001: /*
002: * This program is free software; you can redistribute it and/or modify
003: * it under the terms of the GNU General Public License as published by
004: * the Free Software Foundation; either version 2 of the License, or
005: * (at your option) any later version.
006: *
007: * This program is distributed in the hope that it will be useful,
008: * but WITHOUT ANY WARRANTY; without even the implied warranty of
009: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
010: * GNU Library General Public License for more details.
011: *
012: * You should have received a copy of the GNU General Public License
013: * along with this program; if not, write to the Free Software
014: * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
015: */
016: package dlog4j.security;
017:
018: import java.io.IOException;
019: import java.io.InputStream;
020: import java.util.List;
021: import java.util.Vector;
022:
023: import org.apache.commons.digester.Digester;
024: import org.apache.commons.digester.ExtendedBaseRules;
025: import org.xml.sax.SAXException;
026:
027: import web.security.Operation;
028: import web.security.Privilege;
029: import web.security.Range;
030: import web.security.Resource;
031: import web.security.Role;
032: import web.security.impl.OperationImpl;
033: import web.security.impl.PrivilegeImpl;
034: import web.security.impl.RangeImpl;
035: import web.security.impl.ResourceImpl;
036:
037: /**
038: * DLOG4j的安全配置信息
039: * 该类对应security.xml中的信息
040: * @author Winter Lau
041: */
042: public class SecurityConfig {
043:
044: public final static String root = "web-security";
045: //单件模式-Singleton
046: private static SecurityConfig config;
047:
048: static {
049: Digester dig = new Digester();
050: dig.setValidating(false);
051: dig.setRules(new ExtendedBaseRules());
052:
053: dig.addObjectCreate(root, SecurityConfig.class);
054: dig.addSetProperties(root);
055:
056: //Ranges
057: String key_range = root + "/ranges/range";
058: dig.addObjectCreate(key_range, "type", RangeImpl.class);
059: dig.addSetProperties(key_range);
060: dig.addBeanPropertySetter(key_range + "/?");
061: dig.addSetNext(key_range, "addRange");
062:
063: //Operations
064: String key_opt = root + "/operations/operation";
065: dig.addObjectCreate(key_opt, "type", OperationImpl.class);
066: dig.addSetProperties(key_opt);
067: dig.addBeanPropertySetter(key_opt + "/?");
068: dig.addSetNext(key_opt, "addOperation");
069:
070: //Resources
071: String key_res = root + "/resources/resource";
072: dig.addObjectCreate(key_res, "type", ResourceImpl.class);
073: dig.addSetProperties(key_res);
074: dig.addBeanPropertySetter(key_res + "/?");
075: dig.addSetNext(key_res, "addResource");
076:
077: InputStream in = SecurityConfig.class
078: .getResourceAsStream("/security.xml");
079: try {
080: config = (SecurityConfig) dig.parse(in);
081: } catch (Exception e) {
082: System.err.println("Initialized security.xml failed.");
083: e.printStackTrace(System.err);
084: } finally {
085: try {
086: in.close();
087: } catch (Exception e) {
088: }
089: }
090:
091: }
092:
093: private List resources;
094: private List operations;
095: private List ranges;
096: private List roles;
097:
098: /**
099: * 由于该方法是提供给Digester调用,因此必须是public
100: */
101: public SecurityConfig() {
102: resources = new Vector();
103: operations = new Vector();
104: ranges = new Vector();
105: roles = new Vector();
106: }
107:
108: public Range getRangeByName(String name) {
109: for (int i = 0; i < ranges.size(); i++) {
110: Range range = (Range) ranges.get(i);
111: if (range.getName().equals(name))
112: return range;
113: }
114: return null;
115: }
116:
117: public Operation getOperationByName(String name) {
118: for (int i = 0; i < operations.size(); i++) {
119: Operation opt = (Operation) operations.get(i);
120: if (opt.getName().equals(name))
121: return opt;
122: }
123: return null;
124: }
125:
126: public Resource getResourceByName(String name) {
127: for (int i = 0; i < resources.size(); i++) {
128: Resource res = (Resource) resources.get(i);
129: if (res.getName().equals(name))
130: return res;
131: }
132: return null;
133: }
134:
135: /**
136: * 根据编号获取对应的角色信息
137: * @param id
138: * @return
139: */
140: public DlogRole getRoleById(int id) {
141: for (int i = 0; i < getRoles().size(); i++) {
142: DlogRole role = (DlogRole) roles.get(i);
143: if (role.getId() == id)
144: return role;
145: }
146: return null;
147: }
148:
149: /**
150: * 该方法是提供给Digester使用,请不要使用该方法
151: * @param range
152: */
153: public void addRange(Range range) {
154: ranges.add(range);
155: }
156:
157: /**
158: * 该方法是提供给Digester使用,请不要使用该方法
159: * @param opt
160: */
161: public void addOperation(Operation opt) {
162: operations.add(opt);
163: }
164:
165: /**
166: * 该方法是提供给Digester使用,请不要使用该方法
167: * @param res
168: */
169: public void addResource(Resource res) {
170: resources.add(res);
171: }
172:
173: /**
174: * 该方法是提供给Digester使用,请不要使用该方法
175: * @param role
176: */
177: public void addRole(Role role) {
178: roles.add(role);
179: }
180:
181: /**
182: * 用于获取安全配置信息的实例
183: * SecurityConfig config = SecurityConfig.getConfig();
184: * @return
185: * @throws IOException
186: * @throws SAXException
187: */
188: public static SecurityConfig getConfig() throws IOException,
189: SAXException {
190: return config;
191: }
192:
193: public List getOperations() {
194: return operations;
195: }
196:
197: public List getRanges() {
198: return ranges;
199: }
200:
201: public List getResources() {
202: return resources;
203: }
204:
205: public List getRoles() {
206: if (roles.size() == 0) {
207: Digester dig = new Digester();
208: dig.setValidating(false);
209: dig.setRules(new ExtendedBaseRules());
210:
211: dig.addObjectCreate(root, SecurityConfig.class);
212: dig.addSetProperties(root);
213:
214: //Roles
215: String key_role = root + "/roles/role";
216: dig.addObjectCreate(key_role, "type", DlogRole.class);
217: dig.addSetProperties(key_role);
218: //privilege
219: String key_pvg = key_role + "/privileges/privilege";
220: dig.addCallMethod(key_pvg, "addPrivilege", 3);
221: dig.addCallParam(key_pvg + "/resource", 0);
222: dig.addCallParam(key_pvg + "/operation", 1);
223: dig.addCallParam(key_pvg + "/range", 2);
224: dig.addSetNext(key_role, "addRole");
225:
226: InputStream in = SecurityConfig.class
227: .getResourceAsStream("/security.xml");
228: try {
229: SecurityConfig config2 = (SecurityConfig) dig.parse(in);
230: config.roles.addAll(config2.getRoles());
231: } catch (Exception e) {
232: System.err.println("Initialized security.xml failed.");
233: e.printStackTrace(System.err);
234: } finally {
235: try {
236: in.close();
237: } catch (Exception e) {
238: }
239: }
240: }
241: return roles;
242: }
243:
244: public static void main(String[] args) throws IOException,
245: SAXException {
246: SecurityConfig config = SecurityConfig.getConfig();
247: Role guest = config.getRoleById(DlogRole.ROLE_GUEST);
248: Role user = config.getRoleById(DlogRole.ROLE_COMMON);
249: Role friend = config.getRoleById(DlogRole.ROLE_FRIEND);
250: Role buddy = config.getRoleById(DlogRole.ROLE_BUDDY);
251: Role manager = config.getRoleById(DlogRole.ROLE_MANAGER);
252: /*
253: System.out.println("manager.pvg.count="+manager.privileges().length);
254: for(int i=0;i<manager.privileges().length;i++){
255: System.out.println("manager.pvg["+i+"].resource="+manager.privileges()[i].getResource());
256: System.out.println("manager.pvg["+i+"].operation="+manager.privileges()[i].getOperation());
257: System.out.println("manager.pvg["+i+"].range="+manager.privileges()[i].getRange());
258: }*/
259:
260: Resource res = config.getResourceByName("log");
261: Operation opt = config.getOperationByName("maintain");
262: Range range = config.getRangeByName("all");
263:
264: Privilege pvg = new PrivilegeImpl(res, opt, range);
265:
266: System.out.println("guest cando: " + guest.canDo(pvg));
267: System.out.println("user cando: " + user.canDo(pvg));
268: System.out.println("friend cando: " + friend.canDo(pvg));
269: System.out.println("buddy cando: " + buddy.canDo(pvg));
270: System.out.println("manager cando: " + manager.canDo(pvg));
271:
272: /*
273: if(config==null)
274: return;
275: for(int i=0;i<config.getRanges().size();i++)
276: System.out.println(config.getRanges().get(i)+" ===== "+config.getRanges().get(i).getClass().getName());
277: for(int i=0;i<config.getOperations().size();i++)
278: System.out.println(config.getOperations().get(i)+" ===== "+config.getOperations().get(i).getClass().getName());
279: for(int i=0;i<config.getResources().size();i++)
280: System.out.println(config.getResources().get(i)+" ===== "+config.getResources().get(i).getClass().getName());
281: for(int i=0;i<config.getRoles().size();i++)
282: System.out.println(config.getRoles().get(i)+" ===== "+config.getRoles().get(i).getClass().getName());
283: */
284: }
285:
286: }
|