Source Code Cross Referenced for PermissionDispatchAction.java in  » Authentication-Authorization » jguard » net » sf » jguard » example » struts » admin » actions » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:        jGuard is a security framework based on top of jaas (java authentication and authorization security).
003:        it is written for web applications, to resolve simply, access control problems.
004:        version $Name$
005:        http://sourceforge.net/projects/jguard/
006:
007:        Copyright (C) 2004  Charles GAY
008:
009:        This library is free software; you can redistribute it and/or
010:        modify it under the terms of the GNU Lesser General Public
011:        License as published by the Free Software Foundation; either
012:        version 2.1 of the License, or (at your option) any later version.
013:
014:        This library is distributed in the hope that it will be useful,
015:        but WITHOUT ANY WARRANTY; without even the implied warranty of
016:        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
017:        Lesser General Public License for more details.
018:
019:        You should have received a copy of the GNU Lesser General Public
020:        License along with this library; if not, write to the Free Software
021:        Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
022:
023:
024:        jGuard project home page:
025:        http://sourceforge.net/projects/jguard/
026:
027:         */
028:        package net.sf.jguard.example.struts.admin.actions;
029:
030:        import java.security.Permission;
031:
032:        import javax.servlet.http.HttpServletRequest;
033:        import javax.servlet.http.HttpServletResponse;
034:
035:        import net.sf.jguard.core.authorization.permissions.PermissionUtils;
036:        import net.sf.jguard.example.struts.actions.BaseAction;
037:        import net.sf.jguard.ext.SecurityConstants;
038:        import net.sf.jguard.ext.authorization.AuthorizationException;
039:        import net.sf.jguard.ext.authorization.manager.AuthorizationManager;
040:
041:        import org.apache.log4j.Logger;
042:        import org.apache.struts.action.ActionForm;
043:        import org.apache.struts.action.ActionForward;
044:        import org.apache.struts.action.ActionMapping;
045:        import org.apache.struts.action.DynaActionForm;
046:
047:        /**
048:         * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
049:         *
050:         */
051:        public class PermissionDispatchAction extends BaseAction {
052:            private static Logger logger = Logger
053:                    .getLogger(PermissionDispatchAction.class);
054:
055:            /**
056:             * create a new URLPermission.
057:             * @param mapping
058:             * @param form
059:             * @param request
060:             * @param response
061:             * @return
062:             */
063:            public ActionForward create(ActionMapping mapping, ActionForm form,
064:                    HttpServletRequest request, HttpServletResponse response) {
065:
066:                DynaActionForm dyna = (DynaActionForm) form;
067:                AuthorizationManager am = (AuthorizationManager) request
068:                        .getSession().getServletContext().getAttribute(
069:                                SecurityConstants.AUTHORIZATION_MANAGER);
070:
071:                Permission permission = null;
072:                try {
073:                    permission = getPermission(dyna);
074:                    am.createPermission(permission, (String) dyna
075:                            .get("domainName"));
076:                } catch (AuthorizationException e) {
077:                    logger.error(" permission " + permission.getName()
078:                            + " in domain " + (String) dyna.get("domainName")
079:                            + " not created ", e);
080:                } catch (ClassNotFoundException e) {
081:                    logger.error(" permission " + permission.getName()
082:                            + " in domain " + (String) dyna.get("domainName")
083:                            + " not created ", e);
084:                }
085:
086:                return mapping.findForward("createPermissionOK");
087:
088:            }
089:
090:            /**
091:             * delete permission.
092:             * @param mapping
093:             * @param form
094:             * @param request
095:             * @param response
096:             * @return
097:             */
098:            public ActionForward delete(ActionMapping mapping, ActionForm form,
099:                    HttpServletRequest request, HttpServletResponse response) {
100:
101:                DynaActionForm dyna = (DynaActionForm) form;
102:                AuthorizationManager am = (AuthorizationManager) request
103:                        .getSession().getServletContext().getAttribute(
104:                                SecurityConstants.AUTHORIZATION_MANAGER);
105:                try {
106:                    am.deletePermission((String) dyna.get("permissionName"));
107:                } catch (AuthorizationException e) {
108:                    logger.error(" permission "
109:                            + (String) dyna.get("permissionName")
110:                            + " not deleted ", e);
111:                }
112:
113:                return mapping.findForward("deletePermissionOK");
114:
115:            }
116:
117:            /**
118:             * update permission.
119:             * @param mapping
120:             * @param form
121:             * @param request
122:             * @param response
123:             * @return
124:             */
125:            public ActionForward update(ActionMapping mapping, ActionForm form,
126:                    HttpServletRequest request, HttpServletResponse response) {
127:
128:                DynaActionForm dyna = (DynaActionForm) form;
129:                AuthorizationManager am = (AuthorizationManager) request
130:                        .getSession().getServletContext().getAttribute(
131:                                SecurityConstants.AUTHORIZATION_MANAGER);
132:                Permission permission = null;
133:
134:                try {
135:                    permission = getPermission(dyna);
136:                    am.updatePermission((String) dyna.get("oldPermissionName"),
137:                            permission, (String) dyna.get("domainName"));
138:                } catch (AuthorizationException e) {
139:                    logger.error(" permission "
140:                            + (String) dyna.get("oldPermissionName")
141:                            + " not updated ", e);
142:                } catch (ClassNotFoundException e) {
143:                    logger.error(" permission "
144:                            + (String) dyna.get("oldPermissionName")
145:                            + " not updated ", e);
146:                }
147:
148:                return mapping.findForward("updatePermissionOK");
149:
150:            }
151:
152:            private Permission getPermission(DynaActionForm dyna)
153:                    throws ClassNotFoundException {
154:                String permissionName = (String) dyna.get("permissionName");
155:                String permissionClassName = (String) dyna
156:                        .get("permissionClass");
157:                String actions = (String) dyna.get("permissionActions");
158:                Permission permission = PermissionUtils.getPermission(
159:                        permissionClassName, permissionName, actions);
160:                return permission;
161:            }
162:        }