DefaultProcessAccessManager.java

/* (c) 2014 Open Source Geospatial Foundation - all rights reserved
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */

package org.geoserver.wps.security;

import org.geoserver.security.AccessMode;
import org.geoserver.security.CatalogMode;
import org.geoserver.security.impl.SecureTreeNode;
import org.opengis.feature.type.Name;
import org.springframework.security.core.Authentication;

/**
 * Default implementation of WPS access manager based on wps.xml configuration file. Builds
 * {@link #SecureTreeNode} to manage roles hierarchy as in {@link #DefaultDataAccessManager}
 */

public class DefaultProcessAccessManager implements ProcessAccessManager {

    private WpsAccessRuleDAO dao;

    long lastLoaded = Long.MIN_VALUE;

    public DefaultProcessAccessManager(WpsAccessRuleDAO dao) {
        this.dao = dao;
    }

    public CatalogMode getMode() {
        return dao.getMode();
    }

    @Override
    public ProcessAccessLimits getAccessLimits(Authentication user, String namespace) {
        SecureTreeNode node = dao.getSecurityTreeRoot().getDeepestNode(new String[] { namespace });
        return new ProcessAccessLimits(dao.getMode(), node.canAccess(user, AccessMode.READ),
                namespace);
    }

    @Override
    public ProcessAccessLimits getAccessLimits(Authentication user, Name process) {
        SecureTreeNode node = dao.getSecurityTreeRoot().getDeepestNode(
                new String[] { process.getNamespaceURI(), process.getLocalPart() });
        return new ProcessAccessLimits(dao.getMode(), node.canAccess(user, AccessMode.READ),
                process.toString());
    }

}