View Javadoc

1   // 
2   // Copyright (c) 2003-2005, Caltha - Gajda, Krzewski, Mach, Potempski Sp.J. 
3   // All rights reserved. 
4   // 
5   // Redistribution and use in source and binary forms, with or without modification,  
6   // are permitted provided that the following conditions are met: 
7   //  
8   // * Redistributions of source code must retain the above copyright notice,  
9   //	 this list of conditions and the following disclaimer. 
10  // * Redistributions in binary form must reproduce the above copyright notice,  
11  //	 this list of conditions and the following disclaimer in the documentation  
12  //	 and/or other materials provided with the distribution. 
13  // * Neither the name of the Caltha - Gajda, Krzewski, Mach, Potempski Sp.J.  
14  //	 nor the names of its contributors may be used to endorse or promote products  
15  //	 derived from this software without specific prior written permission. 
16  // 
17  // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"  
18  // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED  
19  // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
20  // IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,  
21  // INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,  
22  // BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 
23  // OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,  
24  // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)  
25  // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE  
26  // POSSIBILITY OF SUCH DAMAGE. 
27  // 
28  package org.objectledge.web.mvc.builders;
29  
30  import org.objectledge.authentication.AuthenticationContext;
31  import org.objectledge.context.Context;
32  import org.objectledge.pipeline.ProcessingException;
33  import org.objectledge.pipeline.Valve;
34  import org.objectledge.web.mvc.MVCContext;
35  import org.objectledge.web.mvc.security.Policy;
36  import org.objectledge.web.mvc.security.PolicySystem;
37  import org.objectledge.web.mvc.security.SecurityChecking;
38  
39  /***
40   * An action that must be protected by a specific policy. 
41   *
42   * @author <a href="mailto:rafal@caltha.pl">Rafal Krzewski</a>
43   * @version $Id: PolicyProtectedAction.java,v 1.1 2005/05/06 09:38:09 rafal Exp $
44   */
45  public abstract class PolicyProtectedAction
46      implements SecurityChecking, Valve
47  {
48      private final PolicySystem policySystem;
49  
50      /***
51       * Creates new PolicyProtectedBuider instance.
52       * 
53       * @param policySystemArg the PolicySystem component.
54       */
55      public PolicyProtectedAction(PolicySystem policySystemArg)
56      {
57          this.policySystem = policySystemArg;
58      }
59  
60      /***
61       * {@inheritDoc}
62       */
63      public boolean requiresSecureChannel(Context context)
64          throws Exception
65      {
66          return false;
67      }
68  
69      /***
70       * {@inheritDoc}
71       */
72      public boolean requiresAuthenticatedUser(Context context)
73          throws Exception
74      {
75          Policy policy = getPolicy(context);
76          AuthenticationContext authenticationContext =
77              AuthenticationContext.getAuthenticationContext(context);
78          return !policy.requiresLogin() || authenticationContext.isUserAuthenticated();
79      }
80  
81      /***
82       * {@inheritDoc}
83       */
84      public boolean checkAccessRights(Context context)
85          throws Exception
86      {
87          Policy policy = getPolicy(context);
88          AuthenticationContext authenticationContext =
89              AuthenticationContext.getAuthenticationContext(context);
90          return policySystem.checkPolicy(authenticationContext.getUserPrincipal(),
91              authenticationContext.isUserAuthenticated(), policy);
92      }
93      
94      /***
95       * Retruns a policy matching the current request.
96       * 
97       * @param context the request context.
98       * @return the matching policy.
99       * @throws ProcessingException if no policy matches the request.
100      */
101     private Policy getPolicy(Context context)
102         throws ProcessingException
103     {
104         MVCContext mvcContext = MVCContext.getMVCContext(context);
105         Policy policy = policySystem.getPolicy(mvcContext.getView(), mvcContext.getAction());
106         if(policy == null)
107         {
108             throw new ProcessingException(mvcContext.getAction() + 
109                 " is not matched by any access policy");
110         }
111         return policy;
112     }
113 }