001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/tags/2.1/src/org/deegree/security/owsrequestvalidator/wfs/AbstractWFSRequestValidator.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2006 by:
006 University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53115 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: klaus.greve@uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043 package org.deegree.security.owsrequestvalidator.wfs;
044
045 import java.io.IOException;
046 import java.io.StringReader;
047 import java.util.List;
048
049 import org.deegree.framework.xml.XMLFragment;
050 import org.deegree.i18n.Messages;
051 import org.deegree.model.filterencoding.AbstractFilter;
052 import org.deegree.model.filterencoding.ComplexFilter;
053 import org.deegree.model.filterencoding.FilterConstructionException;
054 import org.deegree.model.filterencoding.Literal;
055 import org.deegree.model.filterencoding.LogicalOperation;
056 import org.deegree.model.filterencoding.Operation;
057 import org.deegree.model.filterencoding.OperationDefines;
058 import org.deegree.model.filterencoding.PropertyIsCOMPOperation;
059 import org.deegree.model.filterencoding.PropertyName;
060 import org.deegree.ogcwebservices.InvalidParameterValueException;
061 import org.deegree.security.owsproxy.Condition;
062 import org.deegree.security.owsproxy.OperationParameter;
063 import org.deegree.security.owsrequestvalidator.Policy;
064 import org.deegree.security.owsrequestvalidator.RequestValidator;
065 import org.xml.sax.SAXException;
066
067 /**
068 *
069 *
070 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
071 * @author last edited by: $Author: wanhoff $
072 *
073 * @version $Revision: 6376 $, $Date: 2007-03-26 14:06:18 +0200 (Mo, 26 Mär 2007) $
074 */
075 abstract class AbstractWFSRequestValidator extends RequestValidator {
076
077 // known condition parameter
078 private static final String FEATURETYPES = "featureTypes";
079
080 private static final String PROPERTY_INSTANCEFILTER = "instanceFilter";
081
082 /**
083 * @param policy
084 */
085 public AbstractWFSRequestValidator( Policy policy ) {
086 super( policy );
087 }
088
089 /**
090 * validates if the requested info featuretypes are valid against the policy/condition. If the
091 * passed user <> null this is checked against the user- and rights-management system/repository
092 *
093 * @param condition
094 * @param featureTypes
095 * @throws InvalidParameterValueException
096 */
097 protected void validateFeatureTypes( Condition condition, String[] featureTypes )
098 throws InvalidParameterValueException {
099
100 OperationParameter op = condition.getOperationParameter( FEATURETYPES );
101
102 // version is valid because no restrictions are made
103 if ( op.isAny() )
104 return;
105
106 List validLayers = op.getValues();
107 if ( op.isUserCoupled() ) {
108 userCoupled = true;
109 } else {
110 for ( int i = 0; i < featureTypes.length; i++ ) {
111 if ( !validLayers.contains( featureTypes[i] ) ) {
112 String s = Messages.getMessage( "OWSPROXY_NOT_ALLOWED_FEATURETYPE", "insert",
113 featureTypes[i] );
114 throw new InvalidParameterValueException( s );
115 }
116 }
117 }
118 }
119
120 /**
121 *
122 * @param operation
123 * @return
124 * @throws IOException
125 * @throws SAXException
126 * @throws FilterConstructionException
127 */
128 protected ComplexFilter extractInstanceFilter( Operation operation )
129 throws SAXException, IOException, FilterConstructionException {
130 ComplexFilter filter = null;
131 if ( operation.getOperatorId() == OperationDefines.AND ) {
132 List<Operation> arguments = ( (LogicalOperation) operation ).getArguments();
133 for ( int i = 0; i < arguments.size(); i++ ) {
134 Operation op = arguments.get( i );
135 if ( op.getOperatorId() == OperationDefines.PROPERTYISEQUALTO ) {
136 PropertyName pn = (PropertyName) ( (PropertyIsCOMPOperation) op ).getFirstExpression();
137 if ( PROPERTY_INSTANCEFILTER.equals( pn.getValue().getAsString() ) ) {
138 Literal literal = (Literal) ( (PropertyIsCOMPOperation) op ).getSecondExpression();
139 StringReader sr = new StringReader( literal.getValue() );
140 XMLFragment xml = new XMLFragment( sr, XMLFragment.DEFAULT_URL );
141 filter = (ComplexFilter) AbstractFilter.buildFromDOM( xml.getRootElement() );
142 }
143 }
144 }
145 }
146 return filter;
147 }
148 }