001: /*
002: * (C) Copyright 2000 - 2006 Nabh Information Systems, Inc.
003: *
004: * This program is free software; you can redistribute it and/or
005: * modify it under the terms of the GNU General Public License
006: * as published by the Free Software Foundation; either version 2
007: * of the License, or (at your option) any later version.
008: *
009: * This program is distributed in the hope that it will be useful,
010: * but WITHOUT ANY WARRANTY; without even the implied warranty of
011: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
012: * GNU General Public License for more details.
013: *
014: * You should have received a copy of the GNU General Public License
015: * along with this program; if not, write to the Free Software
016: * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
017: *
018: */
019: package com.nabhinc.portlet.portletadmin;
020:
021: import java.io.IOException;
022:
023: import javax.naming.NamingException;
024: import javax.portlet.ActionRequest;
025: import javax.portlet.ActionResponse;
026: import javax.portlet.PortletException;
027:
028: import com.nabhinc.condition.AllowRoles;
029: import com.nabhinc.condition.AllowUsers;
030: import com.nabhinc.condition.Condition;
031: import com.nabhinc.condition.DenyRoles;
032: import com.nabhinc.condition.DenyUsers;
033: import com.nabhinc.condition.SQLCondition;
034: import com.nabhinc.portal.api.PortalInformationStoreLocator;
035: import com.nabhinc.portal.model.PortalConfiguration;
036: import com.nabhinc.portal.model.PortletAccessController;
037: import com.nabhinc.portlet.mvcportlet.core.ActionConfig;
038: import com.nabhinc.portlet.mvcportlet.core.ActionProcessor;
039: import com.nabhinc.portlet.mvcportlet.core.BaseRequestProcessor;
040:
041: /**
042: *
043: *
044: * @author Padmanabh Dabke
045: * (c) 2006 Nabh Information Systems, Inc. All Rights Reserved.
046: */
047: public class AccessControlEntryAdder extends BaseRequestProcessor
048: implements ActionProcessor {
049:
050: public String process(ActionRequest request,
051: ActionResponse response, ActionConfig actionConfig)
052: throws PortletException, IOException {
053: String[] portlets = request.getParameterValues("portlets");
054: String[] actions = request.getParameterValues("actions");
055: String[] selUsers = request.getParameterValues("users");
056: String[] selRoles = request.getParameterValues("roles");
057: String permType = request.getParameter("perm_type");
058: String sql = request.getParameter("sql");
059:
060: if (permType == null)
061: return "perm-type-required";
062: Condition cond = null;
063: if ("prole".equals(permType)) {
064: if (selRoles == null || selRoles.length == 0) {
065: return "role-required";
066: } else {
067: cond = new AllowRoles(selRoles);
068: }
069: } else if ("nrole".equals(permType)) {
070: if (selRoles == null || selRoles.length == 0) {
071: return "role-required";
072: } else {
073: cond = new DenyRoles(selRoles);
074: }
075: } else if ("puser".equals(permType)) {
076: if (selUsers == null || selUsers.length == 0) {
077: return "user-required";
078: } else {
079: cond = new AllowUsers(selRoles);
080: }
081: } else if ("nuser".equals(permType)) {
082: if (selUsers == null || selUsers.length == 0) {
083: return "user-required";
084: } else {
085: cond = new DenyUsers(selRoles);
086: }
087: } else if ("relation".equals(permType)) {
088: if (sql == null || sql.length() == 0) {
089: return "sql-required";
090: } else {
091: try {
092: cond = new SQLCondition(sql);
093: } catch (NamingException e) {
094: this .brpLog.error(
095: "Failed to create SQL condition.", e);
096: throw new IllegalArgumentException(
097: "Encountered naming exception in creating sql condition. ",
098: e);
099: }
100: }
101: }
102:
103: if (cond == null)
104: throw new IllegalArgumentException(
105: "Unrecognized condition type in portlet permissions: "
106: + permType);
107: PortletAccessController ac = PortletAccessController
108: .getInstance();
109: boolean success = false;
110: if (request.getParameter("edit") == null) {
111: success = ac.addPermissionEntry(portlets, actions, cond);
112: } else {
113: int index = Integer.parseInt(request.getParameter("index"));
114: success = ac.replacePermissionEntry(index, portlets,
115: actions, cond);
116: }
117: if (success) {
118: PortalInformationStoreLocator.getPortalInformationStore()
119: .savePortalConfiguration(
120: PortalConfiguration.getInstance());
121: return "success";
122: } else
123: return "conflict";
124: }
125:
126: }
|