git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24
  25 package org.collectionspace.services.authorization.storage;
  26
  27 import java.util.List;
  28
  29 import org.collectionspace.services.authorization.perms.Permission;
  30 import org.collectionspace.services.authorization.perms.PermissionAction;
  31 import org.collectionspace.services.client.PermissionClient;
  32 import org.collectionspace.services.common.ServiceMessages;
  33 import org.collectionspace.services.common.context.ServiceContext;
  34 import org.collectionspace.services.common.document.DocumentHandler.Action;
  35 import org.collectionspace.services.common.document.InvalidDocumentException;
  36 import org.collectionspace.services.common.document.ValidatorHandler;
  37 import org.slf4j.Logger;
  38 import org.slf4j.LoggerFactory;
  39
  40 /**
  41  * PermissionValidatorHandler executes validation rules for permission
  42  * @author
  43  */
  44 public class PermissionValidatorHandler implements ValidatorHandler {
  45
  46     final Logger logger = LoggerFactory.getLogger(PermissionValidatorHandler.class);
  47
  48     @Override
  49     public void validate(Action action, ServiceContext ctx)
  50             throws InvalidDocumentException {
  51         if (logger.isDebugEnabled()) {
  52             logger.debug("validate() action=" + action.name());
  53         }
  54         try {
  55             Permission permission = (Permission) ctx.getInput();
  56             StringBuilder msgBldr = new StringBuilder(ServiceMessages.VALIDATION_FAILURE);
  57             boolean invalid = false;
  58
  59             if (action.equals(Action.CREATE)) {
  60                 //create specific validation here
  61                 if (permission.getResourceName() == null || permission.getResourceName().isEmpty()) {
  62                     invalid = true;
  63                     msgBldr.append("\nThe resource name for creating a new permission resource is missing or empty.");
  64                 } else {
  65                         invalid = !validateActionFields(permission);
  66                 }
  67             } else if (action.equals(Action.UPDATE)) {
  68                 //update specific validation here
  69                 if (permission.getResourceName() == null || permission.getResourceName().isEmpty()) {
  70                     invalid = true;
  71                     msgBldr.append("\nThe resource name for updating an existing permission is missing or empty.");
  72                 } else {
  73                         invalid = !validateActionFields(permission);
  74                 }
  75             }
  76
  77             if (invalid) {
  78                 String msg = msgBldr.toString();
  79                 logger.error(msg);
  80                 throw new InvalidDocumentException(msg);
  81             }
  82         } catch (InvalidDocumentException ide) {
  83             throw ide;
  84         } catch (Exception e) {
  85             throw new InvalidDocumentException(e);
  86         }
  87     }
  88
  89         private boolean validateActionFields(Permission permission) {
  90                 boolean result = true;
  91
  92                 List<PermissionAction> permActionList = permission.getAction();
  93                 boolean isPermActionListSet = (permActionList != null && permActionList.size() > 0);
  94
  95                 String permActionGroup = permission.getActionGroup();
  96                 boolean isPermActionGroupSet = (permActionGroup != null && !permActionGroup.trim().isEmpty());
  97
  98                 if (isPermActionListSet && isPermActionGroupSet) {
  99                         // the two action fields need to match
 100                         String derivedActionGroup = PermissionClient.getActionGroup(permActionList);
 101                         result = derivedActionGroup.equalsIgnoreCase(permActionGroup);
 102                 } else if (isPermActionListSet && !isPermActionGroupSet) {
 103                         // if Action list field is set but actionGroup field is not set then set the actionGroup by deriving it from the Action list
 104                         permission.setActionGroup(PermissionClient.getActionGroup(permActionList));
 105                 } else if (!isPermActionListSet && isPermActionGroupSet) {
 106                         // if the action list field is not set, but the action group is set then set the action actionL
 107                         permission.setAction(PermissionClient.getActionList(permActionGroup));
 108                 } else {
 109                         // both action fields are not set, we don't care.
 110                 }
 111
 112                 return result;
 113         }
 114
 115 }