Rev 1312 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 368 | jmachado | 1 | package pt.estgp.estgweb.web; |
| 2 | |||
| 1067 | jmachado | 3 | import org.apache.log4j.Logger; |
| 4 | import org.apache.struts.action.ActionForm; |
||
| 368 | jmachado | 5 | import org.apache.struts.action.ActionForward; |
| 6 | import org.apache.struts.action.ActionMapping; |
||
| 7 | import org.dom4j.*; |
||
| 1067 | jmachado | 8 | import pt.estgp.estgweb.domain.UserSession; |
| 9 | import pt.estgp.estgweb.services.directories.DirectoryNodeType; |
||
| 10 | import pt.estgp.estgweb.utils.ConfigProperties; |
||
| 11 | import pt.estgp.estgweb.utils.Dom4jUtil; |
||
| 1314 | jmachado | 12 | import pt.estgp.estgweb.web.controllers.ApplicationController; |
| 1067 | jmachado | 13 | import pt.estgp.estgweb.web.exceptions.NotAuthorizedException; |
| 1069 | jmachado | 14 | import pt.estgp.estgweb.web.utils.RequestUtils; |
| 15 | import pt.utl.ist.berserk.logic.serviceManager.IServiceManager; |
||
| 16 | import pt.utl.ist.berserk.logic.serviceManager.ServiceManager; |
||
| 368 | jmachado | 17 | |
| 1067 | jmachado | 18 | import javax.servlet.ServletException; |
| 368 | jmachado | 19 | import javax.servlet.http.HttpServletRequest; |
| 20 | import javax.servlet.http.HttpServletResponse; |
||
| 1067 | jmachado | 21 | import java.io.IOException; |
| 368 | jmachado | 22 | import java.util.ArrayList; |
| 23 | import java.util.HashMap; |
||
| 1067 | jmachado | 24 | import java.util.List; |
| 368 | jmachado | 25 | import java.util.Map; |
| 26 | |||
| 27 | /** |
||
| 28 | * @author Jorge Machado |
||
| 29 | * @date 26/Fev/2008 |
||
| 30 | * @time 18:01:54 |
||
| 31 | * @see pt.estgp.estgweb.web |
||
| 32 | */ |
||
| 1314 | jmachado | 33 | public class DirLayoutController extends ApplicationController |
| 368 | jmachado | 34 | { |
| 35 | |||
| 36 | private static final 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger = 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(DirLayoutController.class); |
||
| 37 | |||
| 379 | jmachado | 38 | public static Map<String, String> namespaces = new HashMap<String, String>(); |
| 368 | jmachado | 39 | |
| 379 | jmachado | 40 | static |
| 41 | { |
||
| 42 | namespaces.put("d", "http://www.estgp.pt/baco/directory/"); |
||
| 43 | } |
||
| 44 | |||
| 368 | jmachado | 45 | |
| 396 | jmachado | 46 | |
| 368 | jmachado | 47 | private static class Rights |
| 48 | { |
||
| 49 | List<RightsT> rightsT; |
||
| 50 | boolean internal = false; //by default |
||
| 51 | } |
||
| 52 | |||
| 53 | private static class RightsT |
||
| 54 | { |
||
| 55 | 1.5.0/docs/api/java/lang/String.html">String text; |
||
| 56 | RightsTClass rightsTClass; |
||
| 57 | RightsTType type; |
||
| 58 | |||
| 59 | private static enum RightsTType |
||
| 60 | { |
||
| 61 | permit, |
||
| 62 | restrict |
||
| 63 | } |
||
| 64 | |||
| 65 | private static enum RightsTClass |
||
| 66 | { |
||
| 67 | role, |
||
| 68 | user |
||
| 69 | } |
||
| 70 | } |
||
| 71 | |||
| 72 | public ActionForward execute(ActionMapping mapping, |
||
| 73 | ActionForm form, |
||
| 74 | HttpServletRequest request, |
||
| 75 | HttpServletResponse response) |
||
| 76 | throws 1.5.0/docs/api/java/io/IOException.html">IOException, ServletException |
||
| 77 | { |
||
| 78 | |||
| 79 | /** |
||
| 80 | * 1 - Obtain Directory XML |
||
| 81 | * 2 - Build a Xpath query based on path |
||
| 82 | * 3 - Set Actual Node |
||
| 83 | * 4 - Check Actual Node Rights |
||
| 84 | * 5 - If is a leaf check absolute just to confirm the request is valid, if absolute redirect just in case |
||
| 85 | * 6 - If is a leaf check layout to define the use of a layout and get directory@layout to choose layout to forward in struts |
||
| 86 | * 7 - If is a leaf check style to define the use of a style and allays put the object in "body" parameter or directly put content in layout |
||
| 87 | * 8 - If is a leaf check proxy to know if it is an proxied source if it is get content by URL concat or just forward to an internal localhost/context/path |
||
| 88 | * 8.1 in this case check if is to be layout, usuallly will not be laouted but just in case check it. |
||
| 89 | * |
||
| 90 | * |
||
| 91 | * No WebProxy colocar o contextPath, o user, os Roles, o actual node, username, name, body se for o caso de puxar |
||
| 92 | */ |
||
| 93 | |||
| 94 | |||
| 95 | UserSession userSession = UserSessionProxy.loadUserSessionFromRequest(request); |
||
| 96 | |||
| 97 | |||
| 98 | 1.5.0/docs/api/java/lang/String.html">String directory = request.getParameter("directory"); |
||
| 99 | 1.5.0/docs/api/java/lang/String.html">String path = request.getParameter("path"); |
||
| 100 | |||
| 101 | try |
||
| 102 | { |
||
| 103 | |||
| 1069 | jmachado | 104 | |
| 105 | IServiceManager sm = ServiceManager.getInstance(); |
||
| 106 | 1.5.0/docs/api/java/lang/String.html">String[] names = new 1.5.0/docs/api/java/lang/String.html">String[]{}; |
||
| 107 | 5+0%2Fdocs%2Fapi+Object">Object[] args = new 5+0%2Fdocs%2Fapi+Object">Object[]{directory}; |
||
| 108 | 5+0%2Fdocs%2Fapi+Document">Document directoryDocument; |
||
| 109 | try |
||
| 110 | { |
||
| 111 | 1.5.0/docs/api/java/lang/String.html">String dXml = (1.5.0/docs/api/java/lang/String.html">String) sm.execute(RequestUtils.getRequester(request, response), "LoadDirectoryServiceXml", args, names); |
||
| 112 | directoryDocument = Dom4jUtil.parse(dXml); |
||
| 113 | } |
||
| 114 | catch (1.5.0/docs/api/java/lang/Throwable.html">Throwable e) |
||
| 115 | { |
||
| 116 | logger.error(e, e); |
||
| 117 | throw new 1.5.0/docs/api/java/io/IOException.html">IOException(e.toString()); |
||
| 118 | } |
||
| 119 | |||
| 120 | |||
| 368 | jmachado | 121 | if (path.startsWith("/")) |
| 122 | path = path.substring(1); |
||
| 123 | 1.5.0/docs/api/java/lang/String.html">String[] ids = path.split("/"); |
||
| 379 | jmachado | 124 | |
| 368 | jmachado | 125 | DirectoryNodeType directoryNodeType = null; |
| 126 | 1.5.0/docs/api/java/lang/String.html">String actualNodeId = null; |
||
| 127 | 5+0%2Fdocs%2Fapi+Element">Element actualNode = null; |
||
| 128 | int stopName = 0; |
||
| 1312 | jmachado | 129 | //vai ficar com o ultimo nó nao externo lido no ciclo |
| 368 | jmachado | 130 | List<Rights> rights = new ArrayList<Rights>(); |
| 131 | for (1.5.0/docs/api/java/lang/String.html">String id : ids) |
||
| 132 | { |
||
| 133 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath idXpath = directoryDocument.createXPath("//*[@id='" + id + "']"); |
||
| 379 | jmachado | 134 | |
| 368 | jmachado | 135 | idXpath.setNamespaceURIs(namespaces); |
| 136 | 5+0%2Fdocs%2Fapi+Element">Element idElem = (5+0%2Fdocs%2Fapi+Element">Element) idXpath.selectSingleNode(directoryDocument); |
||
| 137 | if (idElem == null) |
||
| 138 | { |
||
| 139 | directoryNodeType = DirectoryNodeType.external; |
||
| 140 | break; |
||
| 141 | } |
||
| 142 | Rights r = buildRights(idElem, namespaces); |
||
| 143 | if (r != null) |
||
| 144 | rights.add(r); |
||
| 145 | 1.5.0/docs/api/java/lang/String.html">String name = idElem.getQName().getName(); |
||
| 1067 | jmachado | 146 | boolean node = 1.5.0/docs/api/java/lang/Boolean.html">Boolean.parseBoolean(idElem.attributeValue("node")); |
| 147 | if (name.equals("leaf") && !node) |
||
| 368 | jmachado | 148 | { |
| 149 | directoryNodeType = DirectoryNodeType.leaf; |
||
| 150 | actualNodeId = id; |
||
| 151 | actualNode = idElem; |
||
| 152 | } |
||
| 1067 | jmachado | 153 | else if (name.equals("leaf") && node) |
| 368 | jmachado | 154 | { |
| 155 | directoryNodeType = DirectoryNodeType.node; |
||
| 156 | actualNodeId = id; |
||
| 157 | actualNode = idElem; |
||
| 158 | } |
||
| 159 | else if (name.equals("directory")) |
||
| 160 | { |
||
| 161 | directoryNodeType = DirectoryNodeType.directory; |
||
| 162 | actualNodeId = id; |
||
| 163 | actualNode = idElem; |
||
| 164 | } |
||
| 165 | else |
||
| 166 | { |
||
| 167 | logger.error("Unexpected node " + name + " with id " + id); |
||
| 168 | return mapping.findForward("500"); |
||
| 169 | } |
||
| 170 | stopName++; |
||
| 171 | } |
||
| 172 | if (directoryNodeType == null) |
||
| 173 | { |
||
| 174 | logger.error("Unexpected, no nodes found for given id path " + path + " in directory " + directory); |
||
| 175 | return mapping.findForward("500"); |
||
| 176 | } |
||
| 177 | else |
||
| 178 | { |
||
| 179 | if (!checkRights(rights, userSession)) |
||
| 180 | throw new NotAuthorizedException("user: " + userSession.getUsername() + " trying access node " + actualNodeId + " in directory " + directory); |
||
| 181 | if (!pruneDocument(directoryDocument.getRootElement(), namespaces, userSession)) |
||
| 182 | { |
||
| 183 | throw new NotAuthorizedException("user: " + userSession.getUsername() + " trying access directory: " + directory); |
||
| 184 | } |
||
| 185 | 1.5.0/docs/api/java/lang/String.html">String externalFile = buildExternalFile(stopName, ids); |
||
| 186 | |||
| 379 | jmachado | 187 | putInRequestCommonAttributes(request,actualNode, actualNodeId, directoryDocument); |
| 368 | jmachado | 188 | |
| 189 | 5+0%2Fdocs%2Fapi+Attribute">Attribute layoutStrAtt = directoryDocument.getRootElement().attribute("layout"); |
||
| 190 | 5+0%2Fdocs%2Fapi+Attribute">Attribute layoutRootStrAtt = directoryDocument.getRootElement().attribute("layoutRoot"); |
||
| 191 | 1.5.0/docs/api/java/lang/String.html">String layoutChoosed = (layoutStrAtt != null ? layoutStrAtt.getValue() : "layoutEmpty"); |
||
| 192 | 1.5.0/docs/api/java/lang/String.html">String rootLayoutChoosed = (layoutRootStrAtt != null ? layoutRootStrAtt.getValue() : "layout1"); |
||
| 193 | |||
| 194 | if (directoryNodeType == DirectoryNodeType.node) |
||
| 195 | { |
||
| 196 | request.setAttribute("element", "node"); |
||
| 197 | return mapping.findForward(layoutChoosed); |
||
| 198 | } |
||
| 199 | else if (directoryNodeType == DirectoryNodeType.directory) |
||
| 200 | { |
||
| 201 | request.setAttribute("element", "node"); |
||
| 202 | return mapping.findForward(rootLayoutChoosed); |
||
| 203 | } |
||
| 204 | else if (directoryNodeType == DirectoryNodeType.leaf || directoryNodeType == DirectoryNodeType.external) |
||
| 205 | { |
||
| 206 | request.setAttribute("element", "leaf"); |
||
| 207 | |||
| 208 | 1.5.0/docs/api/java/lang/String.html">String url = getAttributeValue(actualNode, "url"); |
||
| 209 | 1.5.0/docs/api/java/lang/String.html">String label = getAttributeValue(actualNode, "label"); |
||
| 210 | 1.5.0/docs/api/java/lang/String.html">String xml = getAttributeValue(actualNode, "xml"); |
||
| 211 | 1.5.0/docs/api/java/lang/String.html">String layout = getAttributeValue(actualNode, "layout"); |
||
| 212 | 1.5.0/docs/api/java/lang/String.html">String style = getAttributeValue(actualNode, "style"); |
||
| 213 | 1.5.0/docs/api/java/lang/String.html">String absolute = getAttributeValue(actualNode, "absolute"); |
||
| 214 | 1.5.0/docs/api/java/lang/String.html">String proxy = getAttributeValue(actualNode, "proxy"); |
||
| 215 | |||
| 216 | if(style == null) |
||
| 217 | style = "true"; |
||
| 218 | |||
| 219 | //Confirm just in case |
||
| 220 | if (url != null && absolute != null && absolute.equals("true")) |
||
| 221 | return redirect(response, url); |
||
| 222 | else |
||
| 223 | { |
||
| 224 | boolean layoutDo = true; |
||
| 225 | if (layout != null && layout.length() > 0) layoutDo = 1.5.0/docs/api/java/lang/Boolean.html">Boolean.parseBoolean(layout); |
||
| 226 | if (!layoutDo) layoutChoosed = "layoutEmpty"; |
||
| 379 | jmachado | 227 | putProxyAttributes(request, proxy, externalFile,xml,url); |
| 1312 | jmachado | 228 | FtpManager.checkIfAnyFilesToUploadFromRequest(this, request, response); |
| 368 | jmachado | 229 | request.setAttribute("label", label); |
| 230 | request.setAttribute("style", style); |
||
| 231 | request.setAttribute("xml", xml); |
||
| 232 | if(style.equals("false") && !layoutDo) |
||
| 233 | request.setAttribute("useOutputStream", "true"); |
||
| 234 | if(request.getAttribute("useOutputStream") != null && request.getAttribute("useOutputStream").equals("true")) |
||
| 235 | { |
||
| 236 | ActionForward forward = new ActionForward(); |
||
| 237 | forward.setPath("/DirWebProxy"); |
||
| 238 | return forward; |
||
| 239 | } |
||
| 240 | else |
||
| 241 | { |
||
| 242 | return mapping.findForward(layoutChoosed); |
||
| 243 | } |
||
| 244 | } |
||
| 245 | } |
||
| 246 | } |
||
| 247 | } |
||
| 1069 | jmachado | 248 | catch (1.5.0/docs/api/java/lang/Throwable.html">Throwable e) { |
| 368 | jmachado | 249 | logger.error(e, e); |
| 250 | throw new 1.5.0/docs/api/java/io/IOException.html">IOException(e.toString()); |
||
| 251 | } |
||
| 252 | ActionForward forward = new ActionForward(); |
||
| 253 | request.setAttribute("useOutputStream", "true"); |
||
| 254 | forward.setPath("/WebProxy"); |
||
| 255 | return forward; |
||
| 256 | } |
||
| 257 | |||
| 258 | private 1.5.0/docs/api/java/lang/String.html">String getAttributeValue(5+0%2Fdocs%2Fapi+Element">Element actualNode, 1.5.0/docs/api/java/lang/String.html">String name) |
||
| 259 | { |
||
| 260 | return (actualNode.attribute(name) != null ? actualNode.attribute(name).getValue() : null); |
||
| 261 | } |
||
| 262 | |||
| 379 | jmachado | 263 | private void putProxyAttributes(HttpServletRequest request, 1.5.0/docs/api/java/lang/String.html">String proxy, 1.5.0/docs/api/java/lang/String.html">String externalFile, 1.5.0/docs/api/java/lang/String.html">String xml, 1.5.0/docs/api/java/lang/String.html">String url) |
| 368 | jmachado | 264 | { |
| 617 | jmachado | 265 | |
| 368 | jmachado | 266 | 1.5.0/docs/api/java/lang/String.html">String server = ConfigProperties.getProperty("server." + proxy); |
| 267 | 1.5.0/docs/api/java/lang/String.html">String proxyHost = ConfigProperties.getProperty(proxy + ".proxy.host"); |
||
| 268 | 1.5.0/docs/api/java/lang/String.html">String proxyPort = ConfigProperties.getProperty(proxy + ".proxy.port"); |
||
| 269 | 1.5.0/docs/api/java/lang/String.html">String confStartPath = ConfigProperties.getProperty("server." + proxy + ".start.path"); |
||
| 270 | |||
| 379 | jmachado | 271 | |
| 272 | request.setAttribute("leaf.url", url); |
||
| 368 | jmachado | 273 | request.setAttribute("server", server); |
| 379 | jmachado | 274 | request.setAttribute("proxyKey", proxy); |
| 368 | jmachado | 275 | request.setAttribute("proxy.host", proxyHost); |
| 276 | request.setAttribute("proxy.port", proxyPort); |
||
| 277 | if (confStartPath != null) |
||
| 278 | externalFile = confStartPath + externalFile; |
||
| 279 | request.setAttribute("path", externalFile); |
||
| 379 | jmachado | 280 | request.setAttribute("startPath", confStartPath); |
| 368 | jmachado | 281 | |
| 406 | jmachado | 282 | |
| 388 | jmachado | 283 | if(confStartPath == null) |
| 284 | confStartPath = ""; |
||
| 285 | if(externalFile == null) |
||
| 286 | externalFile = ""; |
||
| 385 | jmachado | 287 | boolean isLeafButBringsNoExternalPathAfterPathInXml = confStartPath.equals(externalFile); |
| 288 | if(isLeafButBringsNoExternalPathAfterPathInXml || (xml != null && xml.equals("true"))) |
||
| 368 | jmachado | 289 | { |
| 290 | 1.5.0/docs/api/java/lang/String.html">String encoding = ConfigProperties.getProperty(proxy + ".encoding"); |
||
| 291 | request.setAttribute("encoding", encoding); |
||
| 292 | request.setAttribute("useOutputStream", "false"); |
||
| 293 | return; |
||
| 294 | } |
||
| 295 | for(1.5.0/docs/api/java/lang/String.html">String extension: pt.estgp.estgweb.Globals.PROXY_EXTENSIONS) |
||
| 296 | { |
||
| 297 | if(externalFile.endsWith("." + extension)) |
||
| 298 | { |
||
| 299 | 1.5.0/docs/api/java/lang/String.html">String encoding = ConfigProperties.getProperty(proxy + ".encoding"); |
||
| 300 | request.setAttribute("encoding", encoding); |
||
| 301 | request.setAttribute("useOutputStream", "false"); |
||
| 302 | return; |
||
| 303 | } |
||
| 304 | } |
||
| 379 | jmachado | 305 | if(!server.startsWith("ftp://")) |
| 306 | request.setAttribute("useOutputStream", "true"); |
||
| 368 | jmachado | 307 | } |
| 308 | |||
| 379 | jmachado | 309 | private void putInRequestCommonAttributes(HttpServletRequest request,5+0%2Fdocs%2Fapi+Element">Element actualNode, 1.5.0/docs/api/java/lang/String.html">String actualNameId, 5+0%2Fdocs%2Fapi+Document">Document directoryDocument) |
| 368 | jmachado | 310 | { |
| 311 | /** |
||
| 312 | * Attributes used in Nodes and Leafs |
||
| 313 | */ |
||
| 314 | |||
| 315 | 5+0%2Fdocs%2Fapi+Attribute">Attribute targetRoleStrAtt = directoryDocument.getRootElement().attribute("targetRole"); |
||
| 316 | 5+0%2Fdocs%2Fapi+Attribute">Attribute styleStrAtt = directoryDocument.getRootElement().attribute("style"); |
||
| 317 | |||
| 318 | 1.5.0/docs/api/java/lang/String.html">String targetRoleChoosed = (targetRoleStrAtt != null ? targetRoleStrAtt.getValue() : pt.estgp.estgweb.Globals.ALL_ROLE); |
||
| 319 | 1.5.0/docs/api/java/lang/String.html">String styleChoosed = (styleStrAtt != null ? styleStrAtt.getValue() : "style1.xsl"); |
||
| 320 | |||
| 321 | /** |
||
| 322 | * Prepare request to forward to Layout Tile |
||
| 323 | */ |
||
| 324 | request.setAttribute("stylesheet", "/pt/estgp/estgweb/directories/" + styleChoosed); |
||
| 325 | request.setAttribute("directoryDocument", directoryDocument); |
||
| 326 | request.setAttribute("actualNodeId", actualNameId); |
||
| 379 | jmachado | 327 | request.setAttribute("actualNode", actualNode); |
| 368 | jmachado | 328 | request.setAttribute("targetRole", targetRoleChoosed); |
| 329 | } |
||
| 330 | |||
| 331 | private ActionForward redirect(HttpServletResponse response, 1.5.0/docs/api/java/lang/String.html">String url) throws 1.5.0/docs/api/java/io/IOException.html">IOException |
||
| 332 | { |
||
| 333 | response.sendRedirect(url); |
||
| 334 | ActionForward forward = new ActionForward(); |
||
| 335 | forward.setRedirect(true); |
||
| 336 | forward.setPath(url); |
||
| 337 | return forward; |
||
| 338 | } |
||
| 339 | |||
| 1312 | jmachado | 340 | /** |
| 341 | * Creates the name of the file in the link considering the last ID in url |
||
| 342 | * |
||
| 343 | * example for /student/servicosOnLine/servSecretaria/public/portal/servicosSecretaria.html |
||
| 344 | * in directory student |
||
| 345 | * external name will be |
||
| 346 | * /public/portal/servicosSecretaria.html |
||
| 347 | * because there are nodes in directory with id student, servicosOnLine and servSecretaria |
||
| 348 | * |
||
| 349 | * example if url = /student/servicosOnLine/servSecretaria/ |
||
| 350 | * externalFile will be "" with len = 0 URL must be obtained from LEAF |
||
| 351 | * Verificado este caso em que stopName = ultimo ID |
||
| 352 | * No DirWebProxy a primeira coisa que é feita se o path = confStartPath é concatenar |
||
| 353 | * o leaf URL caso contrario o LEAF URL é ignorado |
||
| 354 | * @param stopName first id not in directory tree |
||
| 355 | * @param ids list of words separated by / in url |
||
| 356 | * @return external file url path |
||
| 357 | */ |
||
| 368 | jmachado | 358 | private 1.5.0/docs/api/java/lang/String.html">String buildExternalFile(int stopName, 1.5.0/docs/api/java/lang/String.html">String[] ids) |
| 359 | { |
||
| 360 | |||
| 361 | if (stopName <= ids.length) |
||
| 362 | { |
||
| 363 | 1.5.0/docs/api/java/lang/StringBuilder.html">StringBuilder externalFileBuilder = new 1.5.0/docs/api/java/lang/StringBuilder.html">StringBuilder(); |
||
| 364 | for (int i = stopName; i < ids.length; i++) |
||
| 365 | { |
||
| 366 | int questionMark = ids[i].indexOf("?"); |
||
| 367 | if (questionMark >= 0) |
||
| 368 | { |
||
| 369 | externalFileBuilder.append("/").append(ids[i].substring(0, questionMark)); |
||
| 370 | break; |
||
| 371 | } |
||
| 372 | else |
||
| 373 | externalFileBuilder.append("/").append(ids[i]); |
||
| 374 | } |
||
| 375 | return externalFileBuilder.toString(); |
||
| 376 | } |
||
| 377 | return null; |
||
| 378 | } |
||
| 379 | |||
| 379 | jmachado | 380 | public static Namespace dirNamespace = new Namespace("d", "http://www.estgp.pt/baco/directory/"); |
| 1067 | jmachado | 381 | //public static QName nodeDir = new QName("node", dirNamespace); |
| 382 | //public static QName leafDir = new QName("leaf", dirNamespace); |
||
| 368 | jmachado | 383 | |
| 384 | private boolean pruneDocument(5+0%2Fdocs%2Fapi+Element">Element startElem, 1.5.0/docs/api/java/util/Map.html">Map namespaces, UserSession userSession) |
||
| 385 | { |
||
| 386 | Rights rights = buildRights(startElem, namespaces); |
||
| 387 | if (rights != null && !checkRights(rights, userSession)) |
||
| 388 | { |
||
| 389 | 5+0%2Fdocs%2Fapi+Element">Element parentNode = startElem.getParent(); |
||
| 390 | if (parentNode != null) |
||
| 391 | parentNode.remove(startElem); |
||
| 392 | return false; |
||
| 393 | } |
||
| 1067 | jmachado | 394 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath leafXpath = startElem.createXPath("./d:leaf[@node='false']"); |
| 395 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath nodeXpath = startElem.createXPath("./d:leaf[@node='true']"); |
||
| 396 | leafXpath.setNamespaceURIs(namespaces); |
||
| 397 | nodeXpath.setNamespaceURIs(namespaces); |
||
| 398 | List<Element> nodes = nodeXpath.selectNodes(startElem); |
||
| 399 | List<Element> leafs = leafXpath.selectNodes(startElem); |
||
| 368 | jmachado | 400 | for (5+0%2Fdocs%2Fapi+Element">Element childNode : nodes) |
| 401 | { |
||
| 402 | pruneDocument(childNode, namespaces, userSession); |
||
| 403 | } |
||
| 404 | for (5+0%2Fdocs%2Fapi+Element">Element childLeaf : leafs) |
||
| 405 | { |
||
| 406 | pruneDocument(childLeaf, namespaces, userSession); |
||
| 407 | } |
||
| 408 | return true; |
||
| 409 | } |
||
| 410 | |||
| 411 | private Rights buildRights(5+0%2Fdocs%2Fapi+Element">Element nodeOrLeaf, 1.5.0/docs/api/java/util/Map.html">Map namespaces) |
||
| 412 | { |
||
| 413 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath rightsXpath = nodeOrLeaf.createXPath("./d:rights"); |
||
| 414 | rightsXpath.setNamespaceURIs(namespaces); |
||
| 415 | 5+0%2Fdocs%2Fapi+Element">Element rightsElem = (5+0%2Fdocs%2Fapi+Element">Element) rightsXpath.selectSingleNode(nodeOrLeaf); |
||
| 416 | if (rightsElem == null) |
||
| 417 | return null; |
||
| 418 | else |
||
| 419 | { |
||
| 420 | Rights rights = new Rights(); |
||
| 421 | |||
| 1067 | jmachado | 422 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath userXpath = rightsElem.createXPath("./d:right[@target='user']"); |
| 368 | jmachado | 423 | userXpath.setNamespaceURIs(namespaces); |
| 424 | List<Element> userElems = userXpath.selectNodes(rightsElem); |
||
| 425 | |||
| 1067 | jmachado | 426 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath roleXpath = rightsElem.createXPath("./d:right[@target='role']"); |
| 368 | jmachado | 427 | roleXpath.setNamespaceURIs(namespaces); |
| 428 | List<Element> rolesElems = roleXpath.selectNodes(rightsElem); |
||
| 429 | |||
| 430 | 1.5.0/docs/api/javax/xml/xpath/XPath.html">XPath internalXpath = rightsElem.createXPath("./d:internal"); |
||
| 431 | internalXpath.setNamespaceURIs(namespaces); |
||
| 432 | 5+0%2Fdocs%2Fapi+Element">Element internalElem = (5+0%2Fdocs%2Fapi+Element">Element) internalXpath.selectSingleNode(rightsElem); |
||
| 433 | |||
| 434 | |||
| 435 | rights.rightsT = new ArrayList<RightsT>(); |
||
| 436 | |||
| 437 | if (userElems != null && userElems.size() > 0) |
||
| 438 | { |
||
| 439 | for (5+0%2Fdocs%2Fapi+Element">Element userElem : userElems) |
||
| 440 | { |
||
| 441 | RightsT rightsT = new RightsT(); |
||
| 442 | rightsT.rightsTClass = RightsT.RightsTClass.user; |
||
| 1067 | jmachado | 443 | rightsT.text = userElem.attribute("name").getText(); |
| 368 | jmachado | 444 | 1.5.0/docs/api/java/lang/String.html">String type = userElem.attribute("type").getText(); |
| 445 | if (type.equals("permit")) |
||
| 446 | rightsT.type = RightsT.RightsTType.permit; |
||
| 447 | else |
||
| 448 | rightsT.type = RightsT.RightsTType.restrict; |
||
| 449 | rights.rightsT.add(rightsT); |
||
| 450 | } |
||
| 451 | } |
||
| 452 | |||
| 453 | if (rolesElems != null && rolesElems.size() > 0) |
||
| 454 | { |
||
| 455 | for (5+0%2Fdocs%2Fapi+Element">Element roleElem : rolesElems) |
||
| 456 | { |
||
| 457 | RightsT rightsT = new RightsT(); |
||
| 458 | rightsT.rightsTClass = RightsT.RightsTClass.role; |
||
| 1067 | jmachado | 459 | rightsT.text = roleElem.attribute("name").getText(); |
| 368 | jmachado | 460 | 1.5.0/docs/api/java/lang/String.html">String type = roleElem.attribute("type").getText(); |
| 461 | if (type.equals("permit")) |
||
| 462 | rightsT.type = RightsT.RightsTType.permit; |
||
| 463 | else |
||
| 464 | rightsT.type = RightsT.RightsTType.restrict; |
||
| 465 | rights.rightsT.add(rightsT); |
||
| 466 | } |
||
| 467 | } |
||
| 468 | |||
| 469 | if (internalElem != null) |
||
| 470 | { |
||
| 471 | if (internalElem.getText() != null && internalElem.getText().trim().equals("true")) |
||
| 472 | rights.internal = true; |
||
| 473 | } |
||
| 474 | return rights; |
||
| 475 | } |
||
| 476 | } |
||
| 477 | |||
| 478 | private boolean checkRights(List<Rights> rights, UserSession userSession) |
||
| 479 | { |
||
| 480 | if (rights != null && rights.size() > 0) |
||
| 481 | { |
||
| 482 | for (Rights r : rights) |
||
| 483 | { |
||
| 484 | if (!checkRights(r, userSession)) |
||
| 485 | return false; |
||
| 486 | } |
||
| 487 | return true; |
||
| 488 | } |
||
| 489 | return true; |
||
| 490 | } |
||
| 491 | |||
| 492 | /** |
||
| 493 | * Check if a user can access through a Rights Element |
||
| 494 | * |
||
| 495 | * @param r |
||
| 496 | * @param userSession |
||
| 497 | * @return |
||
| 498 | */ |
||
| 499 | private boolean checkRights(Rights r, UserSession userSession) |
||
| 500 | { |
||
| 501 | if (r.internal && userSession.getUser() == null) |
||
| 502 | return false; |
||
| 503 | else |
||
| 504 | { |
||
| 505 | if (r.rightsT != null && r.rightsT.size() > 0) |
||
| 506 | { |
||
| 507 | boolean ok = true; |
||
| 508 | boolean permitActivated = false; |
||
| 509 | for (RightsT rightsT : r.rightsT) |
||
| 510 | { |
||
| 511 | if (permitActivated && rightsT.type == RightsT.RightsTType.restrict) |
||
| 512 | { |
||
| 513 | //do nothing |
||
| 514 | } |
||
| 515 | else |
||
| 516 | { |
||
| 517 | if (rightsT.type == RightsT.RightsTType.restrict) //implicitly permitActivated = false |
||
| 518 | { |
||
| 519 | if (rightsT.rightsTClass == RightsT.RightsTClass.user && userSession.getUsername() != null && userSession.getUsername().equals(rightsT.text)) |
||
| 520 | return false; |
||
| 521 | else |
||
| 1283 | jmachado | 522 | if (rightsT.rightsTClass == RightsT.RightsTClass.role && userSession.getUsername() != null && userSession.getUser() != null && userSession.getUser().hasRole(rightsT.text)) |
| 368 | jmachado | 523 | return false; |
| 524 | } |
||
| 525 | else |
||
| 526 | { |
||
| 527 | //One permit mean that just if specific permission was given it will let him pass |
||
| 528 | permitActivated = true; |
||
| 529 | ok = false; |
||
| 530 | if (rightsT.rightsTClass == RightsT.RightsTClass.user && userSession.getUsername() != null && userSession.getUsername().equals(rightsT.text)) |
||
| 531 | { |
||
| 532 | ok = true; |
||
| 533 | break; |
||
| 534 | } |
||
| 535 | else |
||
| 536 | if (rightsT.rightsTClass == RightsT.RightsTClass.role && userSession.getUsername() != null && userSession.getUser().hasRole(rightsT.text)) |
||
| 537 | { |
||
| 538 | ok = true; |
||
| 539 | break; |
||
| 540 | } |
||
| 541 | } |
||
| 542 | } |
||
| 543 | } |
||
| 544 | if (!ok) |
||
| 545 | return false; |
||
| 546 | } |
||
| 547 | } |
||
| 548 | return true; |
||
| 549 | } |
||
| 550 | |||
| 551 | |||
| 552 | |||
| 553 | |||
| 554 | } |