/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.cocoon.portal.tools.service;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import org.apache.avalon.framework.CascadingRuntimeException;
import org.apache.cocoon.portal.profile.PortalUser;
import org.apache.cocoon.portal.tools.helper.MultipleRoleMatcher;
import org.apache.cocoon.portal.tools.helper.RoleMatcher;
import org.apache.cocoon.portal.tools.helper.SingleRoleMatcher;
import org.apache.cocoon.util.WildcardMatcherHelper;
import org.apache.excalibur.source.Source;
/**
* Service, that provides access to the user rights configuration.
*
* @version CVS $Id: UserRightsService.java 156704 2005-03-09 22:57:22Z antonio $
*/
public class UserRightsService {
/**
* The properties' location.
*/
private Source location;
/**
* The properties.
*/
private Properties properties;
/**
* Signals when the properties have been loaded last.
*/
private long lastModified = -1;
/**
* Signals whether to reload the properties.
*/
private boolean reload = false;
/**
* Holds the userrights.
*/
private Map userrights;
/**
* @return The location
*/
public Source getLocation() {
return this.location;
}
/**
* @param location The location to set
*/
public void setLocation(Source location) {
this.location = location;
}
/**
* @return The reload
*/
public boolean getReload() {
return this.reload;
}
/**
* @param reload The reload to set
*/
public void setReload(boolean reload) {
this.reload = reload;
}
/**
* Initialize the bean.
*/
public void initialize() {
boolean load;
// Check if called for the first time
if (this.properties == null) {
load = true;
} else {
// Check if reload is required
load = this.reload;
}
try {
if (load) {
// Check file timestamp
long lastModified = this.location.getLastModified();
if (this.lastModified >= lastModified) {
load = false;
}
if (load) {
this.lastModified = lastModified;
this.properties = new Properties();
this.properties.load(this.location.getInputStream());
this.parseProperties();
}
}
} catch (IOException e) {
throw new CascadingRuntimeException(e.getMessage(), e);
}
}
/**
* @return Whether the current user is allowed to call the given url.
*/
public boolean userIsAllowed(String url, PortalUser user) {
this.initialize();
boolean isAllowed = true;
// Iterate all userrights
final Iterator iterator = this.userrights.entrySet().iterator();
while (iterator.hasNext() && isAllowed) {
final Map.Entry entry = (Map.Entry)iterator.next();
final String pattern = (String)entry.getKey();
// If userright matches try to find a matching role
if (WildcardMatcherHelper.match(pattern, url) != null ) {
final RoleMatcher[] matcher = (RoleMatcher[])entry.getValue();
isAllowed = false;
int length = matcher.length;
for (int i = 0; i < length; i++) {
if (matcher[i].matches(user)) {
isAllowed = true;
}
}
}
}
return isAllowed;
}
public boolean userFunctionIsAllowed(String id, PortalUser user) {
this.initialize();
boolean isAllowed = true;
// Iterate all userrights
final Iterator iterator = this.userrights.entrySet().iterator();
while (iterator.hasNext() && isAllowed) {
final Map.Entry entry = (Map.Entry)iterator.next();
final String pattern = (String)entry.getKey();
// If userright matches try to find a matching role
if (WildcardMatcherHelper.match(pattern, id) != null ) {
final RoleMatcher[] matcher = (RoleMatcher[])entry.getValue();
isAllowed = false;
int length = matcher.length;
for (int i = 0; i < length; i++) {
if (matcher[i].matches(user)) {
isAllowed = true;
}
}
}
}
return isAllowed;
}
/**
* Parse the properties.
*/
private void parseProperties() {
final Map ur = new HashMap();
final Iterator iterator = this.properties.entrySet().iterator();
while (iterator.hasNext()) {
final Map.Entry entry = (Map.Entry)iterator.next();
ur.put(
(String)entry.getKey(),
this.buildRoles((String)entry.getValue()));
}
this.userrights = ur;
}
/**
* @return A list representing the given roles.
*/
private RoleMatcher[] buildRoles(String roles) {
StringTokenizer tokenizer = new StringTokenizer(roles, ",", false);
RoleMatcher[] result = new RoleMatcher[tokenizer.countTokens()];
String token;
int i = 0;
while (tokenizer.hasMoreTokens()) {
token = tokenizer.nextToken();
if (token.indexOf(MultipleRoleMatcher.ROLE_SEPARATOR) == -1) {
result[i] = new SingleRoleMatcher(token);
} else {
result[i] = new MultipleRoleMatcher(token);
}
i++;
}
return result;
}
}