/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.felix.webconsole.plugins.useradmin.internal;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.security.Provider;
import java.security.Security;
import java.util.Collection;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.felix.utils.json.JSONParser;
import org.apache.felix.utils.json.JSONWriter;
import org.apache.felix.webconsole.SimpleWebConsolePlugin;
import org.osgi.service.useradmin.Group;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
import org.osgi.service.useradmin.UserAdmin;
class WebConsolePlugin extends SimpleWebConsolePlugin
{
private static final long serialVersionUID = -3551087958597824593L;
private static final String LABEL = "users"; //$NON-NLS-1$
private static final String TITLE = "%role.pluginTitle"; //$NON-NLS-1$
private static final String CATEGORY = "OSGi"; //$NON-NLS-1$
private static final String CSS[] = { "/" + LABEL + "/res/plugin.css" }; //$NON-NLS-1$ //$NON-NLS-2$
private final UserAdmin userAdmin;
// templates
private final String TEMPLATE;
/** Default constructor */
WebConsolePlugin(UserAdmin userAdmin)
{
super(LABEL, TITLE, CSS);
this.userAdmin = userAdmin;
// load templates
TEMPLATE = readTemplateFile("/res/plugin.html"); //$NON-NLS-1$
}
@Override
public String getCategory()
{
return CATEGORY;
}
/**
* @see org.apache.felix.webconsole.AbstractWebConsolePlugin#renderContent(HttpServletRequest, HttpServletResponse)
*/
@Override
protected final void renderContent(HttpServletRequest req,
HttpServletResponse response) throws ServletException, IOException
{
response.getWriter().print(TEMPLATE);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException
{
resp.setContentType("application/json"); //$NON-NLS-1$
resp.setCharacterEncoding("UTF-8"); //$NON-NLS-1$
final PrintWriter out = resp.getWriter();
final JSONWriter jw = new JSONWriter(out);
final String action = req.getParameter("action"); //$NON-NLS-1$
final String role = req.getParameter("role"); //$NON-NLS-1$
final String group = req.getParameter("group"); //$NON-NLS-1$
try
{
if ("addMember".equals(action)) { //$NON-NLS-1$
final Role xrole = userAdmin.getRole(role);
final Group xgroup = (Group) userAdmin.getRole(group);
xgroup.addMember(xrole);
toJSON(jw, xgroup, false);
}
else if ("addRequiredMember".equals(action)) { //$NON-NLS-1$
final Role xrole = userAdmin.getRole(role);
final Group xgroup = (Group) userAdmin.getRole(group);
xgroup.addRequiredMember(xrole);
toJSON(jw, xgroup, false);
}
else if ("removeMember".equals(action)) { //$NON-NLS-1$
final Role xrole = userAdmin.getRole(role);
final Group xgroup = (Group) userAdmin.getRole(group);
xgroup.removeMember(xrole);
toJSON(jw, xgroup, false);
}
else if ("toggleMembership".equals(action)) { //$NON-NLS-1$
final Role xrole = userAdmin.getRole(role);
final Group xgroup = (Group) userAdmin.getRole(group);
if (contains(xgroup.getRequiredMembers(), xrole)) // if required
{
xgroup.removeMember(xrole);
xgroup.addMember(xrole); // add as basic
}
else
{
xgroup.removeMember(xrole);
xgroup.addRequiredMember(xrole); // add as required
}
toJSON(jw, xgroup, false);
}
else if ("getDigestAlgorithms".equals(action)) { //$NON-NLS-1$
getMessageDigestAlgorithms(jw);
}
else if ("digest".equals(action)) { //$NON-NLS-1$
final String dataRaw = req.getParameter("data"); //$NON-NLS-1$
final String algorithm = req.getParameter("algorithm"); //$NON-NLS-1$
final MessageDigest digest = MessageDigest.getInstance(algorithm);
final byte[] encoded = digest.digest(dataRaw.getBytes());
jw.object();
jw.key("encoded"); //$NON-NLS-1$
jw.value(encoded);
jw.endObject();
}
else if ("del".equals(action)) { //$NON-NLS-1$
out.print(userAdmin.removeRole(role));
}
else if ("get".equals(action)) { //$NON-NLS-1$
final Role xrole = userAdmin.getRole(role);
toJSON(jw, xrole, true);
}
else if ("set".equals(action)) { //$NON-NLS-1$
final String dataRaw = req.getParameter("data"); //$NON-NLS-1$
JSONParser parser = new JSONParser(dataRaw);
final Map<String, Object> data = parser.getParsed();
Role xrole = userAdmin.getRole((String)data.get("name")); //$NON-NLS-1$
if (null == xrole)
{
xrole = userAdmin.createRole(//
(String)data.get("name"), //$NON-NLS-1$
(int)(long)(Long)data.get("type")); //$NON-NLS-1$
}
doSetData(xrole, data);
out.print(true);
}
else
// list all roles without details
{
Role[] roles = userAdmin.getRoles(null);
toJSON(jw, roles, false);
}
jw.flush();
}
catch (Exception e)
{
throw new ServletException(e);
}
}
@SuppressWarnings("unchecked")
private static final void doSetData(Role role, Map<String, Object> data) throws IOException
{
putProps(role.getProperties(), (Map<String, Object>)data.get("properties")); //$NON-NLS-1$
if (role instanceof User)
{
putProps(((User) role).getCredentials(), (Map<String, Object>)data.get("credentials")); //$NON-NLS-1$
}
}
private static final void putProps(Dictionary dest, Map<String, Object> props)
throws IOException
{
// clear the old properties
if (!dest.isEmpty())
{
for (Enumeration e = dest.keys(); e.hasMoreElements();)
{
dest.remove(e.nextElement());
}
}
// it's empty - don't process it at all
if (props == null || props.size() == 0)
{
return;
}
// append the new one
for (Iterator i = props.keySet().iterator(); i.hasNext();)
{
Object key = i.next();
Object val = props.get(key);
if (val instanceof Collection)
{
val = toArray((Collection) val);
}
dest.put(key, val);
}
}
private static final byte[] toArray(Collection array) throws IOException
{
final byte[] ret = new byte[array.size()];
Iterator iter = array.iterator();
for (int i = 0; i < ret.length; i++)
{
ret[i] = (byte) ((Long)iter.next() & 0xff);
}
return ret;
}
private static final void toJSON(JSONWriter jw, Role role, boolean details)
throws IOException
{
jw.object();
jw.key("type"); //$NON-NLS-1$
jw.value(role.getType());
jw.key("name"); //$NON-NLS-1$
jw.value(role.getName());
if (role instanceof Group)
{
final Group group = (Group) role;
Role[] roles;
roles = group.getMembers();
if (null != roles && roles.length > 0)
{
jw.key("members"); //$NON-NLS-1$
toJSON(jw, roles, details);
}
roles = group.getRequiredMembers();
if (null != roles && roles.length > 0)
{
jw.key("rmembers"); //$NON-NLS-1$
toJSON(jw, roles, details);
}
}
if (details)
{
Dictionary p;
p = role.getProperties();
if (null != p && !p.isEmpty())
{
jw.key("properties"); //$NON-NLS-1$
toJSON(jw, p);
}
if (role instanceof User)
{
p = ((User) role).getCredentials();
if (null != p && !p.isEmpty())
{
jw.key("credentials"); //$NON-NLS-1$
toJSON(jw, p);
}
}
}
jw.endObject();
}
private static final void toJSON(JSONWriter jw, Dictionary props)
throws IOException
{
jw.object();
for (Enumeration e = props.keys(); e.hasMoreElements();)
{
final Object key = e.nextElement();
final Object val = props.get(key);
jw.key((String) key);
jw.value(val);
}
jw.endObject();
}
private static final void toJSON(JSONWriter jw, Role[] roles, boolean details)
throws IOException
{
jw.array();
for (int i = 0; roles != null && i < roles.length; i++)
{
toJSON(jw, roles[i], details);
}
jw.endArray();
}
private static final String DIGEST_KEY_PREFIX = "MessageDigest."; //$NON-NLS-1$
private static void getMessageDigestAlgorithms(final JSONWriter jw)
throws IOException
{
Provider[] providers = Security.getProviders();
jw.array();
for (int i = 0; providers != null && i < providers.length; i++)
{
for (Iterator keys = providers[i].keySet().iterator(); keys.hasNext();)
{
final String key = (String) keys.next();
if (key.startsWith(DIGEST_KEY_PREFIX) && key.indexOf(' ') == -1)
{
jw.value(key.substring(DIGEST_KEY_PREFIX.length()));
}
}
}
jw.endArray();
}
private static boolean contains(final Role[] roles, final Role role)
{
for (int i = 0; roles != null && role != null && i < roles.length; i++)
{
if (roles[i].getName().equals(role.getName()))
{
return true;
}
}
return false;
}
}