com.idega.slide.authentication.AuthenticationBusinessBean.java Source code

Java tutorial

Introduction

Here is the source code for com.idega.slide.authentication.AuthenticationBusinessBean.java

Source

/*
 * $Id: AuthenticationBusinessBean.java,v 1.14 2009/01/14 14:21:55 civilis Exp $
 * Created on 9.12.2004
 *
 * Copyright (C) 2004 Idega Software hf. All Rights Reserved.
 *
 * This software is the proprietary information of Idega hf.
 * Use is subject to license terms.
 */
package com.idega.slide.authentication;

import java.io.IOException;
import java.rmi.RemoteException;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.webdav.lib.Ace;
import org.apache.webdav.lib.Privilege;
import org.apache.webdav.lib.PropertyName;
import org.apache.webdav.lib.WebdavResource;
import org.apache.webdav.lib.WebdavResources;

import com.idega.business.IBOLookup;
import com.idega.business.IBOLookupException;
import com.idega.business.IBOServiceBean;
import com.idega.core.accesscontrol.business.LoginBusinessBean;
import com.idega.core.accesscontrol.business.StandardRoles;
import com.idega.slide.business.IWSlideService;
import com.idega.slide.util.AccessControlEntry;
import com.idega.slide.util.AccessControlList;
import com.idega.slide.util.IWSlideConstants;
import com.idega.slide.util.PropertyParser;
import com.idega.util.StringHandler;

/**
 * Last modified: $Date: 2009/01/14 14:21:55 $ by $Author: civilis $
 * 
 * @author <a href="mailto:gummi@idega.com">Gudmundur Agust Saemundsson</a>
 * @version $Revision: 1.14 $
 */
public class AuthenticationBusinessBean extends IBOServiceBean implements AuthenticationBusiness {

    private static final long serialVersionUID = 5768690543595785783L;
    // TODO extend Authenticationbusiness from core
    private static final String PATH_USERS = IWSlideConstants.PATH_USERS;
    private static final String PATH_GROUPS = IWSlideConstants.PATH_GROUPS;
    private static final String PATH_ROLES = IWSlideConstants.PATH_ROLES;
    private static final String SLASH = "/";
    // private static final String SLIDE_ROLE_NAME_ROOT = "root";
    private static final String SLIDE_DEFAULT_ROOT_USER = "root";
    private static final String SLIDE_ROLE_NAME_USER = "user";
    // private static final String SLIDE_ROLE_NAME_GUEST = "guset";
    private IWSlideService slideService = null;
    private static final String GROUP_MEMBER_SET = "group-member-set";
    private static final PropertyName GROUP_MEMBER_SET_PROPERTY_NAME = new PropertyName("DAV:", GROUP_MEMBER_SET);
    private static final String NO_PASSWORD = "no_password";
    private static final String ROOT_USER_NAME = "root";
    private final UsernamePasswordCredentials rootCredential = new UsernamePasswordCredentials(ROOT_USER_NAME,
            NO_PASSWORD);

    // private LoginBusinessBean _loginBusiness = new LoginBusinessBean();

    public WebdavResources getAllRoles() throws HttpException, RemoteException, IOException {
        return getAllRoles(null);
    }

    public WebdavResources getAllRoles(UsernamePasswordCredentials credentials)
            throws HttpException, RemoteException, IOException {
        IWSlideService service = getSlideServiceInstance();
        WebdavResource rolesFolder = new WebdavResource(service.getWebdavServerURL(credentials, PATH_ROLES));
        return rolesFolder.getChildResources();
    }

    public String getUserURI(String userName) throws RemoteException {
        IWSlideService service = getSlideServiceInstance();
        return service.getWebdavServerURI() + getUserPath(userName);
    }

    public String getUserPath(String userName) throws RemoteException {
        return PATH_USERS + SLASH + userName;
    }

    public String getGroupURI(String groupName) throws RemoteException {
        IWSlideService service = getSlideServiceInstance();
        return service.getWebdavServerURI() + getGroupPath(groupName);
    }

    public String getGroupPath(String groupName) throws RemoteException {
        return PATH_GROUPS + SLASH + groupName;
    }

    public String getRoleURI(String roleName) throws RemoteException {
        IWSlideService service = getSlideServiceInstance();
        return service.getWebdavServerURI() + getRolePath(roleName);
    }

    public String getRolePath(String roleName) throws RemoteException {
        return PATH_ROLES + SLASH + roleName;
    }

    /**
     * @param loginName
     * @param roleNamesForUser
     * @param loginNameOfAllLoggedOnUsers
     *            Set of all users that are logged on, other users are removed from roles. If the
     *            set is null no users are removed from roles.
     * @throws IOException
     * @throws RemoteException
     * @throws HttpException
     */
    public void updateRoleMembershipForUser(String userLoginName, Set roleNamesForUser,
            Set loginNamesOfAllLoggedOnUsers) throws HttpException, RemoteException, IOException {

        if (userLoginName != null && userLoginName.length() > 0 && !userLoginName.equals(SLIDE_DEFAULT_ROOT_USER)) {
            IWSlideService service = getSlideServiceInstance();
            UsernamePasswordCredentials rCredentials = service.getRootUserCredentials();

            Set newRoles = new HashSet(roleNamesForUser);
            Enumeration e = getAllRoles(rCredentials).getResources();
            String userURI = getUserURI(userLoginName);
            while (e.hasMoreElements()) {
                WebdavResource role = (WebdavResource) e.nextElement();
                newRoles.remove(role.getDisplayName());
                updateRoleMembershipForUser(role, userURI, roleNamesForUser, loginNamesOfAllLoggedOnUsers);
            }

            // Add Roles that don't exist
            for (Iterator iter = newRoles.iterator(); iter.hasNext();) {
                String sRole = (String) iter.next();

                if (!service.getExistence(getRolePath(sRole))) {
                    WebdavResource newRole = new WebdavResource(
                            service.getWebdavServerURL(rCredentials, getRolePath(sRole)), WebdavResource.NOACTION,
                            0);
                    newRole.mkcolMethod();
                    updateRoleMembershipForUser(newRole, userURI, roleNamesForUser, loginNamesOfAllLoggedOnUsers);
                    newRole.close();
                }
            }
        }
    }

    private void updateRoleMembershipForUser(WebdavResource role, String userURI, Set roleNamesForUser,
            Set userpathsOfAllLoggedOnUsers) throws HttpException, RemoteException, IOException {
        // System.out.println("[AuthenticationBusiness]: resouce "+role.getDisplayName()+" begins");
        boolean someChanges = false;
        try {
            Enumeration e = role.propfindMethod(GROUP_MEMBER_SET);
            String propertyString = "";
            while (e.hasMoreElements()) {
                propertyString += (String) e.nextElement();
            }
            // System.out.println("\t[group-member-set1]: "+propertyString);

            Set userSet = parseGroupMemberSetPropertyString(propertyString);

            if (userpathsOfAllLoggedOnUsers != null) {
                String rootUser = getUserURI(SLIDE_DEFAULT_ROOT_USER);
                for (Iterator iter = userSet.iterator(); iter.hasNext();) {
                    String token = (String) iter.next();
                    if (!rootUser.equals(token) && !userpathsOfAllLoggedOnUsers.contains(token)) {
                        userSet.remove(token);
                        someChanges = true;
                    }
                }
            }

            boolean userIsInRole = userSet.contains(userURI);
            boolean userShouldBeInRole = SLIDE_ROLE_NAME_USER.equals(role.getDisplayName())
                    || roleNamesForUser.contains(role.getDisplayName());

            if (!userIsInRole && userShouldBeInRole) {
                userSet.add(userURI);
                someChanges = true;
            } else if (userIsInRole && !userShouldBeInRole) {
                userSet.remove(userURI);
                someChanges = true;
            }

            if (someChanges) {
                String newGroupMemberSet = encodeGroupMemberSetPropertyString(userSet);

                role.proppatchMethod(GROUP_MEMBER_SET_PROPERTY_NAME, newGroupMemberSet, true);

                // Enumeration e2 = role.propfindMethod(GROUP_MEMBER_SET);
                // if (e2.hasMoreElements()) {
                // String element2 = (String) e2.nextElement();
                // System.out.println("\t[group-member-set2]: "+element2);
                // }
            }
        } catch (HttpException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }

        // System.out.println("[AuthenticationBusiness]: resouce "+role.getDisplayName()+" ends");
    }

    /**
     * @param userSet
     *            Set of userpaths or grouppaths
     * @see getUserURI(String)
     * @see getGroupURI(String)
     * @return
     */
    private String encodeGroupMemberSetPropertyString(Set userOrGroupSet) {
        return PropertyParser.encodePropertyString(null, userOrGroupSet);
    }

    /**
     * @param element
     * @return
     * @throws RemoteException
     */
    private Set parseGroupMemberSetPropertyString(String propertyString) throws RemoteException {
        return PropertyParser.parsePropertyString(null, propertyString);
    }

    protected IWSlideService getSlideServiceInstance() throws IBOLookupException {
        if (this.slideService == null) {
            this.slideService = (IWSlideService) IBOLookup.getServiceInstance(getIWApplicationContext(),
                    IWSlideService.class);
        }
        return this.slideService;
    }

    public UsernamePasswordCredentials getRootUserCredentials() {
        if (NO_PASSWORD.equals(this.rootCredential.getPassword())) {
            this.rootCredential.setPassword(StringHandler.getRandomString(20));
        }
        return this.rootCredential;
    }

    public boolean isRootUser(HttpServletRequest request) {
        // HttpServletRequest request = iwc.getRequest();
        LoginBusinessBean loginBusiness = getLoginBusiness();
        String[] usernameAndPassword = loginBusiness.getLoginNameAndPasswordFromBasicAuthenticationRequest(request);
        UsernamePasswordCredentials tmpCredential = getRootUserCredentials();
        return tmpCredential.getUserName().equals(usernameAndPassword[0])
                && tmpCredential.getPassword().equals(usernameAndPassword[1]);
    }

    protected LoginBusinessBean getLoginBusiness() {
        // return _loginBusiness;
        return LoginBusinessBean.getLoginBusinessBean(getIWApplicationContext());
    }

    public AccessControlList applyDefaultPermissionsToRepository(AccessControlList acl) {

        return applyPermissionsToRepository(acl, StandardRoles.ALL_STANDARD_ROLES);
    }

    public AccessControlList applyPermissionsToRepository(AccessControlList acl, Collection<String> roles) {
        try {
            for (String role : roles) {

                String roleUri = getRoleURI(role);
                Ace newAce = new Ace(roleUri);
                newAce.addPrivilege(Privilege.READ);
                newAce.addPrivilege(Privilege.WRITE);

                AccessControlEntry editorEntry = new AccessControlEntry(newAce,
                        AccessControlEntry.PRINCIPAL_TYPE_ROLE);
                acl.add(editorEntry);
            }

        } catch (Exception e) {
            Logger.getLogger(getClass().getName()).log(Level.SEVERE,
                    "Exception while applying roles permissions to repo, roles=" + roles + ", repo path="
                            + acl.getResourcePath(),
                    e);
            return null;
        }

        return acl;
    }
}