001: /*
002: * argun 1.0
003: * Web 2.0 delivery framework
004: * Copyright (C) 2007 Hammurapi Group
005: *
006: * This program is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU Lesser General Public
008: * License as published by the Free Software Foundation; either
009: * version 2 of the License, or (at your option) any later version.
010: *
011: * This program is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this library; if not, write to the Free Software
018: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
019: *
020: * URL: http://www.hammurapi.biz
021: * e-Mail: support@hammurapi.biz
022: */
023: package biz.hammurapi.web.security;
024:
025: import java.io.UnsupportedEncodingException;
026: import java.net.URLEncoder;
027: import java.sql.ResultSet;
028: import java.sql.SQLException;
029: import java.util.ArrayList;
030: import java.util.Collection;
031: import java.util.HashMap;
032: import java.util.HashSet;
033: import java.util.Iterator;
034: import java.util.Map;
035: import java.util.Properties;
036: import java.util.Set;
037:
038: import org.apache.xpath.CachedXPathAPI;
039: import org.w3c.dom.Element;
040:
041: import biz.hammurapi.config.ConfigurationException;
042: import biz.hammurapi.sql.DataAccessObject;
043: import biz.hammurapi.sql.SQLProcessor;
044: import biz.hammurapi.web.menu.sql.MenuEngine;
045: import biz.hammurapi.web.menu.sql.MenuGroup;
046: import biz.hammurapi.web.menu.sql.MenuRole;
047: import biz.hammurapi.web.menu.sql.MenuUser;
048: import biz.hammurapi.web.security.sql.ApplicationUserImpl;
049: import biz.hammurapi.web.security.sql.SecurityEngine;
050: import biz.hammurapi.xml.dom.AbstractDomObject;
051: import biz.hammurapi.xml.dom.DOMUtils;
052:
053: /**
054: * @author Pavel Vlasov
055: * @revision $Revision$
056: */
057: public class User extends ApplicationUserImpl implements
058: DataAccessObject {
059:
060: //public static final String GUEST_NAME = "Guest";
061: public static final String ADMIN_NAME = "Administrator";
062:
063: /**
064: *
065: */
066: public User() {
067: // Default constructor
068: }
069:
070: /**
071: * @param force
072: */
073: public User(boolean force) {
074: super (force);
075: }
076:
077: /**
078: * @param rs
079: * @throws SQLException
080: */
081: public User(ResultSet rs) throws SQLException {
082: super (rs);
083: }
084:
085: /**
086: * @param holder
087: * @param force
088: * @throws ConfigurationException
089: */
090: public User(Element holder, boolean force)
091: throws ConfigurationException {
092: super (holder, force);
093: }
094:
095: /**
096: * @param holder
097: * @param pathMap
098: * @param cxpa
099: * @param force
100: * @throws ConfigurationException
101: */
102: public User(Element holder, Properties pathMap,
103: CachedXPathAPI cxpa, boolean force)
104: throws ConfigurationException {
105: super (holder, pathMap, cxpa, force);
106: }
107:
108: private Collection permissions;
109: private Collection groups;
110: private Collection roles;
111: private Set roleNames = new HashSet();
112: private Map menus;
113:
114: /**
115: * Loads groups, roles and permissions assigned to this user.
116: */
117: public void setSQLProcessor(SQLProcessor processor)
118: throws SQLException {
119: SecurityEngine engine = new SecurityEngine(processor);
120: permissions = engine.getAssignedPermission(getLoginName(),
121: new ArrayList(), Permission.class);
122: roles = engine.getUserRoles(getLoginName(), new ArrayList(),
123: Role.class);
124: Iterator it = roles.iterator();
125: while (it.hasNext()) {
126: roleNames.add(((Role) it.next()).getName());
127: }
128: groups = engine.getUserGroups(getLoginName(), new ArrayList(),
129: Group.class);
130:
131: MenuEngine mEngine = new MenuEngine(processor);
132: menus = new HashMap();
133: it = roleNames.iterator();
134: while (it.hasNext()) {
135: String roleName = (String) it.next();
136: Iterator mrit = mEngine.getMenuRoleByRole(roleName)
137: .iterator();
138: while (mrit.hasNext()) {
139: MenuRole mr = (MenuRole) mrit.next();
140: menus
141: .put(new Integer(mr.getMenuId()), mr
142: .getIsDenied() ? Boolean.FALSE
143: : Boolean.TRUE);
144: }
145: }
146:
147: it = groups.iterator();
148: while (it.hasNext()) {
149: Group group = (Group) it.next();
150: Iterator mgit = mEngine
151: .getMenuGroupByGroup(group.getName()).iterator();
152: while (mgit.hasNext()) {
153: MenuGroup mg = (MenuGroup) mgit.next();
154: menus
155: .put(new Integer(mg.getMenuId()), mg
156: .getIsDenied() ? Boolean.FALSE
157: : Boolean.TRUE);
158: }
159: }
160:
161: Iterator muit = mEngine.getMenuUserByUser(getLoginName())
162: .iterator();
163: while (muit.hasNext()) {
164: MenuUser mu = (MenuUser) muit.next();
165: menus.put(new Integer(mu.getMenuId()),
166: mu.getIsDenied() ? Boolean.FALSE : Boolean.TRUE);
167: }
168: }
169:
170: public boolean isInRole(String role) {
171: return roleNames.contains(role);
172: }
173:
174: public void toDom(Element holder) {
175: super .toDom(holder);
176: DOMUtils.toDom(permissions, "permissions", holder);
177: DOMUtils.toDom(roles, "roles", holder);
178: DOMUtils.toDom(groups, "groups", holder);
179: if (getLoginName() != null) {
180: String encodedUrl;
181: try {
182: encodedUrl = URLEncoder.encode(getLoginName(), "UTF-8");
183: } catch (UnsupportedEncodingException e) {
184: encodedUrl = getLoginName();
185: }
186:
187: AbstractDomObject.addTextElement(holder,
188: "LoginNameUrlEncoded", encodedUrl);
189: }
190: }
191:
192: /**
193: * @param className
194: * @param actionName
195: * @return True if permission for given class and action is granted by this permission or permissions
196: * implied by this permission.
197: */
198: public Boolean hasPermission(String className, String actionName) {
199:
200: // Administrator has all permissions
201: if (ADMIN_NAME.equals(getLoginName())) {
202: return Boolean.TRUE;
203: }
204:
205: Iterator it = permissions.iterator();
206: while (it.hasNext()) {
207: Boolean ret = ((Permission) it.next()).isGranted(className,
208: actionName);
209: if (ret != null) {
210: return ret;
211: }
212: }
213:
214: it = roles.iterator();
215: while (it.hasNext()) {
216: Boolean ret = ((Role) it.next()).isGranted(className,
217: actionName);
218: if (ret != null) {
219: return ret;
220: }
221: }
222:
223: it = groups.iterator();
224: while (it.hasNext()) {
225: Boolean ret = ((Group) it.next()).isGranted(className,
226: actionName);
227: if (ret != null) {
228: return ret;
229: }
230: }
231:
232: return null;
233: }
234:
235: /**
236: * Checks file permission.
237: * @param fileId File ID, ignored for "Create" action
238: * @param action Action name.
239: * @return
240: */
241: public boolean hasFilePermission(int fileId, String action) {
242: return true; // For the time being
243: }
244:
245: /**
246: * Checks access to a menu item
247: * @param menuId
248: * @return Boolean.TRUE if access is granted, Boolean.FALSE if denied,
249: * null if access shall be inherited.
250: */
251: public Boolean hasAccess(int menuId) {
252:
253: // Administrator has access to all menu items.
254: if (ADMIN_NAME.equals(getLoginName())) {
255: return Boolean.TRUE;
256: }
257:
258: return (Boolean) menus.get(new Integer(menuId));
259: }
260:
261: }
|