SessionAwareRowLevelSecurityHelper.java example

Explorer
pentaho-platform-master
/*!
 * This program is free software; you can redistribute it and/or modify it under the
 * terms of the GNU Lesser General Public License, version 2.1 as published by the Free Software
 * Foundation.
 *
 * You should have received a copy of the GNU Lesser General Public License along with this
 * program; if not, you can obtain a copy at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
 * or from the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 *
 * Copyright (c) 2002-2013 Pentaho Corporation..  All rights reserved.
 */

package org.pentaho.platform.plugin.services.metadata;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.pentaho.metadata.util.RowLevelSecurityHelper;
import org.pentaho.platform.api.engine.IPentahoSession;
import org.pentaho.platform.engine.core.system.PentahoSessionHolder;
import org.pentaho.platform.plugin.services.messages.Messages;

import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/**
 * This row level security helper resolves SESSION("VALUE") in addition to it's parent USER() and ROLE() resolvers.
 * 
 * Note that it's the responsibility of the script to quote the SESSION objects, for instance:
 * 
 * Session ------- UID=1234 TENANT=PENTAHO
 * 
 * EQUALS([NUMBIZCOL];SESSION("UID")) will return NCOL=1234
 * 
 * EQUALS([STRBIZCOL];"SESSION("TENANT")") will return SCOL=`PENTAHO`
 * 
 * @author Will Gorman (wgorman@pentaho.com)
 */
public class SessionAwareRowLevelSecurityHelper extends RowLevelSecurityHelper {

  protected final Log logger = LogFactory.getLog( SessionAwareRowLevelSecurityHelper.class );

  @Override
  protected String expandFunctions( String formula, String user, List<String> roles ) {
    formula = super.expandFunctions( formula, user, roles );

    // "expand" any SESSION('var')

    IPentahoSession session = PentahoSessionHolder.getSession();

    Pattern p = Pattern.compile( "SESSION\\(\"(.*?)\"\\)" ); //$NON-NLS-1$
    Matcher m = p.matcher( formula );
    StringBuffer sb = new StringBuffer( formula.length() );
    while ( m.find() ) {
      String text = m.group( 1 );
      String value = null;
      if ( session.getAttribute( text ) != null ) {
        value = session.getAttribute( text ).toString();
      } else {
        logger.warn( Messages.getInstance().getString(
          "SessionAwareRowLevelSecurityHelper.WARN_0001_NULL_ATTRIBUTE", text, user ) ); //$NON-NLS-1$
        return "FALSE()"; //$NON-NLS-1$
      }
      // escape string if necessary (double quote quotes)
      m.appendReplacement( sb, Matcher.quoteReplacement( value.replaceAll( "\"", "\"\"" ) ) ); //$NON-NLS-1$ //$NON-NLS-2$
    }
    m.appendTail( sb );
    return sb.toString();
  }
}