LocalRBAC.java example

Explorer
oliot-fc-master
/**
 * Copyright (C) 2014 KAIST
 * @author Janggwan Im <limg00n@kaist.ac.kr> 
 */


package org.fosstrak.ale.server.ac;

import java.util.ArrayList;
import java.util.List;
import java.util.Set;

import org.fosstrak.ale.exception.SecurityException;
import org.fosstrak.ale.server.ALESettings;

public class LocalRBAC implements RoleBasedAccessController {

	List<User> listUser = new ArrayList<User>();
	List<Role> listRole = new ArrayList<Role>();
	List<Permission> listPerm = new ArrayList<Permission>();
	
	/**
	 * constructor for LocalRBAC
	 * initialize RBAC info
	 */
	
	public LocalRBAC() {
		
		String adminPassword = ALEACImpl.getInstance().getAleSettings().getAdminPassword();
		
		Permission adminPerm = new Permission("admin", "*", null);
		listPerm.add(adminPerm);
		
		Role adminRole = new Role("admin");
		adminRole.addPerm(adminPerm);
		adminPerm.addRole(adminRole.getName());
		listRole.add(adminRole);
		
		User adminUser = new User("admin", adminPassword);
		adminUser.addRole(adminRole.getName());
		listUser.add(adminUser);
	}
	
	@Override
	public void updateClientid(String userId, String password,
			List<String> roleNames) throws SecurityException {
		List<User> foundUsers = findUsers(userId);
		if(foundUsers.size() == 1) {
			User u = foundUsers.get(0);
			listUser.remove(u);
			u.setUserId(userId);
			u.setPassword(password);
			u.setRoles(roleNames);
			listUser.add(u);
		}
	}

	@Override
	public void updatePermission(String permObjName, String permOpName,
			Set<String> roles) throws SecurityException {
		List<Permission> foundPerm = findPermissions(permObjName, permOpName);
		if(foundPerm.size() == 1) {
			Permission p = foundPerm.get(0);
			listPerm.remove(p);
			
			p.setObjectName(permObjName);
			p.setOpName(permOpName);
			p.setRoles(roles);
			
			listPerm.add(p);
		}
	}

	@Override
	public void defineClientid(String userId, String password,
			List<String> roleNames) throws SecurityException {
		List<User> foundUser = findUsers(userId);
		if(foundUser.size() == 1) {
			listUser.remove(foundUser.get(0));
		}
		User u = new User(userId, password);
		u.setRoles(roleNames);
		listUser.add(u);
	}

	@Override
	public void undefineClientid(String userId) throws SecurityException {
		List<User> foundUser = findUsers(userId);
		if(foundUser.size() == 1) {
			listUser.remove(foundUser.get(0));
		}
	}

	@Override
	public void defineRole(String roleName) throws SecurityException {
		List<Role> foundRole = findRoles(roleName);
		if(foundRole.size() == 1) {
			listRole.remove(foundRole.get(0));
		}
		Role r = new Role(roleName);
		listRole.add(r);
	}

	@Override
	public void undefineRole(String roleName) throws SecurityException {
		List<Role> foundRole = findRoles(roleName);
		if(foundRole.size() == 1) {
			listRole.remove(foundRole.get(0));
		}
	}

	@Override
	public void definePermission(String permObjName, String permOpName)
			throws SecurityException {
		List<Permission> foundPerm = findPermissions(permObjName, permOpName);
		if(foundPerm.size() == 1) {
			listPerm.remove(foundPerm.get(0));
		}
		Permission p = new Permission(permObjName, permOpName, null);
		listPerm.add(p);
	}

	@Override
	public void undefinePermission(String permObjName, String permOpName)
			throws SecurityException {
		List<Permission> foundPerm = findPermissions(permObjName, permOpName);
		if(foundPerm.size() == 1) {
			listPerm.remove(foundPerm.get(0));
		}
	}

	@Override
	public void assignPermissionToRole(String roleName, String permObjName,
			String opName) throws SecurityException {
		List<Role> foundRole = findRoles(roleName);
		List<Permission> foundPermission = findPermissions(permObjName, opName);
		if(foundRole.size() == 1 && foundPermission.size() == 1) {
			Role r = foundRole.get(0);
			Permission p = foundPermission.get(0);
			if(!r.getPermissions().contains(p)) r.addPerm(p);
			if(!p.getRoles().contains(roleName)) p.getRoles().add(roleName);
		}
	}

	@Override
	public void deassignPermissionToRole(String roleName, String permObjName,
			String permOpName) throws SecurityException {
		List<Role> foundRole = findRoles(roleName);
		List<Permission> foundPermission = findPermissions(permObjName, permOpName);
		if(foundRole.size() == 1 && foundPermission.size() == 1) {
			Role r = foundRole.get(0);
			Permission p = foundPermission.get(0);
			if(r.getPermissions().contains(p)) r.removePerm(p);
			if(p.getRoles().contains(roleName)) p.getRoles().remove(roleName);
		}
	}

	@Override
	public void assignRoleToClientid(String userId, String roleName)
			throws SecurityException {
		List<User> foundUser = findUsers(userId);
		List<Role> foundRole = findRoles(roleName);
		if(foundUser.size() == 1 && foundRole.size() == 1) {
			User u = foundUser.get(0);
			Role r = foundRole.get(0);
			u.addRole(r.getName());
		}
	}

	@Override
	public void deassignRoleToClientid(String userId, String roleName)
			throws SecurityException {
		List<User> foundUser = findUsers(userId);
		List<Role> foundRole = findRoles(roleName);
		if(foundUser.size() == 1 && foundRole.size() == 1) {
			User u = foundUser.get(0);
			Role r = foundRole.get(0);
			u.removeRole(r.getName());
		}
	}

	@Override
	public void addPermObj(String objName) throws SecurityException {
		// do nothing
	}

	@Override
	public void deletePermObj(String objName) throws SecurityException {
		// do nothing
	}

	@Override
	public List<User> findUsers(String userName) throws SecurityException {
		if(userName.equals("")) return listUser;
		List<User> toReturn = new ArrayList<User>();
		for(User u : listUser) {
			if(u.getUserId().equals(userName)) {
				toReturn.add(u);
				break;
			}
		}
		return toReturn;
	}

	@Override
	public List<Role> findRoles(String roleName) throws SecurityException {
		if(roleName.equals("")) return listRole;
		List<Role> toReturn = new ArrayList<Role>();
		for(Role r : listRole) {
			if(r.getName().equals(roleName)) {
				toReturn.add(r);
				break;
			}
		}
		return toReturn;
	}

	@Override
	public List<Permission> findPermissions(String permObjName,
			String permOpName) throws SecurityException {
		if(permObjName.equals("")) return listPerm;
		List<Permission> toReturn = new ArrayList<Permission>();
		for(Permission p : listPerm) {
			if(p.getObjectName().equals(permObjName)) {
				toReturn.add(p);
			}
		}
		return toReturn;
	}

	@Override
	public void createSession(String userId, String password)
			throws SecurityException {
		List<User> foundUsers = findUsers(userId);
		if(foundUsers.size() == 1) {
			User foundUser = foundUsers.get(0);
			if(!foundUser.getUserId().equals(userId) || !foundUser.getPassword().equals(password)) {
				throw new SecurityException("your credential is wrong");
			}
		}
	}

	@Override
	public boolean checkAccess(String objName, String opName)
			throws SecurityException {
		String loggedInId = ALEACImpl.getInstance().getLoggedInId();
		
		List<User> foundUsers = findUsers(loggedInId);
		if(foundUsers.size() == 1) {
			User foundUser = foundUsers.get(0);
			for(String foundUserRole : foundUser.getRoles()) {
				List<Role> foundRoles = findRoles(foundUserRole);
				if(foundRoles.size() == 1) {
					Role foundRole = foundRoles.get(0);
					for(Permission p : foundRole.getPermissions()) {
						if(p.getObjectName().equals(objName) && p.getOpName().equals(opName)) {
							return true;
						}
					}
				}
			}
			
		}
		return false;
	}

}