Coverage report

  %line %branch
org.apache.turbine.util.security.TurbineAccessControlList
20% 
76% 

 1  
 package org.apache.turbine.util.security;
 2  
 
 3  
 /*
 4  
  * Copyright 2001-2005 The Apache Software Foundation.
 5  
  *
 6  
  * Licensed under the Apache License, Version 2.0 (the "License")
 7  
  * you may not use this file except in compliance with the License.
 8  
  * You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing, software
 13  
  * distributed under the License is distributed on an "AS IS" BASIS,
 14  
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15  
  * See the License for the specific language governing permissions and
 16  
  * limitations under the License.
 17  
  */
 18  
 
 19  
 import java.util.Iterator;
 20  
 import java.util.Map;
 21  
 
 22  
 import org.apache.turbine.om.security.Group;
 23  
 import org.apache.turbine.om.security.Permission;
 24  
 import org.apache.turbine.om.security.Role;
 25  
 import org.apache.turbine.services.security.TurbineSecurity;
 26  
 
 27  
 /**
 28  
  * This is a control class that makes it easy to find out if a
 29  
  * particular User has a given Permission.  It also determines if a
 30  
  * User has a a particular Role.
 31  
  *
 32  
  * @author <a href="mailto:jmcnally@collab.net">John D. McNally</a>
 33  
  * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
 34  
  * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
 35  
  * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
 36  
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
 37  
  * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
 38  
  * @version $Id: TurbineAccessControlList.java 278822 2005-09-05 19:53:05Z henning $
 39  
  */
 40  
 public class TurbineAccessControlList
 41  
         implements AccessControlList
 42  
 {
 43  
     /** Serial Version UID */
 44  
     private static final long serialVersionUID = 2678947159949477950L;
 45  
 
 46  
     /** The sets of roles that the user has in different groups */
 47  
     private Map roleSets;
 48  
 
 49  
     /** The sets of permissions that the user has in different groups */
 50  
     private Map permissionSets;
 51  
 
 52  
     /** The name of this ACL. Needed for the SecurityEntity Interface */
 53  
     private String name;
 54  
 
 55  
     /**
 56  
      * Constructs a new AccessControlList.
 57  
      *
 58  
      * This class follows 'immutable' pattern - it's objects can't be modified
 59  
      * once they are created. This means that the permissions the users have are
 60  
      * in effect form the moment they log in to the moment they log out, and
 61  
      * changes made to the security settings in that time are not reflected
 62  
      * in the state of this object. If you need to reset an user's permissions
 63  
      * you need to invalidate his session. <br>
 64  
      * The objects that constructs an AccessControlList must supply hashtables
 65  
      * of role/permission sets keyed with group objects. <br>
 66  
      *
 67  
      * @param roleSets a hashtable containing RoleSet objects keyed with Group objects
 68  
      * @param permissionSets a hashtable containing PermissionSet objects keyed with Group objects
 69  
      */
 70  
     public TurbineAccessControlList(Map roleSets, Map permissionSets)
 71  20
     {
 72  20
         this.roleSets = roleSets;
 73  20
         this.permissionSets = permissionSets;
 74  20
     }
 75  
 
 76  
     /**
 77  
      * Returns the name of this ACL.
 78  
      *
 79  
      * @return The ACL Name
 80  
      *
 81  
      */
 82  
     public String getName()
 83  
     {
 84  0
         return this.name;
 85  
     }
 86  
 
 87  
     /**
 88  
      * Sets the name of this ACL.
 89  
      *
 90  
      * @param name The new ACL name.
 91  
      *
 92  
      */
 93  
     public void setName(String name)
 94  
     {
 95  0
         this.name = name;
 96  0
     }
 97  
 
 98  
     /**
 99  
      * Retrieves a set of Roles an user is assigned in a Group.
 100  
      *
 101  
      * @param group the Group
 102  
      * @return the set of Roles this user has within the Group.
 103  
      */
 104  
     public RoleSet getRoles(Group group)
 105  
     {
 106  36
         if (group == null)
 107  
         {
 108  0
             return null;
 109  
         }
 110  36
         return (RoleSet) roleSets.get(group);
 111  
     }
 112  
 
 113  
     /**
 114  
      * Retrieves a set of Roles an user is assigned in the global Group.
 115  
      *
 116  
      * @return the set of Roles this user has within the global Group.
 117  
      */
 118  
     public RoleSet getRoles()
 119  
     {
 120  2
         return getRoles(TurbineSecurity.getGlobalGroup());
 121  
     }
 122  
 
 123  
     /**
 124  
      * Retrieves a set of Permissions an user is assigned in a Group.
 125  
      *
 126  
      * @param group the Group
 127  
      * @return the set of Permissions this user has within the Group.
 128  
      */
 129  
     public PermissionSet getPermissions(Group group)
 130  
     {
 131  28
         if (group == null)
 132  
         {
 133  0
             return null;
 134  
         }
 135  28
         return (PermissionSet) permissionSets.get(group);
 136  
     }
 137  
 
 138  
     /**
 139  
      * Retrieves a set of Permissions an user is assigned in the global Group.
 140  
      *
 141  
      * @return the set of Permissions this user has within the global Group.
 142  
      */
 143  
     public PermissionSet getPermissions()
 144  
     {
 145  2
         return getPermissions(TurbineSecurity.getGlobalGroup());
 146  
     }
 147  
 
 148  
     /**
 149  
      * Checks if the user is assigned a specific Role in the Group.
 150  
      *
 151  
      * @param role the Role
 152  
      * @param group the Group
 153  
      * @return <code>true</code> if the user is assigned the Role in the Group.
 154  
      */
 155  
     public boolean hasRole(Role role, Group group)
 156  
     {
 157  28
         RoleSet set = getRoles(group);
 158  28
         if (set == null || role == class="keyword">null)
 159  
         {
 160  0
             return false;
 161  
         }
 162  28
         return set.contains(role);
 163  
     }
 164  
 
 165  
     /**
 166  
      * Checks if the user is assigned a specific Role in any of the given
 167  
      * Groups
 168  
      *
 169  
      * @param role the Role
 170  
      * @param groupset a Groupset
 171  
      * @return <code>true</code> if the user is assigned the Role in any of
 172  
      *         the given Groups.
 173  
      */
 174  
     public boolean hasRole(Role role, GroupSet groupset)
 175  
     {
 176  0
         if (role == null)
 177  
         {
 178  0
             return false;
 179  
         }
 180  0
         for (Iterator groups = groupset.iterator(); groups.hasNext();)
 181  
         {
 182  0
             Group group = (Group) groups.next();
 183  0
             RoleSet roles = getRoles(group);
 184  0
             if (roles != null)
 185  
             {
 186  0
                 if (roles.contains(role))
 187  
                 {
 188  0
                     return true;
 189  
                 }
 190  
             }
 191  
         }
 192  0
         return false;
 193  
     }
 194  
 
 195  
     /**
 196  
      * Checks if the user is assigned a specific Role in the Group.
 197  
      *
 198  
      * @param role the Role
 199  
      * @param group the Group
 200  
      * @return <code>true</code> if the user is assigned the Role in the Group.
 201  
      */
 202  
     public boolean hasRole(String role, String group)
 203  
     {
 204  
         try
 205  
         {
 206  16
             return hasRole(TurbineSecurity.getRoleByName(role),
 207  
                     TurbineSecurity.getGroupByName(group));
 208  
         }
 209  0
         catch (Exception e)
 210  
         {
 211  0
             return false;
 212  
         }
 213  
     }
 214  
 
 215  
     /**
 216  
      * Checks if the user is assigned a specifie Role in any of the given
 217  
      * Groups
 218  
      *
 219  
      * @param rolename the name of the Role
 220  
      * @param groupset a Groupset
 221  
      * @return <code>true</code> if the user is assigned the Role in any of
 222  
      *         the given Groups.
 223  
      */
 224  
     public boolean hasRole(String rolename, GroupSet groupset)
 225  
     {
 226  
         Role role;
 227  
         try
 228  
         {
 229  0
             role = TurbineSecurity.getRoleByName(rolename);
 230  
         }
 231  0
         catch (TurbineSecurityException e)
 232  
         {
 233  0
             return false;
 234  0
         }
 235  0
         if (role == null)
 236  
         {
 237  0
             return false;
 238  
         }
 239  0
         for (Iterator groups = groupset.iterator(); groups.hasNext();)
 240  
         {
 241  0
             Group group = (Group) groups.next();
 242  0
             RoleSet roles = getRoles(group);
 243  0
             if (roles != null)
 244  
             {
 245  0
                 if (roles.contains(role))
 246  
                 {
 247  0
                     return true;
 248  
                 }
 249  
             }
 250  
         }
 251  0
         return false;
 252  
     }
 253  
 
 254  
     /**
 255  
      * Checks if the user is assigned a specific Role in the global Group.
 256  
      *
 257  
      * @param role the Role
 258  
      * @return <code>true</code> if the user is assigned the Role in the global Group.
 259  
      */
 260  
     public boolean hasRole(Role role)
 261  
     {
 262  0
         return hasRole(role, TurbineSecurity.getGlobalGroup());
 263  
     }
 264  
 
 265  
     /**
 266  
      * Checks if the user is assigned a specific Role in the global Group.
 267  
      *
 268  
      * @param role the Role
 269  
      * @return <code>true</code> if the user is assigned the Role in the global Group.
 270  
      */
 271  
     public boolean hasRole(String role)
 272  
     {
 273  
         try
 274  
         {
 275  0
             return hasRole(TurbineSecurity.getRoleByName(role));
 276  
         }
 277  0
         catch (Exception e)
 278  
         {
 279  0
             return false;
 280  
         }
 281  
     }
 282  
 
 283  
     /**
 284  
      * Checks if the user is assigned a specific Permission in the Group.
 285  
      *
 286  
      * @param permission the Permission
 287  
      * @param group the Group
 288  
      * @return <code>true</code> if the user is assigned the Permission in the Group.
 289  
      */
 290  
     public boolean hasPermission(Permission permission, Group group)
 291  
     {
 292  24
         PermissionSet set = getPermissions(group);
 293  24
         if (set == null || permission == class="keyword">null)
 294  
         {
 295  0
             return false;
 296  
         }
 297  24
         return set.contains(permission);
 298  
     }
 299  
 
 300  
     /**
 301  
      * Checks if the user is assigned a specific Permission in any of the given
 302  
      * Groups
 303  
      *
 304  
      * @param permission the Permission
 305  
      * @param groupset a Groupset
 306  
      * @return <code>true</code> if the user is assigned the Permission in any
 307  
      *         of the given Groups.
 308  
      */
 309  
     public boolean hasPermission(Permission permission, GroupSet groupset)
 310  
     {
 311  0
         if (permission == null)
 312  
         {
 313  0
             return false;
 314  
         }
 315  0
         for (Iterator groups = groupset.iterator(); groups.hasNext();)
 316  
         {
 317  0
             Group group = (Group) groups.next();
 318  0
             PermissionSet permissions = getPermissions(group);
 319  0
             if (permissions != null)
 320  
             {
 321  0
                 if (permissions.contains(permission))
 322  
                 {
 323  0
                     return true;
 324  
                 }
 325  
             }
 326  
         }
 327  0
         return false;
 328  
     }
 329  
 
 330  
     /**
 331  
      * Checks if the user is assigned a specific Permission in the Group.
 332  
      *
 333  
      * @param permission the Permission
 334  
      * @param group the Group
 335  
      * @return <code>true</code> if the user is assigned the Permission in the Group.
 336  
      */
 337  
     public boolean hasPermission(String permission, String group)
 338  
     {
 339  
         try
 340  
         {
 341  24
             return hasPermission(TurbineSecurity.getPermissionByName(permission),
 342  
                     TurbineSecurity.getGroupByName(group));
 343  
         }
 344  0
         catch (Exception e)
 345  
         {
 346  0
             return false;
 347  
         }
 348  
     }
 349  
 
 350  
     /**
 351  
      * Checks if the user is assigned a specific Permission in the Group.
 352  
      *
 353  
      * @param permission the Permission
 354  
      * @param group the Group
 355  
      * @return <code>true</code> if the user is assigned the Permission in the Group.
 356  
      */
 357  
     public boolean hasPermission(String permission, Group group)
 358  
     {
 359  
         try
 360  
         {
 361  0
             return hasPermission(
 362  
                     TurbineSecurity.getPermissionByName(permission), group);
 363  
         }
 364  0
         catch (Exception e)
 365  
         {
 366  0
             return false;
 367  
         }
 368  
     }
 369  
 
 370  
     /**
 371  
      * Checks if the user is assigned a specifie Permission in any of the given
 372  
      * Groups
 373  
      *
 374  
      * @param permissionName the name of the Permission
 375  
      * @param groupset a Groupset
 376  
      * @return <code>true</code> if the user is assigned the Permission in any
 377  
      *         of the given Groups.
 378  
      */
 379  
     public boolean hasPermission(String permissionName, GroupSet groupset)
 380  
     {
 381  
         Permission permission;
 382  
         try
 383  
         {
 384  0
             permission = TurbineSecurity.getPermissionByName(permissionName);
 385  
         }
 386  0
         catch (TurbineSecurityException e)
 387  
         {
 388  0
             return false;
 389  0
         }
 390  0
         if (permission == null)
 391  
         {
 392  0
             return false;
 393  
         }
 394  0
         for (Iterator groups = groupset.iterator(); groups.hasNext();)
 395  
         {
 396  0
             Group group = (Group) groups.next();
 397  0
             PermissionSet permissions = getPermissions(group);
 398  0
             if (permissions != null)
 399  
             {
 400  0
                 if (permissions.contains(permission))
 401  
                 {
 402  0
                     return true;
 403  
                 }
 404  
             }
 405  
         }
 406  0
         return false;
 407  
     }
 408  
 
 409  
     /**
 410  
      * Checks if the user is assigned a specific Permission in the global Group.
 411  
      *
 412  
      * @param permission the Permission
 413  
      * @return <code>true</code> if the user is assigned the Permission in the global Group.
 414  
      */
 415  
     public boolean hasPermission(Permission permission)
 416  
     {
 417  0
         return hasPermission(permission, TurbineSecurity.getGlobalGroup());
 418  
     }
 419  
 
 420  
     /**
 421  
      * Checks if the user is assigned a specific Permission in the global Group.
 422  
      *
 423  
      * @param permission the Permission
 424  
      * @return <code>true</code> if the user is assigned the Permission in the global Group.
 425  
      */
 426  
     public boolean hasPermission(String permission)
 427  
     {
 428  
         try
 429  
         {
 430  0
             return hasPermission(TurbineSecurity.getPermissionByName(permission));
 431  
         }
 432  0
         catch (Exception e)
 433  
         {
 434  0
             return false;
 435  
         }
 436  
     }
 437  
 
 438  
     /**
 439  
      * Returns all groups definded in the system.
 440  
      *
 441  
      * This is useful for debugging, when you want to display all roles
 442  
      * and permissions an user is assingned. This method is needed
 443  
      * because you can't call static methods of TurbineSecurity class
 444  
      * from within WebMacro/Velocity template
 445  
      *
 446  
      * @return A Group [] of all groups in the system.
 447  
      */
 448  
     public Group[] getAllGroups()
 449  
     {
 450  
         try
 451  
         {
 452  0
             return TurbineSecurity.getAllGroups().getGroupsArray();
 453  
         }
 454  0
         catch (TurbineSecurityException e)
 455  
         {
 456  0
             return new Group[0];
 457  
         }
 458  
     }
 459  
 }

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.