]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


0e453481389793a346db045d7c868a9e922fba42
[tmp/jakarta-migration.git] /
1 /**
2  *  This document is a part of the source code and related artifacts
3  *  for CollectionSpace, an open source collections management system
4  *  for museums and related institutions:
5
6  *  http://www.collectionspace.org
7  *  http://wiki.collectionspace.org
8
9  *  Copyright 2009 University of California at Berkeley
10
11  *  Licensed under the Educational Community License (ECL), Version 2.0.
12  *  You may not use this file except in compliance with this License.
13
14  *  You may obtain a copy of the ECL 2.0 License at
15
16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
17
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS,
20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24
25 package org.collectionspace.services.authorization.storage;
26
27 import java.util.List;
28
29 import javax.xml.bind.JAXBElement;
30
31 import org.collectionspace.services.authorization.perms.Permission;
32 import org.collectionspace.services.authorization.perms.PermissionAction;
33 import org.collectionspace.services.client.PermissionClient;
34 import org.collectionspace.services.common.ServiceMessages;
35 import org.collectionspace.services.common.context.ServiceContext;
36 import org.collectionspace.services.common.document.DocumentHandler.Action;
37 import org.collectionspace.services.common.document.InvalidDocumentException;
38 import org.collectionspace.services.common.document.JaxbUtils;
39 import org.collectionspace.services.common.document.ValidatorHandler;
40 import org.slf4j.Logger;
41 import org.slf4j.LoggerFactory;
42
43 /**
44  * PermissionValidatorHandler executes validation rules for permission
45  * @author 
46  */
47 public class PermissionValidatorHandler implements ValidatorHandler<Permission, Permission> {
48
49     final Logger logger = LoggerFactory.getLogger(PermissionValidatorHandler.class);
50
51     @Override
52     public void validate(Action action, ServiceContext<Permission, Permission> ctx)
53             throws InvalidDocumentException {
54         if (logger.isDebugEnabled()) {
55             logger.debug("validate() action=" + action.name());
56         }
57         try {
58             Permission permission = (Permission) ctx.getInput();
59             StringBuilder msgBldr = new StringBuilder(ServiceMessages.VALIDATION_FAILURE);
60             boolean invalid = false;
61
62             if (action.equals(Action.CREATE)) {
63                 if (permission.getResourceName() == null || permission.getResourceName().isEmpty()) {
64                     invalid = true;
65                     msgBldr.append("\nThe resource name for creating a new permission resource is missing or empty.");
66                 }
67                 if (validateActionFields(action, permission) == false) {
68                         invalid = true;
69                     msgBldr.append("\nAction info is missing or inconsistent.");
70                 }
71                 if (permission.getEffect() == null) {
72                         invalid = true;
73                     msgBldr.append("\n'effect' elment is missing from the payload or is not set to either PERMIT or DENY.");
74                 }
75             } else if (action.equals(Action.UPDATE)) {
76                 if (permission.getResourceName() == null || permission.getResourceName().isEmpty()) {
77                     invalid = true;
78                     msgBldr.append("\nThe resource name for updating an existing permission is missing or empty.");
79                 }
80                 if (validateActionFields(action, permission) == false) {
81                         invalid = true;
82                     msgBldr.append("\nAction info is missing or inconsistent.");
83                 }                
84             }
85             
86             if (invalid) {
87                 String msg = msgBldr.toString();
88                 logger.error(msg);
89                 throw new InvalidDocumentException(msg);
90             }
91         } catch (InvalidDocumentException ide) {
92             throw ide;
93         } catch (Exception e) {
94             throw new InvalidDocumentException(e);
95         }
96     }
97
98         private boolean validateActionFields(Action action, Permission permission) {
99                 boolean result = true;
100                 
101                 List<PermissionAction> permActionList = permission.getAction();
102                 boolean isPermActionListSet = (permActionList != null && permActionList.size() > 0);
103                 
104                 String permActionGroup = permission.getActionGroup();
105                 boolean isPermActionGroupSet = (permActionGroup != null && !permActionGroup.trim().isEmpty());
106                 
107                 if (isPermActionListSet && isPermActionGroupSet) {
108                         // the two action fields need to match
109                         String derivedActionGroup = PermissionClient.getActionGroup(permActionList);
110                         result = derivedActionGroup.equalsIgnoreCase(permActionGroup);
111                 } else if (isPermActionListSet && !isPermActionGroupSet) {
112                         // if Action list field is set but actionGroup field is not set then set the actionGroup by deriving it from the Action list
113                         permission.setActionGroup(PermissionClient.getActionGroup(permActionList));
114                 } else if (!isPermActionListSet && isPermActionGroupSet) {
115                         // if the action list field is not set, but the action group is set then set the action actionL
116                         permission.setAction(PermissionClient.getActionList(permActionGroup));
117                 } else {
118                         if (action.equals(Action.CREATE)) {
119                                 result = false;
120                                 org.collectionspace.services.authorization.perms.ObjectFactory objectFactory = 
121                                                 new org.collectionspace.services.authorization.perms.ObjectFactory();
122                                 JAXBElement<Permission> permJaxbElement = objectFactory.createPermission(permission);
123                                 String msg = String.format("Either (or both) the 'action' or 'actiongroup' element needs to be set: %s",
124                                                 JaxbUtils.toString(permJaxbElement, Permission.class));                 
125                                 logger.error(msg);
126                         }
127                 }
128                 
129                 return result;
130         }
131
132 }