Rev 1603 | Rev 1814 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
1312 | jmachado | 1 | package pt.estgp.estgweb.domain; |
2 | |||
3 | import com.owlike.genson.Genson; |
||
4 | import com.owlike.genson.TransformationException; |
||
5 | import org.apache.log4j.Logger; |
||
6 | import org.json.JSONArray; |
||
7 | import org.json.JSONException; |
||
8 | import pt.estgp.estgweb.services.pageContent.PageContentAccessPolicyAcl; |
||
9 | |||
10 | import java.io.IOException; |
||
11 | import java.util.ArrayList; |
||
12 | import java.util.HashMap; |
||
13 | import java.util.Map; |
||
14 | |||
15 | |||
16 | /** |
||
17 | * Created by jorgemachado on 03/02/16. |
||
18 | */ |
||
19 | public abstract class PageContentImpl extends PageContent implements ClearanceRuled |
||
20 | { |
||
21 | |||
22 | private static 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger = 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(PageContentImpl.class); |
||
23 | |||
24 | private UserSession sess = null; |
||
25 | private Map<Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation,Boolean> userSessionClearences = null; |
||
26 | private boolean childsInitialized = false; |
||
27 | private boolean parentInitialized = false; |
||
28 | |||
1616 | jmachado | 29 | |
1312 | jmachado | 30 | public static class 1.5.0/docs/api/java/security/acl/Acl.html">Acl |
31 | { |
||
1616 | jmachado | 32 | public static 1.5.0/docs/api/java/security/acl/Acl.html">Acl AUTHENTICATED_ACL = new 1.5.0/docs/api/java/security/acl/Acl.html">Acl(1.5.0/docs/api/java/security/acl/Acl.html">Acl.Access.PERMIT.name(), |
33 | 1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/lang/reflect/Type.html">Type.AUTHENTICATED.name(),"",1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation.READ_CONTENTS.name()); |
||
34 | public static ArrayList<Acl> AUTHENTICATED_ACL_SIMPLE_LIST = new ArrayList<Acl>(); |
||
35 | static{ |
||
36 | AUTHENTICATED_ACL_SIMPLE_LIST.add(AUTHENTICATED_ACL); |
||
37 | } |
||
38 | |||
39 | public 1.5.0/docs/api/java/security/acl/Acl.html">Acl(1.5.0/docs/api/java/lang/String.html">String access, 1.5.0/docs/api/java/lang/String.html">String type, 1.5.0/docs/api/java/lang/String.html">String id, 1.5.0/docs/api/java/lang/String.html">String operation) { |
||
40 | this.access = access; |
||
41 | this.type = type; |
||
42 | this.id = id; |
||
43 | this.operation = operation; |
||
44 | } |
||
45 | |||
46 | public 1.5.0/docs/api/java/security/acl/Acl.html">Acl() { |
||
47 | } |
||
48 | |||
1312 | jmachado | 49 | public static enum Access |
50 | { |
||
51 | PERMIT, |
||
52 | DENY //default |
||
53 | } |
||
54 | public static enum 1.5.0/docs/api/java/lang/reflect/Type.html">Type |
||
55 | { |
||
56 | ALL, |
||
57 | ANONYMOUS, //ONLY SUPER USER SHOULD ADD ANONYMOUS PERMISSIONS |
||
58 | AUTHENTICATED, |
||
59 | ROLE, |
||
60 | USER, |
||
61 | COURSEUNIT //SPECIFIC PERMISSIONS RELATIVE TO COURSE UNITS |
||
62 | } |
||
63 | public static enum 1.5.0/docs/api/java/rmi/server/Operation.html">Operation |
||
64 | { |
||
65 | ALL, //SPECIAL OPERATION FOR DENY AND PERMIT REPLACE FULL CONTROL |
||
66 | |||
67 | READ_CONTENTS, |
||
68 | |||
69 | READ_VERSIONS, |
||
70 | READ_INVISIBLES, |
||
71 | |||
72 | |||
73 | ORDER_CONTENTS, |
||
74 | |||
1561 | jmachado | 75 | ADD_SECTIONS, //ADD TEXT USA ESTA PERMISSAO |
1312 | jmachado | 76 | ADD_FILES, |
77 | ADD_URLS, |
||
78 | ADD_MODULES, |
||
79 | |||
80 | REMOVE_SECTIONS, |
||
81 | REMOVE_FILES, |
||
82 | REMOVE_URLS, |
||
83 | REMOVE_MODULES, |
||
84 | |||
85 | EDIT_SECTIONS, |
||
86 | EDIT_FILES, |
||
87 | EDIT_URLS, |
||
88 | EDIT_MODULES; |
||
89 | |||
90 | public static 1.5.0/docs/api/java/rmi/server/Operation.html">Operation parse(1.5.0/docs/api/java/lang/String.html">String clearance) |
||
91 | { |
||
92 | if(clearance == null) |
||
93 | return null; |
||
94 | for(1.5.0/docs/api/java/rmi/server/Operation.html">Operation op: 1.5.0/docs/api/java/rmi/server/Operation.html">Operation.values()) |
||
95 | { |
||
96 | if(op.name().equals(clearance)) |
||
97 | return op; |
||
98 | } |
||
99 | return null; |
||
100 | } |
||
1616 | jmachado | 101 | |
102 | |||
1312 | jmachado | 103 | } |
104 | |||
105 | public static enum CourseUnitsId |
||
106 | { |
||
107 | COURSE_UNIT_TEACHER("page.content.course.unit.teacher"), |
||
108 | COURSE_UNIT_STUDENT("page.content.course.unit.student"), |
||
109 | COURSE_UNIT_RESP_TEACHER("page.content.course.unit.resp.teacher"), |
||
110 | COURSE_UNIT_COURSE_COMISSION("page.content.course.unit.course.comission"); |
||
111 | |||
112 | 1.5.0/docs/api/java/lang/String.html">String msgKey; |
||
113 | |||
114 | |||
115 | CourseUnitsId(1.5.0/docs/api/java/lang/String.html">String msgKey) { |
||
116 | this.msgKey = msgKey; |
||
117 | } |
||
118 | } |
||
119 | |||
120 | private 1.5.0/docs/api/java/lang/String.html">String access; |
||
121 | private 1.5.0/docs/api/java/lang/String.html">String type; |
||
122 | private 1.5.0/docs/api/java/lang/String.html">String id; |
||
123 | private 1.5.0/docs/api/java/lang/String.html">String operation; |
||
124 | |||
125 | public 1.5.0/docs/api/java/lang/String.html">String getAccess() { |
||
126 | return access; |
||
127 | } |
||
128 | |||
129 | public void setAccess(1.5.0/docs/api/java/lang/String.html">String access) { |
||
130 | this.access = access; |
||
131 | } |
||
132 | |||
133 | public void setAccessEnum(Access access) { |
||
134 | this.access = access.name(); |
||
135 | } |
||
136 | |||
137 | public 1.5.0/docs/api/java/lang/String.html">String getType() { |
||
138 | return type; |
||
139 | } |
||
140 | |||
141 | public void setType(1.5.0/docs/api/java/lang/String.html">String type) { |
||
142 | this.type = type; |
||
143 | } |
||
144 | public void setTypeEnum(1.5.0/docs/api/java/lang/reflect/Type.html">Type type) { |
||
145 | this.type = type.name(); |
||
146 | } |
||
147 | |||
148 | public 1.5.0/docs/api/java/lang/String.html">String getId() { |
||
149 | return id; |
||
150 | } |
||
151 | |||
152 | public void setId(1.5.0/docs/api/java/lang/String.html">String id) { |
||
153 | this.id = id; |
||
154 | } |
||
155 | |||
156 | public 1.5.0/docs/api/java/lang/String.html">String getOperation() { |
||
157 | return operation; |
||
158 | } |
||
159 | |||
160 | public void setOperation(1.5.0/docs/api/java/lang/String.html">String operation) { |
||
161 | this.operation = operation; |
||
162 | } |
||
163 | |||
164 | public void setOperationEnum(1.5.0/docs/api/java/rmi/server/Operation.html">Operation operation) { |
||
165 | this.operation = operation.name(); |
||
166 | } |
||
167 | |||
168 | public void setCourseUnitIdEnum(CourseUnitsId courseUnitIdEnum) { |
||
169 | this.id = courseUnitIdEnum.name(); |
||
170 | } |
||
171 | |||
172 | public Access getAccessEnum() |
||
173 | { |
||
174 | for(Access a : Access.values()) |
||
175 | { |
||
176 | if(a.name().equals(getAccess())) |
||
177 | return a; |
||
178 | } |
||
179 | return Access.DENY; |
||
180 | } |
||
181 | |||
182 | public 1.5.0/docs/api/java/lang/reflect/Type.html">Type getTypeEnum() |
||
183 | { |
||
184 | for(1.5.0/docs/api/java/lang/reflect/Type.html">Type a : 1.5.0/docs/api/java/lang/reflect/Type.html">Type.values()) |
||
185 | { |
||
186 | if(a.name().equals(getType())) |
||
187 | return a; |
||
188 | } |
||
189 | return 1.5.0/docs/api/java/lang/reflect/Type.html">Type.ROLE; |
||
190 | } |
||
191 | |||
192 | public 1.5.0/docs/api/java/rmi/server/Operation.html">Operation getOperationEnum() |
||
193 | { |
||
194 | for(1.5.0/docs/api/java/rmi/server/Operation.html">Operation a : 1.5.0/docs/api/java/rmi/server/Operation.html">Operation.values()) |
||
195 | { |
||
196 | if(a.name().equals(getOperation())) |
||
197 | return a; |
||
198 | } |
||
199 | return null; |
||
200 | } |
||
201 | |||
202 | public CourseUnitsId getCourseUnitIdEnum() |
||
203 | { |
||
204 | for(CourseUnitsId a : CourseUnitsId.values()) |
||
205 | { |
||
206 | if(a.name().equals(getId())) |
||
207 | return a; |
||
208 | } |
||
209 | return null; |
||
210 | } |
||
211 | } |
||
212 | |||
213 | /** |
||
214 | * Empty Array Means no ACL's defined |
||
215 | * build a json array form ACL's |
||
216 | * @return example [{"access":"PERMIT","operation":"FULL_CONTROL","id":"services","type":"ROLE"}] |
||
217 | * @throws JSONException |
||
218 | */ |
||
219 | public JSONArray getAclJson() throws JSONException |
||
220 | { |
||
221 | if(getAcl() == null || getAcl().trim().length() == 0) |
||
222 | return new JSONArray(); |
||
223 | return new JSONArray(getAcl()); |
||
224 | } |
||
225 | |||
226 | /** |
||
227 | * Sets the string ACL with the proper json |
||
228 | * @param json |
||
229 | * @throws JSONException |
||
230 | */ |
||
231 | public void setAclJson(JSONArray json) throws JSONException |
||
232 | { |
||
233 | if(json == null) |
||
234 | setAcl(null); |
||
235 | else |
||
236 | setAcl(json.toString()); |
||
237 | } |
||
238 | |||
239 | /** |
||
240 | * sets the string Acl with the json built from given List |
||
241 | * @param acls |
||
242 | * @throws JSONException |
||
243 | */ |
||
244 | public void setAclList(ArrayList<Acl> acls) throws JSONException, 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException { |
||
245 | if(acls == null || acls.size() == 0) |
||
246 | { |
||
247 | setAcl(null); |
||
248 | return; |
||
249 | } |
||
250 | setAcl(getAclJson(acls).toString()); |
||
251 | } |
||
252 | |||
253 | /** |
||
254 | * Empty Array Means no ACL's defined allays |
||
255 | * @return allays a list if no acls return empty list |
||
256 | * @throws JSONException |
||
257 | */ |
||
258 | public ArrayList<Acl> getAclList() throws JSONException, 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException { |
||
259 | ArrayList<Acl> acls = new ArrayList<Acl>(); |
||
260 | if(getAcl() == null || getAcl().trim().length() == 0) |
||
261 | return acls; |
||
262 | Genson genson = getGenson(); |
||
263 | ArrayList<HashMap<String,String>> aclsDes = genson.deserialize(getAcl(),1.5.0/docs/api/java/util/ArrayList.html">ArrayList.class); |
||
264 | for(HashMap<String,String> acl: aclsDes) |
||
265 | { |
||
266 | 1.5.0/docs/api/java/security/acl/Acl.html">Acl a = new 1.5.0/docs/api/java/security/acl/Acl.html">Acl(); |
||
267 | a.setType(acl.get("type")); |
||
268 | a.setOperation(acl.get("operation")); |
||
269 | a.setAccess(acl.get("access")); |
||
270 | a.setId(acl.get("id")); |
||
271 | acls.add(a); |
||
272 | } |
||
273 | return acls; |
||
274 | } |
||
275 | |||
276 | /** |
||
277 | * Add a acl to String json at the end |
||
278 | * @param acl |
||
279 | * @throws IOException |
||
280 | * @throws TransformationException |
||
281 | * @throws JSONException |
||
282 | */ |
||
283 | public void addAcl(1.5.0/docs/api/java/security/acl/Acl.html">Acl acl) throws 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException, JSONException { |
||
284 | if(acl == null) |
||
285 | return; |
||
286 | ArrayList<Acl> acls = getAclList(); |
||
287 | acls.add(acl); |
||
288 | setAclList(acls); |
||
289 | } |
||
290 | |||
291 | private static Genson getGenson(){ |
||
292 | Genson genson = new Genson.Builder() |
||
293 | .exclude(5+0%2Fdocs%2Fapi+Object">Object.class) |
||
294 | .include("access", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
295 | .include("type", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
296 | .include("id", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
297 | .include("operation", 1.5.0/docs/api/java/security/acl/Acl.html">Acl.class) |
||
298 | .create(); |
||
299 | return genson; |
||
300 | } |
||
301 | |||
302 | /** |
||
303 | * Utilitário |
||
304 | * @param aclList |
||
305 | * @return |
||
306 | * @throws IOException |
||
307 | * @throws TransformationException |
||
308 | * @throws JSONException |
||
309 | */ |
||
310 | public static JSONArray getAclJson(ArrayList<Acl> aclList) throws 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException, JSONException { |
||
311 | if(aclList == null) |
||
312 | return new JSONArray(); |
||
313 | Genson genson = getGenson(); |
||
314 | 1.5.0/docs/api/java/lang/String.html">String json = genson.serialize(aclList); |
||
315 | //System.out.println(json); |
||
316 | return new JSONArray(json); |
||
317 | } |
||
318 | |||
319 | |||
320 | public boolean isChildsInitialized() { |
||
321 | return childsInitialized; |
||
322 | } |
||
323 | |||
324 | public void setChildsInitialized(boolean childsInitialized) { |
||
325 | this.childsInitialized = childsInitialized; |
||
326 | } |
||
327 | |||
328 | public boolean isParentInitialized() { |
||
329 | return parentInitialized; |
||
330 | } |
||
331 | |||
332 | public void setParentInitialized(boolean parentInitialized) { |
||
333 | this.parentInitialized = parentInitialized; |
||
334 | } |
||
335 | |||
336 | /** |
||
337 | * Metodo de testes |
||
338 | * @param args |
||
339 | * @throws IOException |
||
340 | * @throws TransformationException |
||
341 | * @throws JSONException |
||
342 | */ |
||
343 | public static void main(1.5.0/docs/api/java/lang/String.html">String [] args) throws 1.5.0/docs/api/java/io/IOException.html">IOException, TransformationException, JSONException { |
||
344 | |||
345 | |||
346 | |||
347 | } |
||
348 | |||
349 | public boolean canAdmin(UserSessionImpl u) |
||
350 | { |
||
351 | if(sess != null && sess.getCookie() != null && !sess.getCookie().equals(u.getCookie())) |
||
352 | { |
||
353 | logger.warn("Clearances checked for Mr:" + sess.getCookie() + " but clearing for Mr:" + u.getCookie()); |
||
354 | return false; |
||
355 | } |
||
356 | else if(userSessionClearences != null) |
||
357 | { |
||
358 | for(1.5.0/docs/api/java/util/Map.html">Map.Entry<Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation,Boolean> entry: userSessionClearences.entrySet()) |
||
359 | { |
||
360 | if(entry.getValue() == true && |
||
361 | !entry.getKey().name().startsWith("READ")) |
||
362 | { |
||
363 | return true; |
||
364 | } |
||
365 | } |
||
366 | return false; |
||
367 | } |
||
368 | else |
||
369 | { |
||
370 | logger.warn("Checking clearance without sessionClearances initialized, not allowed"); |
||
371 | return false; |
||
372 | } |
||
373 | } |
||
374 | |||
375 | |||
376 | |||
377 | |||
378 | public boolean isClear(UserSessionImpl u, 1.5.0/docs/api/java/lang/String.html">String OP) |
||
379 | { |
||
380 | 1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation o = 1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation.parse(OP); |
||
381 | return isClear(u,o); |
||
382 | } |
||
383 | |||
384 | /** |
||
385 | * Same logic in isClearanceInitialized Method |
||
386 | * @param u |
||
387 | * @return |
||
388 | */ |
||
389 | public boolean isClear(UserSessionImpl u, PageContentImpl.1.5.0/docs/api/java/security/acl/Acl.html">Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation op) |
||
390 | { |
||
391 | if(sess != null && sess.getCookie() != null && !sess.getCookie().equals(u.getCookie())) |
||
392 | { |
||
393 | logger.warn("Clearances checked for Mr:" + sess.getCookie() + " but clearing for Mr:" + u.getCookie()); |
||
394 | return false; |
||
395 | } |
||
1616 | jmachado | 396 | else if(sess == null || sess.getCookie() == null || u == null || u.getCookie() == null) |
397 | { |
||
398 | logger.warn("Clearances are being checked to a user or a session with no cookie identifier"); |
||
399 | return false; |
||
400 | } |
||
1312 | jmachado | 401 | else if(userSessionClearences != null) |
402 | { |
||
403 | return userSessionClearences.get(op); |
||
404 | } |
||
405 | else |
||
406 | { |
||
407 | logger.warn("Checking clearance without sessionClearances initialized, not allowed"); |
||
408 | return false; |
||
409 | } |
||
410 | } |
||
411 | |||
412 | /** |
||
413 | * Same logic in isClear Method |
||
414 | * @param u |
||
415 | * @return |
||
416 | */ |
||
417 | public boolean isClearanceInitialized(UserSessionImpl u) |
||
418 | { |
||
419 | if(sess != null && sess.getCookie() != null && !sess.getCookie().equals(u.getCookie())) |
||
420 | { |
||
421 | return false; |
||
422 | } |
||
423 | else if(userSessionClearences == null) |
||
424 | { |
||
425 | return false; |
||
426 | } |
||
427 | return true; |
||
428 | } |
||
429 | |||
1326 | jmachado | 430 | @1.5.0/docs/api/java/lang/Override.html">Override |
431 | public void initClearances(UserSessionImpl u, boolean force) { |
||
1603 | jmachado | 432 | throw new 1.5.0/docs/api/java/lang/RuntimeException.html">RuntimeException("NotImplemented"); |
1326 | jmachado | 433 | } |
1312 | jmachado | 434 | |
435 | |||
1326 | jmachado | 436 | |
1312 | jmachado | 437 | public void setUserSessionClearences(Map<Acl.1.5.0/docs/api/java/rmi/server/Operation.html">Operation, Boolean> userSessionClearences) { |
438 | this.userSessionClearences = userSessionClearences; |
||
439 | } |
||
440 | |||
441 | public void setSess(UserSession sess) { |
||
442 | this.sess = sess; |
||
443 | } |
||
444 | |||
445 | @1.5.0/docs/api/java/lang/Override.html">Override |
||
446 | public 1.5.0/docs/api/java/lang/String.html">String getAccessPolicyClass() { |
||
447 | if(super.getAccessPolicyClass() == null) |
||
448 | { |
||
449 | logger.debug("No AccessPolicyClass in PageContent " + getId() + ":" + getTitle() + " using default:" + PageContentAccessPolicyAcl.class.getName()); |
||
450 | return PageContentAccessPolicyAcl.class.getName(); |
||
451 | } |
||
452 | return super.getAccessPolicyClass(); |
||
453 | } |
||
454 | } |