001: /**********************************************************************************
002: * $URL:https://source.sakaiproject.org/svn/osp/trunk/common/api-impl/src/java/org/theospi/portfolio/security/model/SimpleToolPermissionManager.java $
003: * $Id:SimpleToolPermissionManager.java 9134 2006-05-08 20:28:42Z chmaurer@iupui.edu $
004: ***********************************************************************************
005: *
006: * Copyright (c) 2005, 2006 The Sakai Foundation.
007: *
008: * Licensed under the Educational Community License, Version 1.0 (the "License");
009: * you may not use this file except in compliance with the License.
010: * You may obtain a copy of the License at
011: *
012: * http://www.opensource.org/licenses/ecl1.php
013: *
014: * Unless required by applicable law or agreed to in writing, software
015: * distributed under the License is distributed on an "AS IS" BASIS,
016: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017: * See the License for the specific language governing permissions and
018: * limitations under the License.
019: *
020: **********************************************************************************/package org.theospi.portfolio.security.model;
021:
022: import java.util.ArrayList;
023: import java.util.Arrays;
024: import java.util.HashMap;
025: import java.util.Hashtable;
026: import java.util.Iterator;
027: import java.util.List;
028: import java.util.Map;
029:
030: import org.apache.commons.logging.Log;
031: import org.apache.commons.logging.LogFactory;
032: import org.sakaiproject.component.cover.ServerConfigurationService;
033: import org.sakaiproject.metaobj.shared.mgt.AgentManager;
034: import org.sakaiproject.metaobj.shared.mgt.IdManager;
035: import org.sakaiproject.metaobj.shared.model.Agent;
036: import org.sakaiproject.metaobj.shared.model.Id;
037: import org.sakaiproject.site.api.Site;
038: import org.sakaiproject.site.api.ToolConfiguration;
039: import org.sakaiproject.site.cover.SiteService;
040: import org.theospi.portfolio.security.mgt.PermissionManager;
041: import org.theospi.portfolio.security.mgt.ToolPermissionManager;
042: import org.theospi.portfolio.worksite.intf.ToolEventListener;
043: import org.theospi.portfolio.worksite.model.SiteTool;
044:
045: public class SimpleToolPermissionManager implements ToolEventListener,
046: ToolPermissionManager {
047: protected final transient Log logger = LogFactory
048: .getLog(getClass());
049:
050: private Map defaultPermissions;
051: private Map siteTypePermissions;
052: private AgentManager agentManager;
053: private PermissionManager permissionManager;
054: private String permissionEditName;
055: private IdManager idManager;
056: private List functions = new ArrayList();
057:
058: // set default permissions with some overrides from sakai.properties
059: // example:
060: // glossary.permissions.override=false
061: // glossary.permissions.map.count=2
062: // glossary.permissions.map.1=Coordinator
063: // glossary.permissions.map.1.siteTypes=portfolio,project
064: // glossary.permissions.map.1.value.count=4
065: // glossary.permissions.map.1.value.1=osp.help.glossary.delete
066: // glossary.permissions.map.1.value.2=osp.help.glossary.add
067: // glossary.permissions.map.1.value.3=osp.help.glossary.edit
068: // glossary.permissions.map.1.value.4=osp.help.glossary.export
069: // glossary.permissions.map.2=Assistant
070: // glossary.permissions.map.2.siteTypes=portfolio
071: // glossary.permissions.map.2.value.count=4
072: // glossary.permissions.map.2.value.1=osp.help.glossary.delete
073: // glossary.permissions.map.2.value.2=osp.help.glossary.add
074: // glossary.permissions.map.2.value.3=osp.help.glossary.edit
075: // glossary.permissions.map.2.value.4=osp.help.glossary.export
076: public void init() {
077: logger.debug("Entering SimpleToolPermissionManager.init() for "
078: + getPermissionEditName());
079:
080: String roles[] = ServerConfigurationService
081: .getStrings(getPermissionEditName()
082: + ".permissions.map");
083: if (roles != null) {
084: //Check to see if we should override the system configured defaults or
085: // just append the custom ones to the list
086: String override = ServerConfigurationService
087: .getString(getPermissionEditName()
088: + ".permissions.override");
089: if (override.equalsIgnoreCase("true"))
090: defaultPermissions.clear();
091:
092: for (int i = 0; i < roles.length; i++) {
093: String perms[] = ServerConfigurationService
094: .getStrings(getPermissionEditName()
095: + ".permissions.map."
096: + String.valueOf(i + 1) + ".value");
097: String siteTypes = ServerConfigurationService
098: .getString(getPermissionEditName()
099: + ".permissions.map."
100: + String.valueOf(i + 1) + ".siteTypes");
101: String siteTypeList[] = siteTypes.split(",");
102: List permList = Arrays.asList(perms);
103: CrossRealmRoleWrapper crrw = new CrossRealmRoleWrapper();
104: Map roleMap = new HashMap();
105: List roleList = new ArrayList();
106: roleList.add(roles[i]);
107: for (int j = 0; j < siteTypeList.length; j++) {
108: roleMap.put(siteTypeList[j], roleList);
109: }
110: crrw.setSiteTypeRoles(roleMap);
111: defaultPermissions.put(crrw, permList);
112:
113: }
114: }
115: }
116:
117: /**
118: * sets up the default perms for a tool. Use's the tool id as the qualifier.
119: * Assumes that if no perms exist for the tool, the perms should be set to the defaults.
120: * @param toolConfig
121: */
122: public void toolSiteChanged(ToolConfiguration toolConfig) {
123: Id toolId = getIdManager().getId(toolConfig.getId());
124: PermissionsEdit edit = new PermissionsEdit();
125: edit.setQualifier(toolId);
126: edit.setName(getPermissionEditName());
127: Site containingSite = toolConfig.getContainingPage()
128: .getContainingSite();
129: if (!isSpecial(containingSite)) {
130: edit.setSiteId(containingSite.getId());
131: getPermissionManager().fillPermissions(edit);
132: if (edit.getPermissions() == null
133: || edit.getPermissions().size() == 0) {
134: createDefaultPermissions(edit.getSiteId(), toolId,
135: containingSite.getType());
136: }
137: }
138: }
139:
140: /**
141: * sets up the default perms for a helper tool. Uses the site id as the qualifier.
142: * Assumes that if no perms exist for the tool, the perms should be set to the defaults.
143: * @param site
144: */
145: public void helperSiteChanged(Site site) {
146: if (!isSpecial(site)) {
147: Id siteId = getIdManager().getId(site.getId());
148: PermissionsEdit edit = new PermissionsEdit();
149: edit.setQualifier(siteId);
150: edit.setName(getPermissionEditName());
151: edit.setSiteId(site.getId());
152: getPermissionManager().fillPermissions(edit);
153: if (edit.getPermissions() == null
154: || edit.getPermissions().size() == 0) {
155: createDefaultPermissions(edit.getSiteId(), siteId, site
156: .getType());
157: }
158: }
159: }
160:
161: protected boolean isSpecial(Site site) {
162: return SiteService.getInstance().isSpecialSite(site.getId());
163: }
164:
165: public void toolRemoved(SiteTool siteTool) {
166: // todo remove all authz
167: }
168:
169: protected void createDefaultPermissions(String worksiteId,
170: Id qualifier, String siteType) {
171: PermissionsEdit edit = setupPermissions(worksiteId, qualifier,
172: siteType);
173: edit.setName(getPermissionEditName());
174: getPermissionManager().updatePermissions(edit);
175: }
176:
177: protected PermissionsEdit setupPermissions(String worksiteId,
178: Id qualifier, String siteType) {
179:
180: List permissions = new ArrayList();
181: PermissionsEdit edit = new PermissionsEdit();
182: edit.setQualifier(qualifier);
183: edit.setSiteId(worksiteId);
184: Map permissionsMap = getSiteTypePermissionsMap(siteType);
185: for (Iterator i = permissionsMap.entrySet().iterator(); i
186: .hasNext();) {
187: Map.Entry entry = (Map.Entry) i.next();
188: String agentName = (String) entry.getKey();
189: List functions = (List) entry.getValue();
190: processFunctions(permissions, agentName, functions,
191: worksiteId);
192: }
193:
194: edit.setPermissions(permissions);
195: return edit;
196: }
197:
198: protected Map getSiteTypePermissionsMap(String siteType) {
199: if (getSiteTypePermissions() != null) {
200: Map map = (Map) getSiteTypePermissions().get(siteType);
201: if (map != null) {
202: return map;
203: }
204: }
205:
206: Map perms = getDefaultPermissions();
207: Map returned = new Hashtable();
208:
209: for (Iterator i = perms.entrySet().iterator(); i.hasNext();) {
210: Map.Entry entry = (Map.Entry) i.next();
211: CrossRealmRoleWrapper roleWrapper = (CrossRealmRoleWrapper) entry
212: .getKey();
213: if (roleWrapper.getSiteTypeRoles().get(siteType) != null) {
214: List roles = (List) roleWrapper.getSiteTypeRoles().get(
215: siteType);
216: for (Iterator j = roles.iterator(); j.hasNext();) {
217: returned.put(j.next(), entry.getValue());
218: }
219: }
220: }
221:
222: return returned;
223: }
224:
225: protected void processFunctions(List permissions, String roleName,
226: List functions, String worksiteId) {
227: Agent agent = getAgentManager().getWorksiteRole(roleName,
228: worksiteId);
229:
230: if (agent != null) {
231: for (Iterator i = functions.iterator(); i.hasNext();) {
232: Permission permission = new Permission();
233: permission.setAgent(agent);
234: permission.setFunction((String) i.next());
235: permissions.add(permission);
236: }
237: }
238: }
239:
240: public Map getDefaultPermissions() {
241: return defaultPermissions;
242: }
243:
244: public void setDefaultPermissions(Map defaultPermissions) {
245: this .defaultPermissions = defaultPermissions;
246: }
247:
248: public AgentManager getAgentManager() {
249: return agentManager;
250: }
251:
252: public void setAgentManager(AgentManager agentManager) {
253: this .agentManager = agentManager;
254: }
255:
256: public PermissionManager getPermissionManager() {
257: return permissionManager;
258: }
259:
260: public void setPermissionManager(PermissionManager permissionManager) {
261: this .permissionManager = permissionManager;
262: }
263:
264: public String getPermissionEditName() {
265: return permissionEditName;
266: }
267:
268: public void setPermissionEditName(String permissionEditName) {
269: this .permissionEditName = permissionEditName;
270: }
271:
272: public IdManager getIdManager() {
273: return idManager;
274: }
275:
276: public void setIdManager(IdManager idManager) {
277: this .idManager = idManager;
278: }
279:
280: public List getFunctions(PermissionsEdit edit) {
281: return functions;
282: }
283:
284: public List getReadOnlyQualifiers(PermissionsEdit edit) {
285: return new ArrayList();
286: }
287:
288: public void duplicatePermissions(ToolConfiguration fromTool,
289: ToolConfiguration toTool) {
290: getPermissionManager().duplicatePermissions(
291: getIdManager().getId(fromTool.getId()),
292: getIdManager().getId(toTool.getId()),
293: toTool.getContainingPage().getContainingSite());
294: }
295:
296: public void setFunctions(List functions) {
297: this .functions = functions;
298: }
299:
300: public Map getSiteTypePermissions() {
301: return siteTypePermissions;
302: }
303:
304: public void setSiteTypePermissions(Map siteTypePermissions) {
305: this.siteTypePermissions = siteTypePermissions;
306: }
307:
308: }
|