Rev 1561 | Rev 1776 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
1312 | jmachado | 1 | package pt.estgp.estgweb.domain; |
2 | |||
3 | import com.owlike.genson.Genson; |
||
4 | import com.owlike.genson.TransformationException; |
||
5 | import org.apache.log4j.Logger; |
||
6 | import org.json.JSONArray; |
||
7 | import org.json.JSONException; |
||
8 | import pt.estgp.estgweb.services.pageContent.PageContentAccessPolicyAcl; |
||
9 | |||
10 | import java.io.IOException; |
||
11 | import java.util.ArrayList; |
||
12 | import java.util.HashMap; |
||
13 | import java.util.Map; |
||
14 | |||
15 | |||
16 | /** |
||
17 | * Created by jorgemachado on 03/02/16. |
||
18 | */ |
||
19 | public abstract class PageContentImpl extends PageContent implements ClearanceRuled |
||
20 | { |
||
21 | |||
22 | private static 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger = 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(PageContentImpl.class); |
||
23 | |||
24 | private UserSession sess = null; |
||
25 | private Map<Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation,Boolean> userSessionClearences = null; |
||
26 | private boolean childsInitialized = false; |
||
27 | private boolean parentInitialized = false; |
||
28 | |||
29 | public static class 1.5.0/docs/api/java/security/acl/Acl.html">Acl |
||
30 | { |
||
31 | public static enum Access |
||
32 | { |
||
33 | PERMIT, |
||
34 | DENY //default |
||
35 | } |
||
36 | public static enum 1.5.0/docs/api/java/lang/reflect/Type.html">Type |
||
37 | { |
||
38 | ALL, |
||
39 | ANONYMOUS, //ONLY SUPER USER SHOULD ADD ANONYMOUS PERMISSIONS |
||
40 | AUTHENTICATED, |
||
41 | ROLE, |
||
42 | USER, |
||
43 | COURSEUNIT //SPECIFIC PERMISSIONS RELATIVE TO COURSE UNITS |
||
44 | } |
||
45 | public static enum 1.5.0/docs/api/java/rmi/server/Operation.html">Operation |
||
46 | { |
||
47 | ALL, //SPECIAL OPERATION FOR DENY AND PERMIT REPLACE FULL CONTROL |
||
48 | |||
49 | READ_CONTENTS, |
||
50 | |||
51 | READ_VERSIONS, |
||
52 | READ_INVISIBLES, |
||
53 | |||
54 | |||
55 | ORDER_CONTENTS, |
||
56 | |||
1561 | jmachado | 57 | ADD_SECTIONS, //ADD TEXT USA ESTA PERMISSAO |
1312 | jmachado | 58 | ADD_FILES, |
59 | ADD_URLS, |
||
60 | ADD_MODULES, |
||
61 | |||
62 | REMOVE_SECTIONS, |
||
63 | REMOVE_FILES, |
||
64 | REMOVE_URLS, |
||
65 | REMOVE_MODULES, |
||
66 | |||
67 | EDIT_SECTIONS, |
||
68 | EDIT_FILES, |
||
69 | EDIT_URLS, |
||
70 | EDIT_MODULES; |
||
71 | |||
72 | public static 1.5.0/docs/api/java/rmi/server/Operation.html">Operation parse(1.5.0/docs/api/java/lang/String.html">String clearance) |
||
73 | { |
||
74 | if(clearance == null) |
||
75 | return null; |
||
76 | for(1.5.0/docs/api/java/rmi/server/Operation.html">Operation op: 1.5.0/docs/api/java/rmi/server/Operation.html">Operation.values()) |
||
77 | { |
||
78 | if(op.name().equals(clearance)) |
||
79 | return op; |
||
80 | } |
||
81 | return null; |
||
82 | } |
||
83 | } |
||
84 | |||
85 | public static enum CourseUnitsId |
||
86 | { |
||
87 | COURSE_UNIT_TEACHER("page.content.course.unit.teacher"), |
||
88 | COURSE_UNIT_STUDENT("page.content.course.unit.student"), |
||
89 | COURSE_UNIT_RESP_TEACHER("page.content.course.unit.resp.teacher"), |
||
90 | COURSE_UNIT_COURSE_COMISSION("page.content.course.unit.course.comission"); |
||
91 | |||
92 | 1.5.0/docs/api/java/lang/String.html">String msgKey; |
||
93 | |||
94 | |||
95 | CourseUnitsId(1.5.0/docs/api/java/lang/String.html">String msgKey) { |
||
96 | this.msgKey = msgKey; |
||
97 | } |
||
98 | } |
||
99 | |||
100 | private 1.5.0/docs/api/java/lang/String.html">String access; |
||
101 | private 1.5.0/docs/api/java/lang/String.html">String type; |
||
102 | private 1.5.0/docs/api/java/lang/String.html">String id; |
||
103 | private 1.5.0/docs/api/java/lang/String.html">String operation; |
||
104 | |||
105 | public 1.5.0/docs/api/java/lang/String.html">String getAccess() { |
||
106 | return access; |
||
107 | } |
||
108 | |||
109 | public void setAccess(1.5.0/docs/api/java/lang/String.html">String access) { |
||
110 | this.access = access; |
||
111 | } |
||
112 | |||
113 | public void setAccessEnum(Access access) { |
||
114 | this.access = access.name(); |
||
115 | } |
||
116 | |||
117 | public 1.5.0/docs/api/java/lang/String.html">String getType() { |
||
118 | return type; |
||
119 | } |
||
120 | |||
121 | public void setType(1.5.0/docs/api/java/lang/String.html">String type) { |
||
122 | this.type = type; |
||
123 | } |
||
124 | public void setTypeEnum(1.5.0/docs/api/java/lang/reflect/Type.html">Type type) { |
||
125 | this.type = type.name(); |
||
126 | } |
||
127 | |||
128 | public 1.5.0/docs/api/java/lang/String.html">String getId() { |
||
129 | return id; |
||
130 | } |
||
131 | |||
132 | public void setId(1.5.0/docs/api/java/lang/String.html">String id) { |
||
133 | this.id = id; |
||
134 | } |
||
135 | |||
136 | public 1.5.0/docs/api/java/lang/String.html">String getOperation() { |
||
137 | return operation; |
||
138 | } |
||
139 | |||
140 | public void setOperation(1.5.0/docs/api/java/lang/String.html">String operation) { |
||
141 | this.operation = operation; |
||
142 | } |
||
143 | |||
144 | public void setOperationEnum(1.5.0/docs/api/java/rmi/server/Operation.html">Operation operation) { |
||
145 | this.operation = operation.name(); |
||
146 | } |
||
147 | |||
148 | public void setCourseUnitIdEnum(CourseUnitsId courseUnitIdEnum) { |
||
149 | this.id = courseUnitIdEnum.name(); |
||
150 | } |
||
151 | |||
152 | public Access getAccessEnum() |
||
153 | { |
||
154 | for(Access a : Access.values()) |
||
155 | { |
||
156 | if(a.name().equals(getAccess())) |
||
157 | return a; |
||
158 | } |
||
159 | return Access.DENY; |
||
160 | } |
||
161 | |||
162 | public 1.5.0/docs/api/java/lang/reflect/Type.html">Type getTypeEnum() |
||
163 | { |
||
164 | for(1.5.0/docs/api/java/lang/reflect/Type.html">Type a : 1.5.0/docs/api/java/lang/reflect/Type.html">Type.values()) |
||
165 | { |
||
166 | if(a.name().equals(getType())) |
||
167 | return a; |
||
168 | } |
||
169 | return 1.5.0/docs/api/java/lang/reflect/Type.html">Type.ROLE; |
||
170 | } |
||
171 | |||
172 | public 1.5.0/docs/api/java/rmi/server/Operation.html">Operation getOperationEnum() |
||
173 | { |
||
174 | for(1.5.0/docs/api/java/rmi/server/Operation.html">Operation a : 1.5.0/docs/api/java/rmi/server/Operation.html">Operation.values()) |
||
175 | { |
||
176 | if(a.name().equals(getOperation())) |
||
177 | return a; |
||
178 | } |
||
179 | return null; |
||
180 | } |
||
181 | |||
182 | public CourseUnitsId getCourseUnitIdEnum() |
||
183 | { |
||
184 | for(CourseUnitsId a : CourseUnitsId.values()) |
||
185 | { |
||
186 | if(a.name().equals(getId())) |
||
187 | return a; |
||
188 | } |
||
189 | return null; |
||
190 | } |
||
191 | } |
||
192 | |||
193 | /** |
||
194 | * Empty Array Means no ACL's defined |
||
195 | * build a json array form ACL's |
||
196 | * @return example [{"access":"PERMIT","operation":"FULL_CONTROL","id":"services","type":"ROLE"}] |
||
197 | * @throws JSONException |
||
198 | */ |
||
199 | public JSONArray getAclJson() throws JSONException |
||
200 | { |
||
201 | if(getAcl() == null || getAcl().trim().length() == 0) |
||
202 | return new JSONArray(); |
||
203 | return new JSONArray(getAcl()); |
||
204 | } |
||
205 | |||
206 | /** |
||
207 | * Sets the string ACL with the proper json |
||
208 | * @param json |
||
209 | * @throws JSONException |
||
210 | */ |
||
211 | public void setAclJson(JSONArray json) throws JSONException |
||
212 | { |
||
213 | if(json == null) |
||
214 | setAcl(null); |
||
215 | else |
||
216 | setAcl(json.toString()); |
||
217 | } |
||
218 | |||
219 | /** |
||
220 | * sets the string Acl with the json built from given List |
||
221 | * @param acls |
||
222 | * @throws JSONException |
||
223 | */ |
||
224 | public void setAclList(ArrayList<Acl> acls) throws JSONException, 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException { |
||
225 | if(acls == null || acls.size() == 0) |
||
226 | { |
||
227 | setAcl(null); |
||
228 | return; |
||
229 | } |
||
230 | setAcl(getAclJson(acls).toString()); |
||
231 | } |
||
232 | |||
233 | /** |
||
234 | * Empty Array Means no ACL's defined allays |
||
235 | * @return allays a list if no acls return empty list |
||
236 | * @throws JSONException |
||
237 | */ |
||
238 | public ArrayList<Acl> getAclList() throws JSONException, 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException { |
||
239 | ArrayList<Acl> acls = new ArrayList<Acl>(); |
||
240 | if(getAcl() == null || getAcl().trim().length() == 0) |
||
241 | return acls; |
||
242 | Genson genson = getGenson(); |
||
243 | ArrayList<HashMap<String,String>> aclsDes = genson.deserialize(getAcl(),1.5.0/docs/api/java/util/ArrayList.html">ArrayList.class); |
||
244 | for(HashMap<String,String> acl: aclsDes) |
||
245 | { |
||
246 | 1.5.0/docs/api/java/security/acl/Acl.html">Acl a = new 1.5.0/docs/api/java/security/acl/Acl.html">Acl(); |
||
247 | a.setType(acl.get("type")); |
||
248 | a.setOperation(acl.get("operation")); |
||
249 | a.setAccess(acl.get("access")); |
||
250 | a.setId(acl.get("id")); |
||
251 | acls.add(a); |
||
252 | } |
||
253 | return acls; |
||
254 | } |
||
255 | |||
256 | /** |
||
257 | * Add a acl to String json at the end |
||
258 | * @param acl |
||
259 | * @throws IOException |
||
260 | * @throws TransformationException |
||
261 | * @throws JSONException |
||
262 | */ |
||
263 | public void addAcl(1.5.0/docs/api/java/security/acl/Acl.html">Acl acl) throws 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException, JSONException { |
||
264 | if(acl == null) |
||
265 | return; |
||
266 | ArrayList<Acl> acls = getAclList(); |
||
267 | acls.add(acl); |
||
268 | setAclList(acls); |
||
269 | } |
||
270 | |||
271 | private static Genson getGenson(){ |
||
272 | Genson genson = new Genson.Builder() |
||
273 | .exclude(5+0%2Fdocs%2Fapi+Object">Object.class) |
||
274 | .include("access", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
275 | .include("type", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
276 | .include("id", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
277 | .include("operation", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
278 | .create(); |
||
279 | return genson; |
||
280 | } |
||
281 | |||
282 | /** |
||
283 | * Utilitário |
||
284 | * @param aclList |
||
285 | * @return |
||
286 | * @throws IOException |
||
287 | * @throws TransformationException |
||
288 | * @throws JSONException |
||
289 | */ |
||
290 | public static JSONArray getAclJson(ArrayList<Acl> aclList) throws 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException, JSONException { |
||
291 | if(aclList == null) |
||
292 | return new JSONArray(); |
||
293 | Genson genson = getGenson(); |
||
294 | 1.5.0/docs/api/java/lang/String.html">String json = genson.serialize(aclList); |
||
295 | //System.out.println(json); |
||
296 | return new JSONArray(json); |
||
297 | } |
||
298 | |||
299 | |||
300 | public boolean isChildsInitialized() { |
||
301 | return childsInitialized; |
||
302 | } |
||
303 | |||
304 | public void setChildsInitialized(boolean childsInitialized) { |
||
305 | this.childsInitialized = childsInitialized; |
||
306 | } |
||
307 | |||
308 | public boolean isParentInitialized() { |
||
309 | return parentInitialized; |
||
310 | } |
||
311 | |||
312 | public void setParentInitialized(boolean parentInitialized) { |
||
313 | this.parentInitialized = parentInitialized; |
||
314 | } |
||
315 | |||
316 | /** |
||
317 | * Metodo de testes |
||
318 | * @param args |
||
319 | * @throws IOException |
||
320 | * @throws TransformationException |
||
321 | * @throws JSONException |
||
322 | */ |
||
323 | public static void main(1.5.0/docs/api/java/lang/String.html">String [] args) throws 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException, JSONException { |
||
324 | |||
325 | |||
326 | |||
327 | } |
||
328 | |||
329 | public boolean canAdmin(UserSessionImpl u) |
||
330 | { |
||
331 | if(sess != null && sess.getCookie() != null && !sess.getCookie().equals(u.getCookie())) |
||
332 | { |
||
333 | logger.warn("Clearances checked for Mr:" + sess.getCookie() + " but clearing for Mr:" + u.getCookie()); |
||
334 | return false; |
||
335 | } |
||
336 | else if(userSessionClearences != null) |
||
337 | { |
||
338 | for(1.5.0/docs/api/java/util/Map.html">Map.Entry<Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation,Boolean> entry: userSessionClearences.entrySet()) |
||
339 | { |
||
340 | if(entry.getValue() == true && |
||
341 | !entry.getKey().name().startsWith("READ")) |
||
342 | { |
||
343 | return true; |
||
344 | } |
||
345 | } |
||
346 | return false; |
||
347 | } |
||
348 | else |
||
349 | { |
||
350 | logger.warn("Checking clearance without sessionClearances initialized, not allowed"); |
||
351 | return false; |
||
352 | } |
||
353 | } |
||
354 | |||
355 | |||
356 | |||
357 | |||
358 | public boolean isClear(UserSessionImpl u, 1.5.0/docs/api/java/lang/String.html">String OP) |
||
359 | { |
||
360 | 1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation o = 1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation.parse(OP); |
||
361 | return isClear(u,o); |
||
362 | } |
||
363 | |||
364 | /** |
||
365 | * Same logic in isClearanceInitialized Method |
||
366 | * @param u |
||
367 | * @return |
||
368 | */ |
||
369 | public boolean isClear(UserSessionImpl u, PageContentImpl.1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation op) |
||
370 | { |
||
371 | if(sess != null && sess.getCookie() != null && !sess.getCookie().equals(u.getCookie())) |
||
372 | { |
||
373 | logger.warn("Clearances checked for Mr:" + sess.getCookie() + " but clearing for Mr:" + u.getCookie()); |
||
374 | return false; |
||
375 | } |
||
376 | else if(userSessionClearences != null) |
||
377 | { |
||
378 | return userSessionClearences.get(op); |
||
379 | } |
||
380 | else |
||
381 | { |
||
382 | logger.warn("Checking clearance without sessionClearances initialized, not allowed"); |
||
383 | return false; |
||
384 | } |
||
385 | } |
||
386 | |||
387 | /** |
||
388 | * Same logic in isClear Method |
||
389 | * @param u |
||
390 | * @return |
||
391 | */ |
||
392 | public boolean isClearanceInitialized(UserSessionImpl u) |
||
393 | { |
||
394 | if(sess != null && sess.getCookie() != null && !sess.getCookie().equals(u.getCookie())) |
||
395 | { |
||
396 | return false; |
||
397 | } |
||
398 | else if(userSessionClearences == null) |
||
399 | { |
||
400 | return false; |
||
401 | } |
||
402 | return true; |
||
403 | } |
||
404 | |||
1326 | jmachado | 405 | @1.5.0/docs/api/java/lang/Override.html">Override |
406 | public void initClearances(UserSessionImpl u, boolean force) { |
||
1603 | jmachado | 407 | throw new 1.5.0/docs/api/java/lang/RuntimeException.html">RuntimeException("NotImplemented"); |
1326 | jmachado | 408 | } |
1312 | jmachado | 409 | |
410 | |||
1326 | jmachado | 411 | |
1312 | jmachado | 412 | public void setUserSessionClearences(Map<Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation, Boolean> userSessionClearences) { |
413 | this.userSessionClearences = userSessionClearences; |
||
414 | } |
||
415 | |||
416 | public void setSess(UserSession sess) { |
||
417 | this.sess = sess; |
||
418 | } |
||
419 | |||
420 | @1.5.0/docs/api/java/lang/Override.html">Override |
||
421 | public 1.5.0/docs/api/java/lang/String.html">String getAccessPolicyClass() { |
||
422 | if(super.getAccessPolicyClass() == null) |
||
423 | { |
||
424 | logger.debug("No AccessPolicyClass in PageContent " + getId() + ":" + getTitle() + " using default:" + PageContentAccessPolicyAcl.class.getName()); |
||
425 | return PageContentAccessPolicyAcl.class.getName(); |
||
426 | } |
||
427 | return super.getAccessPolicyClass(); |
||
428 | } |
||
429 | } |