGURE = 
166         getService().getPermissionImpl("Module__Configure");
167 
168     /** 
169      * Specifies that a User is allowed to add a project.
170      */
171     public static final String   MODULE__ADD = 
172         getService().getPermissionImpl("Module__Add");
173 
174     /**
175      * User with this permission is allowed to approve roles requested
176      * by other users.
177      */
178     public static final String   USER__APPROVE_ROLES = 
179         getService().getPermissionImpl("User__Approve_Roles");
180 
181     /** 
182      * Specifies that a User is allowed to set up voting policies.
183      */
184     public static final String   VOTE__MANAGE = 
185         getService().getPermissionImpl("Vote__Manage");
186 
187     /** 
188      * Specifies that a User can change its password.
189      * This permission is not stored in the database, and not
190      * shown in GUI, but rather is managed by properties file.       
191      */
192     public static final String   USER__CHANGE_PASSWORD = 
193         getService().getPermissionImpl("User__Change_Password");
194 
195 
196     private Configuration props;
197     private List   allPermissions;
198 
199     public ScarabSecurity()
200     {
201     }
202 
203     public void init()
204     {
205         props = getConfiguration();
206         setInit(true);
207     }
208 
209     /**
210      * Used in getAllPermissionsImpl to build the list
211      */
212     private void addPerm(List   perms, String   perm)
213     {
214         if (perm != null && perm.length() > 0 && !perms.contains(perm))
215         {
216             perms.add(perm);
217         }
218     }
219 
220     protected List   getAllPermissionsImpl()
221     {
222         if (allPermissions == null) 
223         {
224             List   tmpPerms = new ArrayList  ();
225             addPerm(tmpPerms, ScarabSecurity.ISSUE__EDIT);
226             addPerm(tmpPerms, ScarabSecurity.ISSUE__ENTER);
227             addPerm(tmpPerms, ScarabSecurity.ISSUE__SEARCH);
228             addPerm(tmpPerms, ScarabSecurity.ISSUE__VIEW);
229             addPerm(tmpPerms, ScarabSecurity.ISSUE__ASSIGN);
230             addPerm(tmpPerms, ScarabSecurity.ISSUE__ATTACH);
231             addPerm(tmpPerms, ScarabSecurity.ISSUE__MOVE);
232             addPerm(tmpPerms, ScarabSecurity.ITEM__APPROVE);
233             addPerm(tmpPerms, ScarabSecurity.ITEM__DELETE);
234             addPerm(tmpPerms, ScarabSecurity.DOMAIN__ADMIN);
235             addPerm(tmpPerms, ScarabSecurity.DOMAIN__EDIT);
236             addPerm(tmpPerms, ScarabSecurity.MODULE__EDIT);
237             addPerm(tmpPerms, ScarabSecurity.MODULE__CONFIGURE);
238             addPerm(tmpPerms, ScarabSecurity.MODULE__ADD);
239             addPerm(tmpPerms, ScarabSecurity.USER__EDIT_PREFERENCES);
240             addPerm(tmpPerms, ScarabSecurity.USER__APPROVE_ROLES);
241             addPerm(tmpPerms, ScarabSecurity.VOTE__MANAGE);
242             allPermissions = tmpPerms;
243         }
244         
245         return allPermissions;
246     }
247 
248     protected String   getScreenPermissionImpl(String   screen)
249     {
250         String   t = screen.replace(',','.');
251         return getPermissionImpl(props.getString(SCREEN_PREFIX + t,null));
252     }
253 
254     protected String   getActionPermissionImpl(String   action)
255     {
256         String   perm = null;
257         String   property = props.getString(ACTION_PREFIX + action);
258         if (NONE.equals(property)) 
259         {
260             perm = NONE;
261         }
262         else 
263         {
264             perm = getPermissionImpl(property);
265         }
266         return perm;
267     }
268 
269     protected String   getPermissionImpl(String   permConstant)
270     {
271         return props.getString(MAP_PREFIX + permConstant,null);
272     }
273 
274 
275     // *******************************************************************
276     // static accessors
277     // *******************************************************************
278 
279     public static List   getAllPermissions()
280     {
281         return getService().getAllPermissionsImpl();
282     }
283 
284     public static String   getScreenPermission(String   screen)
285     {
286         return getService().getScreenPermissionImpl(screen);
287     }
288 
289     public static String   getActionPermission(String   action)
290     {
291         return getService().getActionPermissionImpl(action);
292     }
293 
294     /**
295      * Gets the <code>ScarabSecurity</code> implementation.
296      *
297      * @return the ScarabSecurity implementation.
298      */
299     protected static final ScarabSecurity getService()
300     {
301         return (ScarabSecurity) TurbineServices.getInstance()
302                 .getService(ScarabSecurity.SERVICE_NAME);
303     }
304 
305 }
306
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags