Mercurial > hg > digilib-old

view servlet/src/digilib/auth/AuthOpsImpl.java @ 149:04ad64b2137a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Servlet version 1.14b1 - better performance with thumbnails (really, this time :-) - new DocuInfo class - new Directory class - DocuFile uses String and Directory as data members - parameter rearrangements
author robcast
date Tue, 26 Aug 2003 22:28:43 +0200
parents 3b8797fc3e90
children afe7ff98bb71
line wrap: on
line source

/*  AuthOps -- Authentication class implementation

  Digital Image Library servlet components

  Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de)

  This program is free software; you can redistribute  it and/or modify it
  under  the terms of  the GNU General  Public License as published by the
  Free Software Foundation;  either version 2 of the  License, or (at your
  option) any later version.
   
  Please read license.txt for the full details. A copy of the GPL
  may be found at http://www.gnu.org/copyleft/lgpl.html

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

package digilib.auth;

import javax.servlet.http.HttpServletRequest;
import java.util.*;

import digilib.*;
import digilib.servlet.DigilibRequest;

/** Basic implementation of AuthOps interface.
 *
 * Provides basic implementations. Only rolesForPath needs to be implemented
 * by specific implementations.
 */
public abstract class AuthOpsImpl implements AuthOps {

  /** Local utils object. */    
  protected Utils util;

  /** Default constructor. */  
  public AuthOpsImpl() {
    util = new Utils();
    try {
      init();
    } catch (AuthOpException e) {
    }
  }

  /** Constructor taking an utils object.
   * @param u utils object.
   */  
  public AuthOpsImpl(Utils u) {
    util = u;
    try {
      init();
    } catch (AuthOpException e) {
    }
  }

  /** Test if the request is allowed to access filepath.
   * @param filepath filepath to be acessed.
   * @param request Request with user information.
   * @throws AuthOpException Exception thrown on error.
   * @return true if the request is allowed.
   */
  public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
    // check permissions
    List rolesRequired = rolesForPath(filepath, request);
    return (rolesRequired != null);
  }

  /**
   * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest)
   */
  public boolean isAuthRequired(DigilibRequest request)
	  throws AuthOpException {
		// check permissions
		List rolesRequired = rolesForPath(request);
		return (rolesRequired != null);
  }

  /** Return authorization roles needed for request.
   *
   * Returns a list of authorization roles that would be allowed to access the
   * specified path. The location information of the request is considered also.
   * @param filepath filepath to be accessed.
   * @param request ServletRequest with address information.
   * @throws AuthOpException Exception thrown on error.
   * @return List of Strings with role names.
   */
  public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
    List rolesAllowed = rolesForPath(filepath, request);
    return isRoleAuthorized(rolesAllowed, request);
  }

  /**
   * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest)
   */
  public boolean isAuthorized(DigilibRequest request)
	  throws AuthOpException {
		List rolesAllowed = rolesForPath(request);
		return isRoleAuthorized(rolesAllowed, request);
  }

  /** Test request authorization against a list of roles.
   * @param roles List of Strings with role names.
   * @param request ServletRequest with address information.
   * @return true if the user information in the request authorizes one of the roles.
   */
  public boolean isRoleAuthorized(List roles, HttpServletRequest request) {
    ListIterator r = roles.listIterator();
    String s = "";
    while (r.hasNext()) {
      s = (String)r.next();
      util.dprintln(5, "Testing role: "+s);
      if (request.isUserInRole(s)) {
        util.dprintln(5, "Role Authorized");
        return true;
      }
    }
    return false;
  }

  /**
   * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, digilib.servlet.DigilibRequest)
   */
  public boolean isRoleAuthorized(List roles, DigilibRequest request) {
	ListIterator r = roles.listIterator();
	String s = "";
	while (r.hasNext()) {
	  s = (String)r.next();
	  util.dprintln(5, "Testing role: "+s);
	  if (((HttpServletRequest)request.getServletRequest()).isUserInRole(s)) {
		util.dprintln(5, "Role Authorized");
		return true;
	  }
	}
	return false;
  }

  public abstract void init() throws AuthOpException;

  public abstract List rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException;

  public abstract List rolesForPath(DigilibRequest request) throws AuthOpException;

}