001: /*
002: * Copyright 2006 Pentaho Corporation. All rights reserved.
003: * This software was developed by Pentaho Corporation and is provided under the terms
004: * of the Mozilla Public License, Version 1.1, or any later version. You may not use
005: * this file except in compliance with the license. If you need a copy of the license,
006: * please go to http://www.mozilla.org/MPL/MPL-1.1.txt. The Original Code is the Pentaho
007: * BI Platform. The Initial Developer is Pentaho Corporation.
008: *
009: * Software distributed under the Mozilla Public License is distributed on an "AS IS"
010: * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. Please refer to
011: * the license for the specific language governing your rights and limitations.
012: *
013: * Created Apr 17, 2006
014: *
015: * @author mbatchel
016: */
017: package com.pentaho.security;
018:
019: import java.util.ArrayList;
020: import java.util.Date;
021: import java.util.Iterator;
022:
023: import org.acegisecurity.Authentication;
024: import org.acegisecurity.GrantedAuthority;
025: import org.pentaho.core.session.IPentahoSession;
026: import org.pentaho.core.solution.IParameterProvider;
027:
028: import org.pentaho.core.system.PentahoSystem;
029:
030: import java.util.List;
031:
032: public class SecurityParameterProvider implements IParameterProvider {
033:
034: public static final List SecurityNames = new ArrayList(4);
035:
036: public static final List SecurityTypes = new ArrayList(4);
037:
038: private static final int PRINCIPAL_NAME = 0;
039:
040: private static final int PRINCIPAL_ROLES = 1;
041:
042: private static final int PRINCIPAL_AUTHENTICATED = 2;
043:
044: private static final int PRINCIPAL_IS_ADMINISTRATOR = 3;
045:
046: private static final int SYSTEM_ROLE_NAMES = 4;
047:
048: private static final int SYSTEM_USER_NAMES = 5;
049:
050: public static final String SCOPE_SECURITY = "security"; //$NON-NLS-1$
051:
052: private String listSeparator = ",";//$NON-NLS-1$
053:
054: private IPentahoSession session;
055:
056: static {
057: SecurityNames.add("principalName"); //$NON-NLS-1$
058: SecurityNames.add("principalRoles");//$NON-NLS-1$
059: SecurityNames.add("principalAuthenticated");//$NON-NLS-1$
060: SecurityNames.add("principalAdministrator");//$NON-NLS-1$
061: SecurityNames.add("systemRoleNames");//$NON-NLS-1$
062: SecurityNames.add("systemUserNames");//$NON-NLS-1$
063:
064: SecurityTypes.add("string"); //$NON-NLS-1$
065: SecurityTypes.add("string-list");//$NON-NLS-1$
066: SecurityTypes.add("string"); //$NON-NLS-1$
067: SecurityTypes.add("string"); //$NON-NLS-1$
068: SecurityTypes.add("string-list");//$NON-NLS-1$
069: SecurityTypes.add("string-list");//$NON-NLS-1$
070: }
071:
072: public SecurityParameterProvider(IPentahoSession session) {
073: super ();
074: this .session = session;
075: }
076:
077: public void setListSeparator(String value) {
078: this .listSeparator = value;
079: }
080:
081: public String getListSeparator() {
082: return this .listSeparator;
083: }
084:
085: public String getStringParameter(String name, String defaultValue) {
086: Object obj = getParameter(name);
087: if (obj != null) {
088: if (obj instanceof List) {
089: return listToString((List) obj);
090: } else if (obj instanceof String[]) {
091: return arrayToString((String[]) obj);
092: } else if (obj instanceof GrantedAuthority[]) {
093: return arrayToString((GrantedAuthority[]) obj);
094: } else {
095: return obj.toString();
096: }
097: }
098: return defaultValue;
099: }
100:
101: public String listToString(List aList) {
102: StringBuffer sb = new StringBuffer();
103: for (int i = 0; i < aList.size(); i++) {
104: if (aList.get(i) != null) {
105: Object listObj = aList.get(i);
106: if (listObj instanceof GrantedAuthority) {
107: sb
108: .append(i > 0 ? this .listSeparator : "").append(((GrantedAuthority) listObj).getAuthority());//$NON-NLS-1$
109: } else {
110: sb
111: .append(i > 0 ? this .listSeparator : "").append(listObj.toString());//$NON-NLS-1$
112: }
113: }
114: }
115: return sb.toString();
116: }
117:
118: public String arrayToString(String[] anArray) {
119: StringBuffer sb = new StringBuffer();
120: for (int i = 0; i < anArray.length; i++) {
121: if (anArray[i] != null) {
122: sb
123: .append(i > 0 ? this .listSeparator : "").append(anArray[i]);//$NON-NLS-1$
124: }
125: }
126: return sb.toString();
127: }
128:
129: public String arrayToString(GrantedAuthority[] anArray) {
130: StringBuffer sb = new StringBuffer();
131: for (int i = 0; i < anArray.length; i++) {
132: if (anArray[i] != null) {
133: sb
134: .append(i > 0 ? this .listSeparator : "").append(anArray[i].getAuthority());//$NON-NLS-1$
135: }
136: }
137: return sb.toString();
138: }
139:
140: public long getLongParameter(String name, long defaultValue) {
141: // No integer parameters supported
142: return defaultValue;
143: }
144:
145: public Date getDateParameter(String name, Date defaultValue) {
146: // No Date parameters supported
147: return defaultValue;
148: }
149:
150: public Object getDecimalParameter(String name, Object defaultValue) {
151: // No decimal parameters supported
152: return defaultValue;
153: }
154:
155: public Iterator getParameterNames() {
156: return SecurityNames.iterator();
157: }
158:
159: public String getParameterType(String name) {
160: int idx = SecurityNames.indexOf(name);
161: if (idx >= 0) {
162: return (String) SecurityTypes.get(idx);
163: }
164: return null;
165: }
166:
167: public Object getParameter(String name) {
168: if (name.startsWith("principal")) { //$NON-NLS-1$
169: if (name.equals(SecurityNames.get(PRINCIPAL_NAME))) {
170: return getPrincipalName();
171: } else if (name.equals(SecurityNames.get(PRINCIPAL_ROLES))) {
172: return getPrincipalRoles();
173: } else if (name.equals(SecurityNames
174: .get(PRINCIPAL_AUTHENTICATED))) {
175: return getPrincipalAuthenticated();
176: } else if (name.equals(SecurityNames
177: .get(PRINCIPAL_IS_ADMINISTRATOR))) {
178: return getPrincipalIsAdministrator();
179: }
180: } else {
181: if (name.equals(SecurityNames.get(SYSTEM_ROLE_NAMES))) {
182: return getSystemRoleNames();
183: } else if (name
184: .equals(SecurityNames.get(SYSTEM_USER_NAMES))) {
185: return getSystemUserNames();
186: }
187: }
188: return null;
189: }
190:
191: private Authentication getAuthentication() {
192: if (session != null) {
193: return SecurityUtils.getAuthentication(session, true); // Should the "true" be a setting???
194: }
195: return null;
196: }
197:
198: protected String getPrincipalName() {
199: Authentication auth = getAuthentication();
200: if (auth != null) {
201: return auth.getName();
202: }
203: return null;
204: }
205:
206: protected String getPrincipalAuthenticated() {
207: Authentication auth = getAuthentication();
208: if (auth != null) {
209: return auth.isAuthenticated() ? "true" : "false"; //$NON-NLS-1$ //$NON-NLS-2$
210: }
211: return "false"; //$NON-NLS-1$
212: }
213:
214: protected String getPrincipalIsAdministrator() {
215: return PentahoSystem.isAdministrator(this .session) ? "true" : "false"; //$NON-NLS-1$ //$NON-NLS-2$
216: }
217:
218: protected Object getPrincipalRoles() {
219: Authentication auth = getAuthentication();
220: if (auth != null) {
221: GrantedAuthority[] auths = auth.getAuthorities();
222: if (auths != null) {
223: List rtn = new ArrayList(auths.length);
224: for (int i = 0; i < auths.length; i++) {
225: rtn.add(auths[i].getAuthority());
226: }
227: return rtn;
228: } else {
229: return new ArrayList();
230: }
231: }
232: return null;
233: }
234:
235: protected Object getSystemRoleNames() {
236: UserDetailsRoleListService service = PentahoSystem
237: .getUserDetailsRoleListService();
238: if (service != null) {
239: return service.getAllRoles();
240: }
241: return null;
242: }
243:
244: protected Object getSystemUserNames() {
245: UserDetailsRoleListService service = PentahoSystem
246: .getUserDetailsRoleListService();
247: if (service != null) {
248: return service.getAllUsers();
249: }
250: return null;
251: }
252:
253: }
|