You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@cocoon.apache.org by an...@apache.org on 2005/03/10 00:27:39 UTC
svn commit: r156712 - in
cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools:
PortalToolManager.java acting/CheckAccessAction.java
service/UserRightsService.java service/UserrightsService.java
transformation/CheckAccessTransformer.java
Author: antonio
Date: Wed Mar 9 15:27:35 2005
New Revision: 156712
URL: http://svn.apache.org/viewcvs?view=rev&rev=156712
Log:
Rename UserrightsService to UserRightsService
Added:
cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/service/UserRightsService.java
Removed:
cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/service/UserrightsService.java
Modified:
cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/PortalToolManager.java
cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/acting/CheckAccessAction.java
cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/transformation/CheckAccessTransformer.java
Modified: cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/PortalToolManager.java
URL: http://svn.apache.org/viewcvs/cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/PortalToolManager.java?view=diff&r1=156711&r2=156712
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/PortalToolManager.java (original)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/PortalToolManager.java Wed Mar 9 15:27:35 2005
@@ -40,7 +40,7 @@
import org.apache.cocoon.ProcessingException;
import org.apache.cocoon.portal.PortalService;
import org.apache.cocoon.portal.tools.helper.PortalObjects;
-import org.apache.cocoon.portal.tools.service.UserrightsService;
+import org.apache.cocoon.portal.tools.service.UserRightsService;
import org.apache.cocoon.webapps.session.ContextManager;
import org.apache.cocoon.webapps.session.context.SessionContext;
import org.apache.excalibur.source.ModifiableSource;
@@ -75,7 +75,7 @@
private static final String i18nDir = "i18n/";
private Configuration configuration;
- private UserrightsService userRightsService;
+ private UserRightsService userRightsService;
private ContextManager contextManager;
@@ -96,7 +96,7 @@
DefaultConfigurationBuilder confBuilder = new DefaultConfigurationBuilder();
this.configuration = confBuilder.build(fSource.getInputStream());
fSource = this.resolver.resolveURI(rootDir + authFile);
- this.userRightsService = new UserrightsService();
+ this.userRightsService = new UserRightsService();
this.userRightsService.setLocation(fSource);
this.userRightsService.initialize();
this.init();
@@ -229,7 +229,7 @@
}
}
- public UserrightsService getUserRightsService() {
+ public UserRightsService getUserRightsService() {
return this.userRightsService;
}
Modified: cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/acting/CheckAccessAction.java
URL: http://svn.apache.org/viewcvs/cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/acting/CheckAccessAction.java?view=diff&r1=156711&r2=156712
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/acting/CheckAccessAction.java (original)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/acting/CheckAccessAction.java Wed Mar 9 15:27:35 2005
@@ -24,7 +24,7 @@
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.SourceResolver;
import org.apache.cocoon.portal.tools.PortalToolManager;
-import org.apache.cocoon.portal.tools.service.UserrightsService;
+import org.apache.cocoon.portal.tools.service.UserRightsService;
/**
* Check whether the current user is allowed to access the given page.
@@ -47,9 +47,9 @@
String url = parameters.getParameter("url");
PortalToolManager ptm = (PortalToolManager) this.manager.lookup(PortalToolManager.ROLE);
try {
- UserrightsService userrightsService = ptm.getUserRightsService();
+ UserRightsService userRightsService = ptm.getUserRightsService();
// FIXME: replace the throw with something else
- if (!userrightsService.userIsAllowed(url, ptm.getPortalObjects().getPortalService().getComponentManager().getProfileManager().getUser())) {
+ if (!userRightsService.userIsAllowed(url, ptm.getPortalObjects().getPortalService().getComponentManager().getProfileManager().getUser())) {
throw new ProcessingException(
"You are not allowed to request this page.");
}
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/service/UserRightsService.java
URL: http://svn.apache.org/viewcvs/cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/service/UserRightsService.java?view=auto&rev=156712
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/service/UserRightsService.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/service/UserRightsService.java Wed Mar 9 15:27:35 2005
@@ -0,0 +1,236 @@
+/*
+ * Copyright 1999-2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.portal.tools.service;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Properties;
+import java.util.StringTokenizer;
+
+import org.apache.avalon.framework.CascadingRuntimeException;
+import org.apache.cocoon.matching.helpers.WildcardHelper;
+import org.apache.cocoon.portal.profile.PortalUser;
+import org.apache.cocoon.portal.tools.helper.MultipleRoleMatcher;
+import org.apache.cocoon.portal.tools.helper.RoleMatcher;
+import org.apache.cocoon.portal.tools.helper.SingleRoleMatcher;
+import org.apache.excalibur.source.Source;
+
+/**
+ * Service, that provides access to the user rights configuration.
+ *
+ * @version CVS $Id: UserRightsService.java 156704 2005-03-09 22:57:22Z antonio $
+ */
+public class UserRightsService {
+
+ /**
+ * The properties' location.
+ */
+ private Source location;
+
+ /**
+ * The properties.
+ */
+ private Properties properties;
+
+ /**
+ * Signals when the properties have been loaded last.
+ */
+ private long lastModified = -1;
+
+ /**
+ * Signals whether to reload the properties.
+ */
+ private boolean reload = false;
+
+ /**
+ * Holds the userrights.
+ */
+ private Map userrights;
+
+ /**
+ * @return The location
+ */
+
+ public Source getLocation() {
+ return this.location;
+ }
+
+ /**
+ * @param location The location to set
+ */
+
+ public void setLocation(Source location) {
+ this.location = location;
+ }
+
+ /**
+ * @return The reload
+ */
+ public boolean getReload() {
+ return this.reload;
+ }
+
+ /**
+ * @param reload The reload to set
+ */
+ public void setReload(boolean reload) {
+ this.reload = reload;
+ }
+
+ /**
+ * Initialize the bean.
+ */
+ public void initialize() {
+ boolean load;
+
+ // Check if called for the first time
+ if (this.properties == null) {
+ load = true;
+ } else {
+ // Check if reload is required
+ load = this.reload;
+ }
+
+ try {
+ if (load) {
+ // Check file timestamp
+ long lastModified = this.location.getLastModified();
+ if (this.lastModified >= lastModified) {
+ load = false;
+ }
+
+ if (load) {
+ this.lastModified = lastModified;
+ this.properties = new Properties();
+ this.properties.load(this.location.getInputStream());
+ this.parseProperties();
+ }
+ }
+ } catch (IOException e) {
+ throw new CascadingRuntimeException(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * @return Whether the current user is allowed to call the given url.
+ */
+ public boolean userIsAllowed(String url, PortalUser user) {
+ this.initialize();
+
+ boolean isAllowed = true;
+
+ // Iterate all userrights
+ Iterator iterator = this.userrights.entrySet().iterator();
+ Map.Entry entry;
+ int[] pattern;
+ RoleMatcher[] matcher;
+ while (iterator.hasNext() && isAllowed) {
+ entry = (Map.Entry)iterator.next();
+ pattern = (int[])entry.getKey();
+
+ // If userright matches try to find a matching role
+ if (WildcardHelper.match(new HashMap(), url, pattern)) {
+ matcher = (RoleMatcher[])entry.getValue();
+
+ isAllowed = false;
+
+ int length = matcher.length;
+ for (int i = 0; i < length; i++) {
+ if (matcher[i].matches(user)) {
+ isAllowed = true;
+ }
+ }
+ }
+ }
+
+ return isAllowed;
+ }
+
+ public boolean userFunctionIsAllowed(String id, PortalUser user) {
+ this.initialize();
+
+ boolean isAllowed = true;
+
+ // Iterate all userrights
+ Iterator iterator = this.userrights.entrySet().iterator();
+ Map.Entry entry;
+ int[] pattern;
+ RoleMatcher[] matcher;
+ while (iterator.hasNext() && isAllowed) {
+ entry = (Map.Entry)iterator.next();
+ pattern = (int[])entry.getKey();
+
+ // If userright matches try to find a matching role
+ if (WildcardHelper.match(new HashMap(), id, pattern)) {
+ matcher = (RoleMatcher[])entry.getValue();
+
+ isAllowed = false;
+
+ int length = matcher.length;
+ for (int i = 0; i < length; i++) {
+ if (matcher[i].matches(user)) {
+ isAllowed = true;
+ }
+ }
+ }
+ }
+
+ return isAllowed;
+ }
+
+ /**
+ * Parse the properties.
+ */
+ private void parseProperties() {
+ Map userrights = new HashMap();
+
+ Iterator iterator = this.properties.entrySet().iterator();
+ Map.Entry entry;
+ while (iterator.hasNext()) {
+ entry = (Map.Entry)iterator.next();
+ userrights.put(
+ WildcardHelper.compilePattern((String)entry.getKey()),
+ this.buildRoles((String)entry.getValue()));
+ }
+
+ this.userrights = userrights;
+ }
+
+ /**
+ * @return A list representing the given roles.
+ */
+ private RoleMatcher[] buildRoles(String roles) {
+ StringTokenizer tokenizer = new StringTokenizer(roles, ",", false);
+
+ RoleMatcher[] result = new RoleMatcher[tokenizer.countTokens()];
+
+ String token;
+ int i = 0;
+ while (tokenizer.hasMoreTokens()) {
+ token = tokenizer.nextToken();
+ if (token.indexOf(MultipleRoleMatcher.ROLE_SEPARATOR) == -1) {
+ result[i] = new SingleRoleMatcher(token);
+ } else {
+ result[i] = new MultipleRoleMatcher(token);
+ }
+ i++;
+ }
+
+ return result;
+ }
+}
Modified: cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/transformation/CheckAccessTransformer.java
URL: http://svn.apache.org/viewcvs/cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/transformation/CheckAccessTransformer.java?view=diff&r1=156711&r2=156712
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/transformation/CheckAccessTransformer.java (original)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/portal/java/org/apache/cocoon/portal/tools/transformation/CheckAccessTransformer.java Wed Mar 9 15:27:35 2005
@@ -19,7 +19,7 @@
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.cocoon.portal.tools.PortalToolManager;
-import org.apache.cocoon.portal.tools.service.UserrightsService;
+import org.apache.cocoon.portal.tools.service.UserRightsService;
import org.apache.cocoon.transformation.AbstractSAXTransformer;
import org.apache.cocoon.xml.IncludeXMLConsumer;
import org.w3c.dom.DocumentFragment;
@@ -39,7 +39,7 @@
public static final String ACCESS_TAG = "access";
public static final String RIGHT_ID = "id";
- private UserrightsService urs;
+ private UserRightsService urs;
private PortalToolManager ptm;
/* (non-Javadoc)