001: /**********************************************************************************
002: * $URL:https://source.sakaiproject.org/svn/osp/trunk/common/api-impl/src/java/org/theospi/portfolio/security/app/AuthorizationFacadeImpl.java $
003: * $Id:AuthorizationFacadeImpl.java 9134 2006-05-08 20:28:42Z chmaurer@iupui.edu $
004: ***********************************************************************************
005: *
006: * Copyright (c) 2005, 2006 The Sakai Foundation.
007: *
008: * Licensed under the Educational Community License, Version 1.0 (the "License");
009: * you may not use this file except in compliance with the License.
010: * You may obtain a copy of the License at
011: *
012: * http://www.opensource.org/licenses/ecl1.php
013: *
014: * Unless required by applicable law or agreed to in writing, software
015: * distributed under the License is distributed on an "AS IS" BASIS,
016: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017: * See the License for the specific language governing permissions and
018: * limitations under the License.
019: *
020: **********************************************************************************/package org.theospi.portfolio.security.app;
021:
022: import java.util.ArrayList;
023: import java.util.Collection;
024: import java.util.HashMap;
025: import java.util.Iterator;
026: import java.util.List;
027: import java.util.Map;
028: import java.util.SortedSet;
029: import java.util.TreeSet;
030:
031: import org.sakaiproject.metaobj.security.AuthenticationManager;
032: import org.sakaiproject.metaobj.shared.model.Agent;
033: import org.sakaiproject.metaobj.shared.model.Id;
034: import org.theospi.portfolio.security.AuthorizationFacade;
035: import org.theospi.portfolio.security.AuthorizationFailedException;
036:
037: /**
038: * Created by IntelliJ IDEA.
039: * User: John Ellis
040: * Date: May 19, 2004
041: * Time: 4:31:35 PM
042: * To change this template use File | Settings | File Templates.
043: */
044: public class AuthorizationFacadeImpl implements AuthorizationFacade,
045: AppAuthFacade {
046:
047: protected final org.apache.commons.logging.Log logger = org.apache.commons.logging.LogFactory
048: .getLog(getClass());
049:
050: private AuthenticationManager authManager = null;
051: private AuthorizationFacade explicitAuthz = null;
052:
053: private Map authorizorMap = new HashMap();
054:
055: /**
056: * order needs to be maintained here.
057: */
058: private List applicationAuthorizers = new ArrayList();
059:
060: public void checkPermission(String function, Id id)
061: throws AuthorizationFailedException {
062: if (!isAuthorized(function, id)) {
063: throw new AuthorizationFailedException(function, id);
064: }
065: }
066:
067: public void checkPermission(Agent agent, String function, Id id)
068: throws AuthorizationFailedException {
069: if (!isAuthorized(agent, function, id)) {
070: throw new AuthorizationFailedException(agent, function, id);
071: }
072: }
073:
074: /**
075: * {@inheritDoc}
076: */
077: public boolean isAuthorized(String function, Id id) {
078: return isAuthorized(authManager.getAgent(), function, id);
079: }
080:
081: /**
082: * Builds and caches an ordered list of all ApplicationAuthorizors that consume a given function.
083: * @param function - function
084: * @return List - of pertinent ApplicationAuthorizors
085: */
086: protected synchronized List registerFunction(String function) {
087: if (logger.isDebugEnabled()) {
088: logger.debug("registerFunction(" + function + ")");
089: }
090:
091: List result = new ArrayList();
092:
093: for (Iterator i = getApplicationAuthorizers().iterator(); i
094: .hasNext();) {
095: OrderedAuthorizer appAuth = (OrderedAuthorizer) i.next();
096: if (appAuth.getAuthorizer().getFunctions().contains(
097: function)) {
098: if (logger.isDebugEnabled()) {
099: logger.debug("registerFunction: adding "
100: + appAuth.getClass().getName() + ")");
101: }
102: result.add(appAuth.getAuthorizer());
103: }
104: }
105: authorizorMap.put(function, result);
106: return result;
107: }
108:
109: /**
110: * {@inheritDoc}
111: */
112: public boolean isAuthorized(Agent agent, String function, Id id) {
113:
114: if (logger.isDebugEnabled()) {
115: logger.debug("isAuthorized(" + agent + "," + function + ","
116: + id + ")");
117: }
118:
119: List appAuthz = (List) authorizorMap.get(function);
120:
121: if (appAuthz == null) {
122: synchronized (authorizorMap) {
123: appAuthz = (List) authorizorMap.get(function);
124: if (appAuthz == null) {
125: appAuthz = registerFunction(function);
126: }
127: }
128: }
129:
130: for (Iterator i = appAuthz.iterator(); i.hasNext();) {
131: ApplicationAuthorizer appAuth = (ApplicationAuthorizer) i
132: .next();
133:
134: if (logger.isDebugEnabled()) {
135: logger.debug("isAuthorized() is calling: "
136: + appAuth.getClass().getName());
137: }
138: Boolean auth = appAuth.isAuthorized(getExplicitAuthz(),
139: agent, function, id);
140:
141: if (auth != null) {
142: return auth.booleanValue();
143: }
144: }
145:
146: // fall through to explicit authorization,. no application is aware
147: // of this request.
148: return getExplicitAuthz().isAuthorized(agent, function, id);
149: }
150:
151: /**
152: * at least one param must be non-null
153: *
154: * @param agent
155: * @param function
156: * @param id
157: * @return
158: */
159: public List getAuthorizations(Agent agent, String function, Id id) {
160: return getExplicitAuthz()
161: .getAuthorizations(agent, function, id);
162: }
163:
164: /**
165: * @param agent
166: * @param function
167: * @param id
168: */
169: public void createAuthorization(Agent agent, String function, Id id) {
170: getExplicitAuthz().createAuthorization(agent, function, id);
171: }
172:
173: public void deleteAuthorization(Agent agent, String function, Id id) {
174: getExplicitAuthz().deleteAuthorization(agent, function, id);
175: }
176:
177: public void deleteAuthorizations(Id qualifier) {
178: getExplicitAuthz().deleteAuthorizations(qualifier);
179: }
180:
181: public void pushAuthzGroups(Collection authzGroups) {
182: getExplicitAuthz().pushAuthzGroups(authzGroups);
183: }
184:
185: public void pushAuthzGroups(String siteId) {
186: getExplicitAuthz().pushAuthzGroups(siteId);
187: }
188:
189: public AuthenticationManager getAuthManager() {
190: return authManager;
191: }
192:
193: public void setAuthManager(AuthenticationManager authManager) {
194: this .authManager = authManager;
195: }
196:
197: public AuthorizationFacade getExplicitAuthz() {
198: return explicitAuthz;
199: }
200:
201: public void setExplicitAuthz(AuthorizationFacade explicitAuthz) {
202: this .explicitAuthz = explicitAuthz;
203: }
204:
205: public List getApplicationAuthorizers() {
206: return applicationAuthorizers;
207: }
208:
209: public void setApplicationAuthorizers(List applicationAuthorizers) {
210: this .applicationAuthorizers = applicationAuthorizers;
211: }
212:
213: public void addAppAuthorizers(List appAuthorizers) {
214: SortedSet sorted = new TreeSet();
215: sorted.addAll(getApplicationAuthorizers());
216: sorted.addAll(appAuthorizers);
217: setApplicationAuthorizers(new ArrayList(sorted));
218: }
219:
220: }
|