1 package org.saf.struts.manager;
2
3 import org.apache.commons.logging.Log;
4 import org.apache.commons.logging.LogFactory;
5
6 import org.apache.struts.action.Action;
7 import org.apache.struts.action.ActionForm;
8 import org.apache.struts.action.ActionForward;
9 import org.apache.struts.action.ActionMapping;
10
11 import org.saf.struts.bean.AuthorizationAction;
12 import org.saf.struts.bean.AuthorizationDefinition;
13 import org.saf.struts.config.StrutsAuthorizationConfig;
14 import org.saf.struts.util.SafContext;
15 import org.saf.struts.util.SafPluginUtils;
16
17 import java.util.HashSet;
18 import java.util.Map;
19 import java.util.Set;
20
21 import javax.servlet.ServletException;
22 import javax.servlet.http.HttpServletRequest;
23 import javax.servlet.http.HttpServletResponse;
24
25
26 public class BasicAuthorizationManager implements AuthorizationManagerInterface {
27 private final static Log log = LogFactory.getLog(BasicAuthorizationManager.class);
28 private final static boolean LOG_DEBUG = log.isDebugEnabled();
29 private final static boolean LOG_INFO = log.isInfoEnabled();
30
31 /***
32 * @see org.saf.struts.manager.AuthorizationManagerInterface#isAuthorized(org.apache.struts.action.Action,
33 * org.apache.struts.action.ActionMapping,
34 * org.apache.struts.action.ActionForm,
35 * javax.servlet.http.HttpServletRequest,
36 * javax.servlet.http.HttpServletResponse)
37 */
38 public boolean isAuthorized(Action action, ActionMapping mapping,
39 ActionForm form, HttpServletRequest request,
40 HttpServletResponse response) throws ServletException {
41 if (LOG_INFO) {
42 log.info("isAuthorizated - begin");
43 }
44
45 if (SafPluginUtils.isCancelled(request)) {
46 if (LOG_DEBUG) {
47 log.debug("Cancel button pressed, authorization ok");
48 }
49
50 return true;
51 }
52
53 SafContext context = SafContext.getInstance();
54 StrutsAuthorizationConfig config = context.getConfig();
55
56 AuthorizationAction authAction = SafPluginUtils.getAuthorizationAction(config,
57 action);
58
59 if (authAction == null) {
60 if (LOG_DEBUG) {
61 log.debug("No AuthorizationAction defined for action : " +
62 action);
63 }
64
65 return true;
66 }
67
68 String methodName = SafPluginUtils.getMethodToExecute(mapping, request);
69 AuthorizationDefinition actionAuthDef = SafPluginUtils.getActionAuthorizationDefinitionMap(config,
70 authAction);
71 AuthorizationDefinition methodAuthDef = SafPluginUtils.getMethodAuthorizationDefinitionMap(config,
72 authAction, methodName);
73 AuthorizationDefinition definedAuthDef = SafPluginUtils.getDefinedAuthorizationDefinitionMap(request);
74
75 Map authorizationDefinitionMap = null;
76
77 if (methodAuthDef != null) {
78 authorizationDefinitionMap = methodAuthDef.getDefinitionMap();
79 } else if (actionAuthDef != null) {
80 authorizationDefinitionMap = actionAuthDef.getDefinitionMap();
81 }
82
83 if (authorizationDefinitionMap == null) {
84 log.debug(
85 "No authorization rules defined, authorization ok for BasicAuthorizationManager");
86
87 return true;
88 }
89
90 if (definedAuthDef == null) {
91 log.warn("No authorization found for principal");
92
93 return false;
94 }
95
96 Set authDefSet = new HashSet(authorizationDefinitionMap.values());
97 Set definedAuthDefSet = new HashSet(definedAuthDef.getDefinitionMap()
98 .values());
99
100 log.info("isAuthorizated - end");
101
102 return definedAuthDefSet.containsAll(authDefSet);
103 }
104
105 /***
106 * @see org.saf.struts.manager.AuthorizationManagerInterface#doAfterAuthorization(org.apache.struts.action.Action,
107 * org.apache.struts.action.ActionMapping,
108 * org.apache.struts.action.ActionForm,
109 * javax.servlet.http.HttpServletRequest,
110 * javax.servlet.http.HttpServletResponse)
111 */
112 public void doAfterAuthorization(Action action, ActionMapping mapping,
113 ActionForm form, HttpServletRequest request,
114 HttpServletResponse response) throws ServletException {
115 log.info("doAfterAuthorization - begin");
116 log.info("doAfterAuthorization - end");
117 }
118
119 /***
120 * @see org.saf.struts.manager.AuthorizationManagerInterface#doAfterAuthorizationFailed(org.apache.struts.action.Action,
121 * org.apache.struts.action.ActionMapping,
122 * org.apache.struts.action.ActionForm,
123 * javax.servlet.http.HttpServletRequest,
124 * javax.servlet.http.HttpServletResponse)
125 */
126 public ActionForward doAfterAuthorizationFailed(Action action,
127 ActionMapping mapping, ActionForm form, HttpServletRequest request,
128 HttpServletResponse response) throws ServletException {
129 log.info("doAfterAuthorizationFailed - begin");
130
131 SafContext context = SafContext.getInstance();
132 StrutsAuthorizationConfig config = context.getConfig();
133 String methodName = SafPluginUtils.getMethodToExecute(mapping, request);
134
135 log.info("doAfterAuthorizationFailed - end");
136
137 return SafPluginUtils.getErrorForward(config, mapping, action,
138 methodName);
139 }
140
141 /***
142 * @see org.saf.struts.manager.AuthorizationManagerInterface#doBeforeAuthorization(org.apache.struts.action.Action,
143 * org.apache.struts.action.ActionMapping,
144 * org.apache.struts.action.ActionForm,
145 * javax.servlet.http.HttpServletRequest,
146 * javax.servlet.http.HttpServletResponse)
147 */
148 public void doBeforeAuthorization(Action action, ActionMapping mapping,
149 ActionForm form, HttpServletRequest request,
150 HttpServletResponse response) throws ServletException {
151 log.info("doBeforeAuthorization - begin");
152 log.info("doBeforeAuthorization - end");
153 }
154 }