Source Code Cross Referenced for AuthorizationHelper.java in  » Project-Management » XPlanner-0.7b7 » com » technoetic » xplanner » security » auth » Java Source Code / Java DocumentationJava Source Code and Java Documentation

01:        package com.technoetic.xplanner.security.auth;
02:
03:        import java.util.Collection;
04:        import java.util.Iterator;
05:        import javax.servlet.ServletRequest;
06:        import javax.servlet.http.HttpServletRequest;
07:
08:        import com.technoetic.xplanner.security.auth.SystemAuthorizer;
09:        import com.technoetic.xplanner.security.AuthenticationException;
10:        import com.technoetic.xplanner.security.SecurityHelper;
11:        import com.technoetic.xplanner.tags.PageHelper;
12:
13:        /**
14:         * User: Mateusz Prokopowicz
15:         * Date: Feb 15, 2005
16:         * Time: 11:08:59 AM
17:         */
18:        public class AuthorizationHelper {
19:
20:            public static boolean hasPermissionToAny(String[] permissionArray,
21:                    Collection objectCollection, ServletRequest request)
22:                    throws AuthenticationException {
23:                return hasPermissionToAny(permissionArray, objectCollection,
24:                        request, 0);
25:            }
26:
27:            public static boolean hasPermissionToAny(String[] permissionArray,
28:                    Collection objectCollection, ServletRequest request,
29:                    int projectId) throws AuthenticationException {
30:                boolean isAuthorized = false;
31:                int remoteUserId = SecurityHelper
32:                        .getRemoteUserId((HttpServletRequest) request);
33:                for (Iterator iterator = objectCollection.iterator(); !isAuthorized
34:                        && iterator.hasNext();) {
35:                    Object resource = iterator.next();
36:                    projectId = PageHelper.getProjectId(resource, request);
37:                    for (int i = 0; i < permissionArray.length; i++) {
38:                        String permission = permissionArray[i];
39:                        if (SystemAuthorizer.get().hasPermission(projectId,
40:                                remoteUserId, resource, permission)) {
41:                            isAuthorized = true;
42:                            break;
43:                        }
44:                    }
45:                }
46:                return isAuthorized;
47:            }
48:
49:            public static boolean hasPermission(int projectId, int principalId,
50:                    int resourceId, String resourceType, String permission,
51:                    Object resource, ServletRequest request)
52:                    throws AuthenticationException {
53:                boolean hasPermission;
54:                if (principalId == 0) {
55:                    principalId = SecurityHelper
56:                            .getRemoteUserId((HttpServletRequest) request);
57:                }
58:                if (resourceType != null) {
59:                    hasPermission = !SystemAuthorizer.get().hasPermission(
60:                            projectId, principalId, resourceType, resourceId,
61:                            permission);
62:                } else {
63:                    hasPermission = !SystemAuthorizer.get().hasPermission(
64:                            projectId, principalId, resource, permission);
65:                }
66:                return hasPermission;
67:            }
68:        }