001: //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/security/owsrequestvalidator/wfs/GetFeatureResponseValidator.java $
002: /*---------------- FILE HEADER ------------------------------------------
003:
004: This file is part of deegree.
005: Copyright (C) 2001-2008 by:
006: EXSE, Department of Geography, University of Bonn
007: http://www.giub.uni-bonn.de/deegree/
008: lat/lon GmbH
009: http://www.lat-lon.de
010:
011: This library is free software; you can redistribute it and/or
012: modify it under the terms of the GNU Lesser General Public
013: License as published by the Free Software Foundation; either
014: version 2.1 of the License, or (at your option) any later version.
015:
016: This library is distributed in the hope that it will be useful,
017: but WITHOUT ANY WARRANTY; without even the implied warranty of
018: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: Lesser General Public License for more details.
020:
021: You should have received a copy of the GNU Lesser General Public
022: License along with this library; if not, write to the Free Software
023: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024:
025: Contact:
026:
027: Andreas Poth
028: lat/lon GmbH
029: Aennchenstr. 19
030: 53177 Bonn
031: Germany
032: E-Mail: poth@lat-lon.de
033:
034: Prof. Dr. Klaus Greve
035: Department of Geography
036: University of Bonn
037: Meckenheimer Allee 166
038: 53115 Bonn
039: Germany
040: E-Mail: greve@giub.uni-bonn.de
041:
042: ---------------------------------------------------------------------------*/
043: package org.deegree.security.owsrequestvalidator.wfs;
044:
045: import java.io.ByteArrayInputStream;
046: import java.io.ObjectInputStream;
047:
048: import org.deegree.framework.util.MimeTypeMapper;
049: import org.deegree.i18n.Messages;
050: import org.deegree.model.feature.FeatureCollection;
051: import org.deegree.ogcwebservices.InvalidParameterValueException;
052: import org.deegree.ogcwebservices.OGCWebServiceRequest;
053: import org.deegree.security.drm.model.User;
054: import org.deegree.security.owsproxy.Request;
055: import org.deegree.security.owsrequestvalidator.Policy;
056: import org.deegree.security.owsrequestvalidator.ResponseValidator;
057: import org.deegree.security.owsrequestvalidator.wms.GetMapRequestValidator;
058:
059: /**
060: *
061: * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
062: * @author last edited by: $Author: rbezema $
063: *
064: * @version $Revision: 10573 $, $Date: 2008-03-13 02:44:08 -0700 (Thu, 13 Mar 2008) $
065: */
066: class GetFeatureResponseValidator extends ResponseValidator {
067:
068: /**
069: * @param policy
070: */
071: public GetFeatureResponseValidator(Policy policy) {
072: super (policy);
073: }
074:
075: /**
076: * validates the passed object as a response to a OWS request. The validity of the response may
077: * is assigned to specific user rights. If the passed user is <>null this will be evaluated.
078: * <br>
079: * the reponse may contain three valid kinds of objects:
080: * <ul>
081: * <li>a xml encoded exception
082: * <li>a GML document
083: * <li>a XML document
084: * <li>a serialized deegree FeatureCollection
085: * <li>any other kind of document that is valid against the formats defined for GetFeature in
086: * the capabilities
087: * </ul>
088: * Each of these types can be identified by the mime-type of the response that is also passed to
089: * the method. <br>
090: * If something basic went wrong it is possible that not further specified kind of object is
091: * passed as response. In this case the method will throw an
092: * <tt>InvalidParameterValueException</tt> to avoid sending bad responses to the client.
093: *
094: * @param service
095: * service which produced the response (WMS, WFS ...)
096: * @param response
097: * @param mime
098: * mime-type of the response
099: * @param user
100: * @return the validated response.
101: * @throws InvalidParameterValueException
102: * @see GetMapRequestValidator#validateRequest(OGCWebServiceRequest, User)
103: */
104: @Override
105: public byte[] validateResponse(String service, byte[] response,
106: String mime, User user)
107: throws InvalidParameterValueException {
108:
109: Request req = policy.getRequest(service, "GetFeature");
110: // request is valid because no restrictions are made
111: if (req.isAny()) {
112: return response;
113: }
114:
115: // Condition condition = req.getPostConditions();
116:
117: if (MimeTypeMapper.isKnownOGCType(mime)) {
118: // if the mime-type isn't an image type but a known
119: // OGC mime-type it must be an XML document.
120: // probably it is an exception but it also could be
121: // a GML document
122: response = validateXML(response, mime, user);
123: } else if (mime.equals("text/xml")) {
124: // if the mime-type isn't an image type but 'text/xml'
125: // it could be an exception
126: response = validateXML(response, mime, user);
127: } else if (mime.equals("application/octet-stream")) {
128: response = validateBinaryResult(response, user);
129: } else {
130: throw new InvalidParameterValueException(UNKNOWNMIMETYPE
131: + mime);
132: }
133:
134: return response;
135: }
136:
137: /**
138: * validates the passed byte array to be valid against the policy
139: *
140: * @param xml
141: * @param mime
142: * @param user
143: */
144: private byte[] validateXML(byte[] xml, String mime, User user) {
145: // TODO
146: // define useful post-validation for xml-documents
147: // at the moment everything is valid
148: return xml;
149: }
150:
151: /**
152: * validates the passed byte array to be valid against the policy. At the moment just a
153: * org.deegree.model.feature.FeatureCollection is a valid response if mime type is
154: * application/octet-stream. This may be enhanced in future versions.
155: *
156: * @param object
157: * @param user
158: * @throws InvalidParameterValueException
159: */
160: private byte[] validateBinaryResult(byte[] object, User user)
161: throws InvalidParameterValueException {
162: try {
163: ByteArrayInputStream bis = new ByteArrayInputStream(object);
164: ObjectInputStream ois = new ObjectInputStream(bis);
165: Object obj = ois.readObject();
166:
167: if (!(obj instanceof FeatureCollection)) {
168: String s = Messages
169: .getMessage("OWSPROXY_INVALID_GETFEATURE_RESPONSETYPE");
170: throw new InvalidParameterValueException(s);
171: }
172: } catch (Exception e) {
173: throw new InvalidParameterValueException(e);
174: }
175:
176: return object;
177: }
178: }
|