001: /**
002: * Copyright (C) 2001 Yasna.com. All rights reserved.
003: *
004: * ===================================================================
005: * The Apache Software License, Version 1.1
006: *
007: * Redistribution and use in source and binary forms, with or without
008: * modification, are permitted provided that the following conditions
009: * are met:
010: *
011: * 1. Redistributions of source code must retain the above copyright
012: * notice, this list of conditions and the following disclaimer.
013: *
014: * 2. Redistributions in binary form must reproduce the above copyright
015: * notice, this list of conditions and the following disclaimer in
016: * the documentation and/or other materials provided with the
017: * distribution.
018: *
019: * 3. The end-user documentation included with the redistribution,
020: * if any, must include the following acknowledgment:
021: * "This product includes software developed by
022: * Yasna.com (http://www.yasna.com)."
023: * Alternately, this acknowledgment may appear in the software itself,
024: * if and wherever such third-party acknowledgments normally appear.
025: *
026: * 4. The names "Yazd" and "Yasna.com" must not be used to
027: * endorse or promote products derived from this software without
028: * prior written permission. For written permission, please
029: * contact yazd@yasna.com.
030: *
031: * 5. Products derived from this software may not be called "Yazd",
032: * nor may "Yazd" appear in their name, without prior written
033: * permission of Yasna.com.
034: *
035: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
036: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
037: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
038: * DISCLAIMED. IN NO EVENT SHALL YASNA.COM OR
039: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
040: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
041: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
042: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
043: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
044: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
045: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
046: * SUCH DAMAGE.
047: * ====================================================================
048: *
049: * This software consists of voluntary contributions made by many
050: * individuals on behalf of Yasna.com. For more information
051: * on Yasna.com, please see <http://www.yasna.com>.
052: */
053:
054: /**
055: * Copyright (C) 2000 CoolServlets.com. All rights reserved.
056: *
057: * ===================================================================
058: * The Apache Software License, Version 1.1
059: *
060: * Redistribution and use in source and binary forms, with or without
061: * modification, are permitted provided that the following conditions
062: * are met:
063: *
064: * 1. Redistributions of source code must retain the above copyright
065: * notice, this list of conditions and the following disclaimer.
066: *
067: * 2. Redistributions in binary form must reproduce the above copyright
068: * notice, this list of conditions and the following disclaimer in
069: * the documentation and/or other materials provided with the
070: * distribution.
071: *
072: * 3. The end-user documentation included with the redistribution,
073: * if any, must include the following acknowledgment:
074: * "This product includes software developed by
075: * CoolServlets.com (http://www.coolservlets.com)."
076: * Alternately, this acknowledgment may appear in the software itself,
077: * if and wherever such third-party acknowledgments normally appear.
078: *
079: * 4. The names "Jive" and "CoolServlets.com" must not be used to
080: * endorse or promote products derived from this software without
081: * prior written permission. For written permission, please
082: * contact webmaster@coolservlets.com.
083: *
084: * 5. Products derived from this software may not be called "Jive",
085: * nor may "Jive" appear in their name, without prior written
086: * permission of CoolServlets.com.
087: *
088: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
089: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
090: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
091: * DISCLAIMED. IN NO EVENT SHALL COOLSERVLETS.COM OR
092: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
093: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
094: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
095: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
096: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
097: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
098: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
099: * SUCH DAMAGE.
100: * ====================================================================
101: *
102: * This software consists of voluntary contributions made by many
103: * individuals on behalf of CoolServlets.com. For more information
104: * on CoolServlets.com, please see <http://www.coolservlets.com>.
105: */package com.Yasna.forum;
106:
107: import com.Yasna.forum.util.ClientIP;
108: import com.Yasna.forum.Exceptions.RapidPostingException;
109: import com.Yasna.forum.Exceptions.UserBlackListedException;
110:
111: import java.util.Date;
112: import java.util.Iterator;
113: import java.util.Enumeration;
114:
115: /**
116: * A protection proxy for Forums. A proxy has a set of permissions that are
117: * specified at creation time of the proxy. Subsequently, those permissions
118: * are use to restrict access to protected Forum methods. If a user does
119: * not have the right to execute a particular method, and UnauthorizedException
120: * is thrown.
121: *
122: * @see Forum
123: * @see ForumPermissions
124: * @see UnauthorizedException
125: */
126: public class ForumProxy implements Forum {
127:
128: private Forum forum;
129: private Authorization authorization;
130: private ForumPermissions permissions;
131:
132: /**
133: * Creates a new ForumProxy object.
134: *
135: * @param forum the forum to protect by proxy
136: * @param authorization the user's authorization token
137: * @param permissions the permissions to use with this proxy.
138: */
139: public ForumProxy(Forum forum, Authorization authorization,
140: ForumPermissions permissions) {
141: this .forum = forum;
142: this .authorization = authorization;
143: this .permissions = permissions;
144: }
145:
146: //** Methods from interface below**//
147:
148: public int getID() {
149: return forum.getID();
150: }
151:
152: public String getName() {
153: return forum.getName();
154: }
155:
156: public void setName(String name) throws UnauthorizedException,
157: ForumAlreadyExistsException {
158: if (permissions.isSystemOrForumAdmin()) {
159: forum.setName(name);
160: } else {
161: throw new UnauthorizedException();
162: }
163: }
164:
165: public String getDescription() {
166: return forum.getDescription();
167: }
168:
169: public void setDescription(String description)
170: throws UnauthorizedException {
171: if (permissions.isSystemOrForumAdmin()) {
172: forum.setDescription(description);
173: } else {
174: throw new UnauthorizedException();
175: }
176: }
177:
178: public Date getCreationDate() {
179: return forum.getCreationDate();
180: }
181:
182: public void setCreationDate(Date creationDate)
183: throws UnauthorizedException {
184: if (permissions.isSystemOrForumAdmin()) {
185: forum.setCreationDate(creationDate);
186: } else {
187: throw new UnauthorizedException();
188: }
189: }
190:
191: public Date getModifiedDate() {
192: return forum.getModifiedDate();
193: }
194:
195: public void setModifiedDate(Date modifiedDate)
196: throws UnauthorizedException {
197: if (permissions.isSystemOrForumAdmin()) {
198: forum.setModifiedDate(modifiedDate);
199: } else {
200: throw new UnauthorizedException();
201: }
202: }
203:
204: public String getProperty(String name) {
205: return forum.getProperty(name);
206: }
207:
208: public void setProperty(String name, String value)
209: throws UnauthorizedException {
210: if (permissions.isSystemOrForumAdmin()) {
211: forum.setProperty(name, value);
212: } else {
213: throw new UnauthorizedException();
214: }
215: }
216:
217: public Enumeration propertyNames() {
218: return forum.propertyNames();
219: }
220:
221: public ForumThread createThread(ForumMessage rootMessage,
222: ThreadType type) throws UnauthorizedException {
223: if (permissions.get(ForumPermissions.CREATE_THREAD)) {
224: ForumThread thread = forum.createThread(rootMessage, type);
225: return new ForumThreadProxy(thread, authorization,
226: permissions);
227: } else {
228: throw new UnauthorizedException();
229: }
230: }
231:
232: public ForumMessage createMessage(User user, ClientIP clientIP)
233: throws UnauthorizedException, RapidPostingException,
234: UserBlackListedException {
235: if (permissions.get(ForumPermissions.CREATE_MESSAGE)
236: || permissions.get(ForumPermissions.CREATE_THREAD)) {
237: //The user must be anonymous or the actual user in order to post as
238: //that user. Otherwise, throw an exception.
239: if (user.hasPermission(ForumPermissions.USER_ADMIN)
240: || user.isAnonymous()) {
241: ForumMessage message = forum.createMessage(user,
242: clientIP);
243: return new ForumMessageProxy(message, authorization,
244: permissions);
245: } else {
246: throw new UnauthorizedException();
247: }
248:
249: } else {
250: throw new UnauthorizedException();
251: }
252: }
253:
254: public ForumMessage createDummyMessage(User user)
255: throws UnauthorizedException {
256: if (permissions.get(ForumPermissions.CREATE_MESSAGE)
257: || permissions.get(ForumPermissions.CREATE_THREAD)) {
258: //The user must be anonymous or the actual user in order to post as
259: //that user. Otherwise, throw an exception.
260: if (user.hasPermission(ForumPermissions.USER_ADMIN)
261: || user.isAnonymous()) {
262: ForumMessage message = forum.createDummyMessage(user);
263: return new ForumMessageProxy(message, authorization,
264: permissions);
265: } else {
266: throw new UnauthorizedException();
267: }
268:
269: } else {
270: throw new UnauthorizedException();
271: }
272: }
273:
274: public void deleteThread(ForumThread thread)
275: throws UnauthorizedException {
276: if (permissions.isSystemOrForumAdmin()
277: || permissions.get(ForumPermissions.MODERATOR)) {
278: forum.deleteThread(thread);
279: } else {
280: throw new UnauthorizedException();
281: }
282: }
283:
284: public void moveThread(ForumThread thread, Forum newForum)
285: throws UnauthorizedException, IllegalArgumentException {
286: //If the user is an amdin of both forums
287: if (permissions.isSystemOrForumAdmin()
288: && (newForum
289: .hasPermission(ForumPermissions.SYSTEM_ADMIN) || newForum
290: .hasPermission(ForumPermissions.FORUM_ADMIN))) {
291: forum.moveThread(thread, newForum);
292: } else {
293: throw new UnauthorizedException();
294: }
295: }
296:
297: public void addThread(ForumThread thread)
298: throws UnauthorizedException {
299: if (permissions.get(ForumPermissions.CREATE_THREAD)) {
300: forum.addThread(thread);
301: } else {
302: throw new UnauthorizedException();
303: }
304: }
305:
306: public ForumThread getThread(int threadID)
307: throws ForumThreadNotFoundException {
308: ForumThread thread = forum.getThread(threadID);
309: //Apply protection proxy and return.
310: return new ForumThreadProxy(thread, authorization, permissions);
311: }
312:
313: public Iterator threads() {
314: Iterator iterator = forum.threads();
315: return new ThreadIteratorProxy(iterator, authorization,
316: permissions);
317: }
318:
319: public Iterator threads(int startIndex, int numResults, int sortBy) {
320: Iterator iterator = forum.threads(startIndex, numResults,
321: sortBy);
322: return new ThreadIteratorProxy(iterator, authorization,
323: permissions);
324: }
325:
326: public int getThreadCount() {
327: return forum.getThreadCount();
328: }
329:
330: public int getMessageCount() {
331: return forum.getMessageCount();
332: }
333:
334: public Query createQuery() {
335: return new QueryProxy(forum.createQuery(), authorization,
336: permissions);
337: }
338:
339: public void addUserPermission(User user, int permissionType)
340: throws UnauthorizedException {
341: //Don't let someone become a System Admin through this method.
342: //The ForumPermissions class probably needs to be changed.
343: if (permissionType == ForumPermissions.SYSTEM_ADMIN) {
344: throw new UnauthorizedException();
345: }
346: if (permissions.isSystemOrForumAdmin()) {
347: forum.addUserPermission(user, permissionType);
348: } else {
349: throw new UnauthorizedException();
350: }
351: }
352:
353: public void removeUserPermission(User user, int permissionType)
354: throws UnauthorizedException {
355: if (permissions.isSystemOrForumAdmin()) {
356: forum.removeUserPermission(user, permissionType);
357: } else {
358: throw new UnauthorizedException();
359: }
360: }
361:
362: public int[] usersWithPermission(int permissionType)
363: throws UnauthorizedException {
364: if (permissions.isSystemOrForumAdmin()) {
365: return forum.usersWithPermission(permissionType);
366: } else {
367: throw new UnauthorizedException();
368: }
369: }
370:
371: public void addGroupPermission(Group group, int permissionType)
372: throws UnauthorizedException {
373: //Don't let someone become a System Admin through this method.
374: //The ForumPermissions class probably needs to be changed.
375: if (permissionType == ForumPermissions.SYSTEM_ADMIN) {
376: throw new UnauthorizedException();
377: }
378: if (permissions.isSystemOrForumAdmin()) {
379: forum.addGroupPermission(group, permissionType);
380: } else {
381: throw new UnauthorizedException();
382: }
383: }
384:
385: public void removeGroupPermission(Group group, int permissionType)
386: throws UnauthorizedException {
387: if (permissions.isSystemOrForumAdmin()) {
388: forum.removeGroupPermission(group, permissionType);
389: } else {
390: throw new UnauthorizedException();
391: }
392: }
393:
394: public int[] groupsWithPermission(int permissionType)
395: throws UnauthorizedException {
396: if (permissions.isSystemOrForumAdmin()) {
397: return forum.groupsWithPermission(permissionType);
398: } else {
399: throw new UnauthorizedException();
400: }
401: }
402:
403: public ForumMessageFilter[] getForumMessageFilters()
404: throws UnauthorizedException {
405: if (permissions.isSystemOrForumAdmin()) {
406: return forum.getForumMessageFilters();
407: } else {
408: throw new UnauthorizedException();
409: }
410: }
411:
412: public void addForumMessageFilter(ForumMessageFilter filter)
413: throws UnauthorizedException {
414: if (permissions.isSystemOrForumAdmin()) {
415: forum.addForumMessageFilter(filter);
416: } else {
417: throw new UnauthorizedException();
418: }
419: }
420:
421: public void addForumMessageFilter(ForumMessageFilter filter,
422: int index) throws UnauthorizedException {
423: if (permissions.isSystemOrForumAdmin()) {
424: forum.addForumMessageFilter(filter, index);
425: } else {
426: throw new UnauthorizedException();
427: }
428: }
429:
430: public void removeForumMessageFilter(int index)
431: throws UnauthorizedException {
432: if (permissions.isSystemOrForumAdmin()) {
433: forum.removeForumMessageFilter(index);
434: } else {
435: throw new UnauthorizedException();
436: }
437: }
438:
439: public ForumMessage applyFilters(ForumMessage message) {
440: return forum.applyFilters(message);
441: }
442:
443: public ForumPermissions getPermissions(Authorization authorization) {
444: return forum.getPermissions(authorization);
445: }
446:
447: public boolean hasPermission(int type) {
448: return permissions.get(type);
449: }
450:
451: public boolean isModerated() {
452: return forum.isModerated();
453: }
454:
455: public void setModerated(boolean moderated)
456: throws UnauthorizedException {
457: if (permissions.isSystemOrForumAdmin()) {
458: forum.setModerated(moderated);
459: } else {
460: throw new UnauthorizedException();
461: }
462: }
463:
464: public String toString() {
465: return forum.toString();
466: }
467:
468: public boolean isArticleForum() {
469: return forum.isArticleForum();
470: }
471:
472: public void addArticleMap(String pageKey, ForumThread thread)
473: throws UnauthorizedException {
474: forum.addArticleMap(pageKey, thread);
475: }
476:
477: public int forumOrder() {
478: return forum.forumOrder();
479: }
480:
481: public void setForumOrder(int param) throws UnauthorizedException {
482: if (permissions.isSystemOrForumAdmin()) {
483: forum.setForumOrder(param);
484: } else {
485: throw new UnauthorizedException();
486: }
487: }
488:
489: }
|