001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/security/owsrequestvalidator/wfs/AbstractWFSRequestValidator.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53115 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: klaus.greve@uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043 package org.deegree.security.owsrequestvalidator.wfs;
044
045 import java.io.IOException;
046 import java.io.StringReader;
047 import java.util.List;
048
049 import org.deegree.framework.log.ILogger;
050 import org.deegree.framework.log.LoggerFactory;
051 import org.deegree.framework.xml.XMLFragment;
052 import org.deegree.i18n.Messages;
053 import org.deegree.model.filterencoding.AbstractFilter;
054 import org.deegree.model.filterencoding.ComplexFilter;
055 import org.deegree.model.filterencoding.FilterConstructionException;
056 import org.deegree.model.filterencoding.Literal;
057 import org.deegree.model.filterencoding.LogicalOperation;
058 import org.deegree.model.filterencoding.Operation;
059 import org.deegree.model.filterencoding.OperationDefines;
060 import org.deegree.model.filterencoding.PropertyIsCOMPOperation;
061 import org.deegree.model.filterencoding.PropertyName;
062 import org.deegree.ogcwebservices.InvalidParameterValueException;
063 import org.deegree.security.owsproxy.Condition;
064 import org.deegree.security.owsproxy.OperationParameter;
065 import org.deegree.security.owsrequestvalidator.Policy;
066 import org.deegree.security.owsrequestvalidator.RequestValidator;
067 import org.xml.sax.SAXException;
068
069 /**
070 *
071 *
072 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
073 * @author last edited by: $Author: apoth $
074 *
075 * @version $Revision: 9683 $, $Date: 2008-01-23 10:37:26 +0100 (Mi, 23 Jan 2008) $
076 */
077 abstract class AbstractWFSRequestValidator extends RequestValidator {
078
079 private static final ILogger LOG = LoggerFactory.getLogger( AbstractWFSRequestValidator.class );
080
081 // known condition parameter
082 private static final String FEATURETYPES = "featureTypes";
083
084 private static final String PROPERTY_INSTANCEFILTER = "instanceFilter";
085
086 /**
087 * @param policy
088 */
089 public AbstractWFSRequestValidator( Policy policy ) {
090 super( policy );
091 }
092
093 /**
094 * validates if the requested info featuretypes are valid against the policy/condition. If the
095 * passed user <> null this is checked against the user- and rights-management system/repository
096 *
097 * @param condition
098 * @param featureTypes
099 * @throws InvalidParameterValueException
100 */
101 protected void validateFeatureTypes( Condition condition, String[] featureTypes )
102 throws InvalidParameterValueException {
103
104 OperationParameter op = condition.getOperationParameter( FEATURETYPES );
105
106 if ( op == null ) {
107 LOG.logWarning( "Did you forget to add a featureType parameter to the precondition?" );
108 }
109
110 // version is valid because no restrictions are made
111 if ( op.isAny() )
112 return;
113
114 List validLayers = op.getValues();
115 if ( op.isUserCoupled() ) {
116 userCoupled = true;
117 } else {
118 for ( int i = 0; i < featureTypes.length; i++ ) {
119 LOG.logDebug( "validating feature type: ", featureTypes[i] );
120 if ( !validLayers.contains( featureTypes[i] ) ) {
121 String s = Messages.getMessage( "OWSPROXY_NOT_ALLOWED_FEATURETYPE", "insert", featureTypes[i] );
122 throw new InvalidParameterValueException( s );
123 }
124 }
125 }
126 }
127
128 /**
129 *
130 * @param operation
131 * @return
132 * @throws IOException
133 * @throws SAXException
134 * @throws FilterConstructionException
135 */
136 protected ComplexFilter extractInstanceFilter( Operation operation )
137 throws SAXException, IOException, FilterConstructionException {
138 ComplexFilter filter = null;
139 if ( operation.getOperatorId() == OperationDefines.AND ) {
140 List<Operation> arguments = ( (LogicalOperation) operation ).getArguments();
141 for ( int i = 0; i < arguments.size(); i++ ) {
142 Operation op = arguments.get( i );
143 if ( op.getOperatorId() == OperationDefines.PROPERTYISEQUALTO ) {
144 PropertyName pn = (PropertyName) ( (PropertyIsCOMPOperation) op ).getFirstExpression();
145 if ( PROPERTY_INSTANCEFILTER.equals( pn.getValue().getAsString() ) ) {
146 Literal literal = (Literal) ( (PropertyIsCOMPOperation) op ).getSecondExpression();
147 StringReader sr = new StringReader( literal.getValue() );
148 XMLFragment xml = new XMLFragment( sr, XMLFragment.DEFAULT_URL );
149 filter = (ComplexFilter) AbstractFilter.buildFromDOM( xml.getRootElement(), false );
150 }
151 }
152 }
153 }
154 return filter;
155 }
156 }