001: //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/security/owsrequestvalidator/wfs/AbstractWFSRequestValidator.java $
002: /*---------------- FILE HEADER ------------------------------------------
003:
004: This file is part of deegree.
005: Copyright (C) 2001-2008 by:
006: University of Bonn
007: http://www.giub.uni-bonn.de/deegree/
008: lat/lon GmbH
009: http://www.lat-lon.de
010:
011: This library is free software; you can redistribute it and/or
012: modify it under the terms of the GNU Lesser General Public
013: License as published by the Free Software Foundation; either
014: version 2.1 of the License, or (at your option) any later version.
015:
016: This library is distributed in the hope that it will be useful,
017: but WITHOUT ANY WARRANTY; without even the implied warranty of
018: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: Lesser General Public License for more details.
020:
021: You should have received a copy of the GNU Lesser General Public
022: License along with this library; if not, write to the Free Software
023: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024:
025: Contact:
026:
027: Andreas Poth
028: lat/lon GmbH
029: Aennchenstr. 19
030: 53115 Bonn
031: Germany
032: E-Mail: poth@lat-lon.de
033:
034: Klaus Greve
035: Department of Geography
036: University of Bonn
037: Meckenheimer Allee 166
038: 53115 Bonn
039: Germany
040: E-Mail: klaus.greve@uni-bonn.de
041:
042: ---------------------------------------------------------------------------*/
043: package org.deegree.security.owsrequestvalidator.wfs;
044:
045: import java.io.IOException;
046: import java.io.StringReader;
047: import java.util.List;
048:
049: import org.deegree.framework.log.ILogger;
050: import org.deegree.framework.log.LoggerFactory;
051: import org.deegree.framework.xml.XMLFragment;
052: import org.deegree.i18n.Messages;
053: import org.deegree.model.filterencoding.AbstractFilter;
054: import org.deegree.model.filterencoding.ComplexFilter;
055: import org.deegree.model.filterencoding.FilterConstructionException;
056: import org.deegree.model.filterencoding.Literal;
057: import org.deegree.model.filterencoding.LogicalOperation;
058: import org.deegree.model.filterencoding.Operation;
059: import org.deegree.model.filterencoding.OperationDefines;
060: import org.deegree.model.filterencoding.PropertyIsCOMPOperation;
061: import org.deegree.model.filterencoding.PropertyName;
062: import org.deegree.ogcwebservices.InvalidParameterValueException;
063: import org.deegree.security.owsproxy.Condition;
064: import org.deegree.security.owsproxy.OperationParameter;
065: import org.deegree.security.owsrequestvalidator.Policy;
066: import org.deegree.security.owsrequestvalidator.RequestValidator;
067: import org.xml.sax.SAXException;
068:
069: /**
070: *
071: *
072: * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
073: * @author last edited by: $Author: rbezema $
074: *
075: * @version $Revision: 10573 $, $Date: 2008-03-13 02:44:08 -0700 (Thu, 13 Mar 2008) $
076: */
077: abstract class AbstractWFSRequestValidator extends RequestValidator {
078:
079: private static final ILogger LOG = LoggerFactory
080: .getLogger(AbstractWFSRequestValidator.class);
081:
082: // known condition parameter
083: private static final String FEATURETYPES = "featureTypes";
084:
085: private static final String PROPERTY_INSTANCEFILTER = "instanceFilter";
086:
087: /**
088: * @param policy
089: */
090: public AbstractWFSRequestValidator(Policy policy) {
091: super (policy);
092: }
093:
094: /**
095: * validates if the requested info featuretypes are valid against the policy/condition. If the
096: * passed user <> null this is checked against the user- and rights-management system/repository
097: *
098: * @param condition
099: * @param featureTypes
100: * @throws InvalidParameterValueException
101: */
102: protected void validateFeatureTypes(Condition condition,
103: String[] featureTypes)
104: throws InvalidParameterValueException {
105:
106: OperationParameter op = condition
107: .getOperationParameter(FEATURETYPES);
108:
109: if (op == null) {
110: LOG
111: .logWarning("Did you forget to add a featureType parameter to the precondition?");
112: }
113:
114: // version is valid because no restrictions are made
115: if (op.isAny())
116: return;
117:
118: List<String> validLayers = op.getValues();
119: if (op.isUserCoupled()) {
120: userCoupled = true;
121: } else {
122: for (int i = 0; i < featureTypes.length; i++) {
123: LOG.logDebug("validating feature type: ",
124: featureTypes[i]);
125: if (!validLayers.contains(featureTypes[i])) {
126: String s = Messages.getMessage(
127: "OWSPROXY_NOT_ALLOWED_FEATURETYPE",
128: "insert", featureTypes[i]);
129: throw new InvalidParameterValueException(s);
130: }
131: }
132: }
133: }
134:
135: /**
136: *
137: * @param operation
138: * @return the filter defined for the given operation or <code>null</code> if no such filter is defined.
139: * @throws IOException
140: * @throws SAXException
141: * @throws FilterConstructionException
142: */
143: protected ComplexFilter extractInstanceFilter(Operation operation)
144: throws SAXException, IOException,
145: FilterConstructionException {
146: ComplexFilter filter = null;
147: if (operation.getOperatorId() == OperationDefines.AND) {
148: List<Operation> arguments = ((LogicalOperation) operation)
149: .getArguments();
150: for (int i = 0; i < arguments.size(); i++) {
151: Operation op = arguments.get(i);
152: if (op.getOperatorId() == OperationDefines.PROPERTYISEQUALTO) {
153: PropertyName pn = (PropertyName) ((PropertyIsCOMPOperation) op)
154: .getFirstExpression();
155: if (PROPERTY_INSTANCEFILTER.equals(pn.getValue()
156: .getAsString())) {
157: Literal literal = (Literal) ((PropertyIsCOMPOperation) op)
158: .getSecondExpression();
159: StringReader sr = new StringReader(literal
160: .getValue());
161: XMLFragment xml = new XMLFragment(sr,
162: XMLFragment.DEFAULT_URL);
163: filter = (ComplexFilter) AbstractFilter
164: .buildFromDOM(xml.getRootElement(),
165: false);
166: }
167: }
168: }
169: }
170: return filter;
171: }
172: }
|