001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/security/owsrequestvalidator/csw/CSWValidator.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 EXSE, Department of Geography, University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53115 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Prof. Dr. Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: greve@giub.uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043 package org.deegree.security.owsrequestvalidator.csw;
044
045 import org.deegree.ogcwebservices.InvalidParameterValueException;
046 import org.deegree.ogcwebservices.OGCWebServiceRequest;
047 import org.deegree.ogcwebservices.csw.discovery.DescribeRecord;
048 import org.deegree.ogcwebservices.csw.discovery.GetRecordById;
049 import org.deegree.ogcwebservices.csw.discovery.GetRecords;
050 import org.deegree.ogcwebservices.csw.discovery.GetRepositoryItem;
051 import org.deegree.ogcwebservices.csw.manager.Transaction;
052 import org.deegree.ogcwebservices.getcapabilities.GetCapabilities;
053 import org.deegree.security.UnauthorizedException;
054 import org.deegree.security.drm.model.User;
055 import org.deegree.security.owsrequestvalidator.OWSValidator;
056 import org.deegree.security.owsrequestvalidator.Policy;
057
058 /**
059 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
060 * @author last edited by: $Author: apoth $
061 *
062 * @version $Revision: 9346 $, $Date: 2007-12-27 17:39:07 +0100 (Do, 27 Dez 2007) $
063 */
064
065 public class CSWValidator extends OWSValidator {
066
067 // private static final String MS_INVALIDREQUEST = Messages.getString( "CSW_INVALIDREQUEST" );
068
069 private static CSWValidator self = null;
070
071 private GetRecordsRequestValidator getRecordValidator;
072
073 // private DescribeRecordTypeRequestValidator describeRecordTypeValidator;
074 private TransactionValidator transactionValidator;
075
076 private GetRecordByIdRequestValidator byIdValidator;
077
078 private GetRecordByIdResponseValidator byIdResValidator;
079
080 private GetRepositoryItemRequestValidator getRepositoryItem;
081
082 /**
083 * @param policy
084 * @param proxyURL
085 */
086 public CSWValidator( Policy policy, String proxyURL ) {
087 super( policy, proxyURL );
088 this.getRepositoryItem = new GetRepositoryItemRequestValidator( policy );
089 this.getRecordValidator = new GetRecordsRequestValidator( policy );
090 // this.describeRecordTypeValidator = new DescribeRecordTypeRequestValidator( policy );
091 this.transactionValidator = new TransactionValidator( policy );
092 this.byIdValidator = new GetRecordByIdRequestValidator( policy );
093 this.byIdResValidator = new GetRecordByIdResponseValidator( policy );
094 }
095
096 /**
097 * returns an instance of <tt>WFSPolicyValidator</tt> --> singleton
098 * <p>
099 * before this method cann be called, WFSPolicyValidator.create(URL) must be called to intialize
100 * the <tt>WFSPolicyValidator</tt> otherwise this method returns <tt>null</tt>
101 *
102 * @return an instance of <tt>WFSPolicyValidator</tt>
103 */
104 public static CSWValidator getInstance() {
105 return self;
106 }
107
108 @Override
109 public void validateRequest( OGCWebServiceRequest request, User user )
110 throws InvalidParameterValueException, UnauthorizedException {
111
112 if ( request instanceof GetCapabilities ) {
113 getCapabilitiesValidator.validateRequest( request, user );
114 } else if ( request instanceof GetRecords ) {
115 getRecordValidator.validateRequest( request, user );
116 } else if ( request instanceof GetRecordById ) {
117 byIdValidator.validateRequest( request, user );
118 } else if ( request instanceof DescribeRecord ) {
119 //always allowed
120 } else if ( request instanceof Transaction ) {
121 transactionValidator.validateRequest( request, user );
122 } else if ( request instanceof GetRepositoryItem ) {
123 getRepositoryItem.validateRequest( request, user );
124 } else {
125 throw new InvalidParameterValueException( "The requested operation is unkwon to the security model, you are therefore not permitted acces." );
126 }
127 }
128
129 @Override
130 public byte[] validateResponse( OGCWebServiceRequest request, byte[] response, String mime,
131 User user )
132 throws InvalidParameterValueException, UnauthorizedException {
133
134 if ( request instanceof GetCapabilities ) {
135 response = getCapabilitiesValidatorR.validateResponse( "CSW", response, mime, user );
136 } else if ( request instanceof GetRecordById ) {
137 response = byIdResValidator.validateResponse( "CSW", response, mime, user );
138 }
139 // TODO responses to other requests
140 return response;
141 }
142 }