package org.saf.struts.util;
   
   import org.apache.commons.logging.Log;
   import org.apache.commons.logging.LogFactory;
   
   import org.saf.struts.bean.AuthorizationDefinition;
   import org.saf.struts.config.StrutsAuthorizationConfig;
   import org.saf.struts.exception.SafAuthorizationException;
   
  import java.util.HashSet;
  import java.util.Map;
  import java.util.Set;
  
  import javax.servlet.ServletException;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpSession;
  
  
  /***
   * Utilities method which can be used in various struts applications to control
   * the authorization flow.
   *
   * @author Wim Tobback
   * @version 1.0
   *
   * @since 1.0
   */
  public class SafUtils {
      private final static Log log = LogFactory.getLog(SafUtils.class);
  
      /***
       * Sets the authorization definition of the principal in a struts
       * application.
       *
       * @param request The Http request we are processing.
       * @param defId The definition id of the authorization definition.
       *
       * @throws ServletException Occurs when an error has been thrown while
       *         trying to set the authorization definition.
       */
      public static void setAuthorizationDefinition(HttpServletRequest request,
          String defId) throws ServletException {
          SafContext context = SafContext.getInstance();
          StrutsAuthorizationConfig config = context.getConfig();
  
          if (config == null) {
              log.error("Struts authorization framework not correctly loaded");
              throw new ServletException(
                  "Struts authorization framework not correctly loaded");
          }
  
          Map authorizationDefinitionMap = config.getAuthorizationDefinitionMap();
          AuthorizationDefinition authDef = (AuthorizationDefinition) authorizationDefinitionMap.get(defId);
  
          if (authDef == null) {
              log.error(
                  "AuthorizationDefinition not found in the configuration file");
              throw new ServletException(
                  "AuthorizationDefinition not found in the configuration file");
          }
  
          HttpSession session = request.getSession();
          session.setAttribute(Globals.SAF_AUTHORIZATION_DEFINITION_KEY, authDef);
      }
  
      /***
       * Sets the authorization definition of the principal in a struts
       * application.
       *
       * @param request The Http request we are processing.
       * @param definition The AuthorizationDefinition DTO.
       *
       * @throws ServletException Occurs when an error has been thrown while
       *         trying to set the authorization definition.
       */
      public static void setAuthorizationDefinition(HttpServletRequest request,
          AuthorizationDefinition definition) throws ServletException {
          SafContext context = SafContext.getInstance();
          StrutsAuthorizationConfig config = context.getConfig();
  
          if (config == null) {
              log.error("Struts authorization framework not correctly loaded");
              throw new ServletException(
                  "Struts authorization framework not correctly loaded");
          }
  
          if (definition == null) {
              log.error("Passed a null object for the AuthorizationDefinition");
              throw new ServletException(
                  "Passed a null object for the AuthorizationDefinition");
          }
  
          Map authorizationDefinitionMap = config.getAuthorizationDefinitionMap();
          AuthorizationDefinition authDef = (AuthorizationDefinition) authorizationDefinitionMap.get(definition.getRefId());
  
          if (authDef == null) {
              log.error(
                  "AuthorizationDefinition not found in the configuration file");
              throw new ServletException(
                 "AuthorizationDefinition not found in the configuration file");
         }
 
         HttpSession session = request.getSession();
         session.setAttribute(Globals.SAF_AUTHORIZATION_DEFINITION_KEY, authDef);
     }
 
     /***
      * Returns the authorization definition of the principal store in the
      * session scope.
      *
      * @param request The Http request we are processing.
      *
      * @return The AuthorizationDefinition DTO stored in the session scope.
      *
      * @throws ServletException Occurs when an error has been thrown while
      *         trying to retrieve the AuthorizationDefinition.
      */
     public static AuthorizationDefinition getAuthorizationDefinition(
         HttpServletRequest request) throws ServletException {
         HttpSession session = request.getSession();
         AuthorizationDefinition authDef = (AuthorizationDefinition) session.getAttribute(Globals.SAF_AUTHORIZATION_DEFINITION_KEY);
 
         return authDef;
     }
 
     /***
      * Return a Map containing all the AuthorizationDefinition defined in the
      * saf config file.
      *
      * @return Map The Map containing the AuthorizationDefintions defined in
      *         the saf config file.
      *
      * @throws ServletException Occurs when an error has been thrown while
      *         trying to retrieve all the AuthorizationDefinition DTO's.
      */
     public static Map getAuthorizationDefinitionMap() throws ServletException {
         SafContext context = SafContext.getInstance();
         StrutsAuthorizationConfig config = context.getConfig();
 
         if (config == null) {
             log.error("Struts authorization framework not correctly loaded");
             throw new ServletException(
                 "Struts authorization framework not correctly loaded");
         }
 
         return config.getAuthorizationDefinitionMap();
     }
 
     /***
      * Checks if the user is authorized or not.
      *
      * @param request The Http request we are processing.
      * @param defId The definition id of the authorization definition.
      *
      * @return true if the user is authorized, otherwise false will be
      *         returned.
      *
      * @throws SafAuthorizationException Occurs when an error has been thrown
      *         while trying to check if the user is authorized.
      */
     public static boolean isAuthorized(HttpServletRequest request, String defId)
         throws SafAuthorizationException {
         boolean authorized = false;
         SafContext context = SafContext.getInstance();
         StrutsAuthorizationConfig config = context.getConfig();
 
         if (defId == null) {
             throw new SafAuthorizationException(
                 "No authorization definition specified");
         }
 
         Map authorizationDefinitionMap = config.getAuthorizationDefinitionMap();
         AuthorizationDefinition definedAuthorizationDefinition = (AuthorizationDefinition) authorizationDefinitionMap.get(defId);
 
         if (definedAuthorizationDefinition == null) {
             throw new SafAuthorizationException(
                 "No authorization definition found for defId : " + defId);
         }
 
         try {
             AuthorizationDefinition userAuthorizationDefinition = SafUtils.getAuthorizationDefinition(request);
 
             if (userAuthorizationDefinition == null) {
                 throw new SafAuthorizationException(
                     "No authorization definition found for user");
             }
 
             Set definedAuthorizationDefinitionList = new HashSet(definedAuthorizationDefinition.getDefinitionMap()
                                                                                                .values());
             Set userAuthorizationDefinitionList = new HashSet(userAuthorizationDefinition.getDefinitionMap()
                                                                                          .values());
             authorized = userAuthorizationDefinitionList.containsAll(definedAuthorizationDefinitionList);
         } catch (ServletException e) {
             throw new SafAuthorizationException(e);
         }
 
         return authorized;
     }
 }