001: /*
002: * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
003: *
004: * Redistribution and use in source and binary forms, with or without
005: * modification, are permitted provided that the following conditions
006: * are met:
007: *
008: * - Redistributions of source code must retain the above copyright
009: * notice, this list of conditions and the following disclaimer.getc
010: *
011: * - Redistribution in binary form must reproduce the above copyright
012: * notice, this list of conditions and the following disclaimer in
013: * the documentation and/or other materials provided with the
014: * distribution.
015: *
016: * Neither the name of Sun Microsystems, Inc. or the names of
017: * contributors may be used to endorse or promote products derived
018: * from this software without specific prior written permission.
019: *
020: * This software is provided "AS IS," without a warranty of any
021: * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
022: * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
023: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
024: * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES
025: * SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR
026: * DISTRIBUTING THE SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL SUN
027: * OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR
028: * FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR
029: * PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF
030: * LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE SOFTWARE,
031: * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
032: *
033: * You acknowledge that Software is not designed, licensed or intended
034: * any nuclear facility.
035: */
036:
037: package com.sun.portal.community.impl;
038:
039: import javax.servlet.http.HttpServletRequest;
040: import javax.servlet.http.HttpServletResponse;
041: import javax.servlet.http.HttpSession;
042: import javax.servlet.ServletContext;
043:
044: import com.sun.portal.community.mc.CMCFactory;
045: import com.sun.portal.community.mc.CMCException;
046: import com.sun.portal.community.mc.CMCPrincipal;
047: import com.sun.portal.community.mc.CMCNode;
048: import com.sun.portal.community.mc.CMCUser;
049: import com.sun.portal.community.mc.CMCRolePrincipal;
050: import com.sun.portal.community.mc.ConfigTable;
051: import com.sun.portal.community.mc.ConfigTable.ConfigKey;
052: import com.sun.portal.community.mc.CMCExistsException;
053:
054: import com.sun.portal.community.CommunityId;
055: import com.sun.portal.community.RoleId;
056: import com.sun.portal.community.CommunityUser;
057: import com.sun.portal.community.CommunityFactory;
058: import com.sun.portal.community.CommunityException;
059:
060: import com.sun.portal.util.ResourceLoader;
061:
062: import java.util.Set;
063: import java.util.HashSet;
064: import java.util.Map;
065: import java.util.HashMap;
066: import java.util.Iterator;
067: import java.util.List;
068: import java.util.Arrays;
069: import java.util.Properties;
070: import java.util.Locale;
071:
072: import java.io.IOException;
073: import java.io.FileNotFoundException;
074:
075: import com.sun.portal.desktop.context.CommunityUserMembershipThreadLocalizer;
076:
077: import netscape.ldap.LDAPDN;
078:
079: public class CommunityUserImpl implements CommunityUser {
080: private static CMCFactory cmcFactory = null;
081:
082: static {
083: try {
084: cmcFactory = CMCFactory.getInstance();
085: } catch (CMCException ce) {
086: throw new RuntimeException(
087: "failed to get CMC factory instance", ce);
088: }
089: }
090:
091: private String userId;
092: private HttpServletRequest request;
093: private CMCUser cmcUser;
094: private List types;
095: private DSAMEUserInfo dsameUserInfo;
096:
097: public CommunityUserImpl(HttpServletRequest req, String userId)
098: throws CommunityException {
099: this .request = req;
100: this .userId = LDAPDN.normalize(userId.toLowerCase());
101:
102: types = getTypes(req);
103: //System.err.println("CommunityUserImpl.CommunityUserImpl(): types=" + types);
104:
105: try {
106: if (types == null) {
107: cmcUser = cmcFactory.getCMCUser(this .userId);
108: } else {
109: cmcUser = cmcFactory.getCMCUser(this .userId, types
110: .iterator());
111: }
112: } catch (CMCException cmce) {
113: throw new CommunityException(cmce);
114: }
115: try {
116: dsameUserInfo = new DSAMEUserInfo(userId);
117: } catch (DSAMEUserInfo.UserNotFoundException duie) {
118: // userId doesn't exist in dsame, set dsameUserInfo to null
119: dsameUserInfo = null;
120: } catch (CommunityException ce) {
121: // error on getting amUser, TODO: log error
122: }
123:
124: }
125:
126: public String getUserId() {
127: return userId;
128: }
129:
130: public Map getMembership() throws CommunityException {
131: return getMembership(false);
132: }
133:
134: public Map getMembership(boolean allRoles)
135: throws CommunityException {
136: Map membershipMap = new HashMap();
137:
138: Set cmcMembership = CommunityUserMembershipThreadLocalizer
139: .get(getUserId());
140: if (cmcMembership == null) {
141: try {
142: cmcMembership = cmcUser.getMembership();
143: } catch (CMCException cmce) {
144: throw new CommunityException(cmce);
145: }
146: }
147:
148: membershipMap = getMembershipFromCMC(cmcMembership);
149:
150: if (!allRoles) {
151: membershipMap = filterEffectiveMembership(membershipMap,
152: cmcMembership);
153: }
154:
155: return membershipMap;
156: }
157:
158: public boolean hasRole(CommunityId cid, RoleId rid)
159: throws CommunityException {
160: return hasRole(cid, rid, false);
161: }
162:
163: public boolean hasRole(CommunityId cid, RoleId rid, boolean allRoles)
164: throws CommunityException {
165: boolean hasRole;
166:
167: Set cmcMembership = CommunityUserMembershipThreadLocalizer
168: .get(getUserId());
169: if (cmcMembership == null) {
170: try {
171: cmcMembership = cmcUser.getMembership();
172: } catch (CMCException cmce) {
173: throw new CommunityException(cmce);
174: }
175: }
176:
177: hasRole = false;
178: Map membershipMap = getMembershipFromCMC(cmcMembership);
179: if (!allRoles) {
180: membershipMap = filterEffectiveMembership(membershipMap,
181: cmcMembership);
182: }
183: Set roleIds = (Set) membershipMap.get(cid);
184: if (roleIds != null && roleIds.contains(rid)) {
185: hasRole = true;
186: }
187: return hasRole;
188: }
189:
190: private static List getTypes(HttpServletRequest req)
191: throws CommunityException {
192: String typesString = CommunityProperties.getInstance()
193: .getTypes();
194: if (typesString == null) {
195: return null;
196: }
197: String[] types = typesString.split("\\|");
198: return Arrays.asList(types);
199: }
200:
201: private Map getMembershipFromCMC(Set cmcMembership)
202: throws CommunityException {
203: Map membership = new HashMap();
204: for (Iterator i = cmcMembership.iterator(); i.hasNext();) {
205: ConfigKey ck = (ConfigKey) i.next();
206: CommunityId cid = TypeConverter.communityPrincipalToId(ck
207: .getCommunityPrincipal());
208: if (!types.contains(cid.getType())) {
209: // skip types that the client has told us that it is not
210: // interested in
211: continue;
212: }
213: RoleId rid = TypeConverter.rolePrincipalToId(ck
214: .getRolePrincipal());
215: if (rid == null) {
216: // skip RolePrincipal that does not map to RoleId
217: // i.e. community roles (or unsupported/bogus role)
218: continue;
219: }
220: Set this RoleIds = (Set) membership.get(cid);
221: if (this RoleIds == null) {
222: this RoleIds = new HashSet();
223: membership.put(cid, this RoleIds);
224: }
225: this RoleIds.add(rid);
226: }
227: return membership;
228: }
229:
230: protected String getDSAMEStringAttribute(String name)
231: throws CommunityException {
232: String value = null;
233: if (this .dsameUserInfo != null) {
234: value = dsameUserInfo.getUserStringAttribute(name);
235: }
236: return value;
237: }
238:
239: public String getFullName() throws CommunityException {
240: return getDSAMEStringAttribute(DSAMEUserInfo.ATTTR_FULLNAME);
241: }
242:
243: public String getEmailAddr() throws CommunityException {
244: return getDSAMEStringAttribute(DSAMEUserInfo.ATTTR_EMAIL);
245: }
246:
247: public Locale getPreferredLocale() throws CommunityException {
248: String lc = getDSAMEStringAttribute(DSAMEUserInfo.ATTTR_LOCALE);
249: Locale locale = null;
250: if (lc != null && lc.length() > 0) {
251: locale = new Locale(lc);
252: }
253: return locale;
254: }
255:
256: /*
257: * Filter on effective membership. Note that it destructively modifies the
258: * Map passed in.
259: */
260: private Map filterEffectiveMembership(Map membershipMap,
261: Set cmcMembership) {
262:
263: for (Iterator i = membershipMap.keySet().iterator(); i
264: .hasNext();) {
265: CommunityId cid = (CommunityId) i.next();
266: Set roleIds = (Set) membershipMap.get(cid);
267:
268: //
269: // find out whether it's disabled or deleted
270: // by scanning through cmcMembership
271: //
272: boolean isDisabledOrDeleted = false;
273: Iterator it = cmcMembership.iterator();
274: while (it.hasNext() && !isDisabledOrDeleted) {
275: ConfigKey ck = (ConfigKey) it.next();
276: CommunityId this Cid = TypeConverter
277: .communityPrincipalToId(ck
278: .getCommunityPrincipal());
279: if (cid.equals(this Cid)) {
280: CMCRolePrincipal rp = ck.getRolePrincipal();
281: if (rp.equals(CMCRolePrincipal.DISABLED_ROLE)
282: || rp.equals(CMCRolePrincipal.DELETED_ROLE)) {
283: isDisabledOrDeleted = true;
284: }
285: }
286: }
287:
288: if (isDisabledOrDeleted) {
289: //
290: // if disabled/deleted, remove membership
291: //
292: i.remove();
293:
294: } else if (roleIds.contains(RoleId.BANNED_ROLE)) {
295: //
296: // if banned, take out every other role
297: //
298: roleIds.clear();
299: roleIds.add(RoleId.BANNED_ROLE);
300: }
301: }
302:
303: return membershipMap;
304: }
305: }
|