Mercurial > hg > digilib-old

comparison servlet/src/digilib/auth/AuthOpsImpl.java @ 531:9cedd170b581 digilibPDF

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* PDF generation works now even with subdirectories * genericsification and clean up
author robcast
date Fri, 05 Feb 2010 20:58:38 +0100
parents 0ff3ede32060
children e758a49258e8
comparison
equal deleted inserted replaced
530:bd6569a95a3c 531:9cedd170b581
18 18
19 */ 19 */
20 20
21 package digilib.auth; 21 package digilib.auth;
22 22
23 import java.util.List;
24
23 import javax.servlet.http.HttpServletRequest; 25 import javax.servlet.http.HttpServletRequest;
24 import java.util.*;
25 26
26 import digilib.*; 27 import org.apache.log4j.Logger;
27 28
29 import digilib.servlet.DigilibRequest;
30
31 /** Basic implementation of AuthOps interface.
32 *
33 * Provides basic implementations. Only rolesForPath needs to be implemented
34 * by specific implementations.
35 */
28 public abstract class AuthOpsImpl implements AuthOps { 36 public abstract class AuthOpsImpl implements AuthOps {
29 37
30 protected Utils util; 38 /** general logger for this class */
31 39 protected Logger logger = Logger.getLogger(this.getClass());
40
41 /** Default constructor. */
32 public AuthOpsImpl() { 42 public AuthOpsImpl() {
33 util = new Utils();
34 try { 43 try {
35 init(); 44 init();
36 } catch (AuthOpException e) { 45 } catch (AuthOpException e) {
37 } 46 }
38 } 47 }
39 48
40 public AuthOpsImpl(Utils u) {
41 util = u;
42 try {
43 init();
44 } catch (AuthOpException e) {
45 }
46 }
47 49
50 /** Test if the request is allowed to access filepath.
51 * @param filepath filepath to be acessed.
52 * @param request Request with user information.
53 * @throws AuthOpException Exception thrown on error.
54 * @return true if the request is allowed.
55 */
48 public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException { 56 public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
49 // check permissions 57 // check permissions
50 List rolesRequired = rolesForPath(filepath, request); 58 List<String> rolesRequired = rolesForPath(filepath, request);
51 return (rolesRequired != null); 59 return (rolesRequired != null);
52 } 60 }
53 61
62 /**
63 * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest)
64 */
65 public boolean isAuthRequired(DigilibRequest request)
66 throws AuthOpException {
67 // check permissions
68 List<String> rolesRequired = rolesForPath(request);
69 return (rolesRequired != null);
70 }
71
72 /** Return authorization roles needed for request.
73 *
74 * Returns a list of authorization roles that would be allowed to access the
75 * specified path. The location information of the request is considered also.
76 * @param filepath filepath to be accessed.
77 * @param request ServletRequest with address information.
78 * @throws AuthOpException Exception thrown on error.
79 * @return List of Strings with role names.
80 */
54 public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException { 81 public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
55 List rolesAllowed = rolesForPath(filepath, request); 82 List<String> rolesAllowed = rolesForPath(filepath, request);
56 return isRoleAuthorized(rolesAllowed, request); 83 return isRoleAuthorized(rolesAllowed, request);
57 } 84 }
58 85
59 public boolean isRoleAuthorized(List roles, HttpServletRequest request) { 86 /**
60 ListIterator r = roles.listIterator(); 87 * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest)
61 String s = ""; 88 */
62 while (r.hasNext()) { 89 public boolean isAuthorized(DigilibRequest request)
63 s = (String)r.next(); 90 throws AuthOpException {
64 util.dprintln(5, "Testing role: "+s); 91 List<String> rolesAllowed = rolesForPath(request);
92 return isRoleAuthorized(rolesAllowed, request);
93 }
94
95 /** Test request authorization against a list of roles.
96 * @param roles List of Strings with role names.
97 * @param request ServletRequest with address information.
98 * @return true if the user information in the request authorizes one of the roles.
99 */
100 public boolean isRoleAuthorized(List<String> roles, HttpServletRequest request) {
101 for (String s: roles) {
102 logger.debug("Testing role: "+s);
65 if (request.isUserInRole(s)) { 103 if (request.isUserInRole(s)) {
66 util.dprintln(5, "Role Authorized"); 104 logger.debug("Role Authorized");
67 return true; 105 return true;
68 } 106 }
69 } 107 }
70 return false; 108 return false;
71 } 109 }
72 110
111 /**
112 * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, digilib.servlet.DigilibRequest)
113 */
114 public boolean isRoleAuthorized(List<String> roles, DigilibRequest request) {
115 for (String s: roles) {
116 logger.debug("Testing role: "+s);
117 if (((HttpServletRequest)request.getServletRequest()).isUserInRole(s)) {
118 logger.debug("Role Authorized");
119 return true;
120 }
121 }
122 return false;
123 }
124
73 public abstract void init() throws AuthOpException; 125 public abstract void init() throws AuthOpException;
74 126
75 public abstract List rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException; 127 public abstract List<String> rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException;
128
129 public abstract List<String> rolesForPath(DigilibRequest request) throws AuthOpException;
76 130
77 } 131 }