001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/security/owsrequestvalidator/wms/GetLegendGraphicRequestValidator.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 EXSE, Department of Geography, University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53177 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Prof. Dr. Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: greve@giub.uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043 package org.deegree.security.owsrequestvalidator.wms;
044
045 import java.net.URL;
046 import java.util.HashMap;
047 import java.util.List;
048 import java.util.Map;
049
050 import org.deegree.datatypes.QualifiedName;
051 import org.deegree.datatypes.Types;
052 import org.deegree.framework.util.StringTools;
053 import org.deegree.framework.xml.XMLParsingException;
054 import org.deegree.graphics.sld.SLDFactory;
055 import org.deegree.model.feature.Feature;
056 import org.deegree.model.feature.FeatureFactory;
057 import org.deegree.model.feature.FeatureProperty;
058 import org.deegree.model.feature.schema.FeatureType;
059 import org.deegree.model.feature.schema.PropertyType;
060 import org.deegree.ogcwebservices.InvalidParameterValueException;
061 import org.deegree.ogcwebservices.OGCWebServiceRequest;
062 import org.deegree.ogcwebservices.wms.operation.GetLegendGraphic;
063 import org.deegree.security.UnauthorizedException;
064 import org.deegree.security.drm.model.RightType;
065 import org.deegree.security.drm.model.User;
066 import org.deegree.security.owsproxy.Condition;
067 import org.deegree.security.owsproxy.OperationParameter;
068 import org.deegree.security.owsproxy.Request;
069 import org.deegree.security.owsrequestvalidator.Messages;
070 import org.deegree.security.owsrequestvalidator.Policy;
071
072 /**
073 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
074 * @author last edited by: $Author: apoth $
075 *
076 * @version 1.1, $Revision: 9346 $, $Date: 2007-12-27 17:39:07 +0100 (Do, 27 Dez 2007) $
077 *
078 * @since 1.1
079 */
080
081 class GetLegendGraphicRequestValidator extends AbstractWMSRequestValidator {
082
083 // known condition parameter
084 private static final String LAYER = "layers";
085
086 private static final String SLD = "sld";
087
088 private static final String SLD_BODY = "sld_body";
089
090 private static final String INVALIDSLD = Messages
091 .getString( "GetLegendGraphicRequestValidator.INVALIDSLD" );
092
093 private static final String INVALIDSLD_BODY = Messages
094 .getString( "GetLegendGraphicRequestValidator.INVALIDSLD_BODY" );
095
096 private static final String INVALIDLAYER = Messages
097 .getString( "GetLegendGraphicRequestValidator.INVALIDLAYER" );
098
099 private static final String INVALIDSTYLE = Messages
100 .getString( "GetLegendGraphicRequestValidator.INVALIDSTYLE" );
101
102 private static FeatureType glgFT = null;
103
104 static {
105 if ( glgFT == null ) {
106 glgFT = GetLegendGraphicRequestValidator.createFeatureType();
107 }
108 }
109
110 /**
111 * @param policy
112 */
113 public GetLegendGraphicRequestValidator( Policy policy ) {
114 super( policy );
115 }
116
117 /**
118 * validates the incomming GetLegendGraphic request against the policy assigend to a validator
119 *
120 * @param request
121 * request to validate
122 * @param user
123 * name of the user who likes to perform the request (can be null)
124 */
125 public void validateRequest( OGCWebServiceRequest request, User user )
126 throws InvalidParameterValueException,
127 UnauthorizedException {
128
129 userCoupled = false;
130 Request req = policy.getRequest( "WMS", "GetLegendGraphic" );
131 // request is valid because no restrictions are made
132 if ( req.isAny() ) {
133 return;
134 }
135 Condition condition = req.getPreConditions();
136
137 GetLegendGraphic wmsreq = (GetLegendGraphic) request;
138
139 validateVersion( condition, wmsreq.getVersion() );
140 validateLayer( condition, wmsreq.getLayer(), wmsreq.getStyle() );
141 validateExceptions( condition, wmsreq.getExceptions() );
142 validateFormat( condition, wmsreq.getFormat() );
143 validateMaxWidth( condition, wmsreq.getWidth() );
144 validateMaxHeight( condition, wmsreq.getHeight() );
145 validateSLD( condition, wmsreq.getSLD() );
146
147 if ( userCoupled ) {
148 validateAgainstRightsDB( wmsreq, user );
149 }
150
151 }
152
153 /**
154 * validates if the requested layer is valid against the policy/condition. If the passed user <>
155 * null this is checked against the user- and rights-management system/repository
156 *
157 * @param condition
158 * @param layer
159 * @throws InvalidParameterValueException
160 */
161 private void validateLayer( Condition condition, String layer, String style )
162 throws InvalidParameterValueException {
163
164 OperationParameter op = condition.getOperationParameter( LAYER );
165
166 // version is valid because no restrictions are made
167 if ( op.isAny() ) {
168 return;
169 }
170
171 List<String> v = op.getValues();
172
173 // seperate layers from assigned styles
174 Map<String,String> map = new HashMap<String,String>();
175 for (int i = 0; i < v.size(); i++) {
176 String[] tmp = StringTools.toArray( v.get( i ), "|", false );
177 map.put( tmp[0], tmp[1] );
178 }
179
180 String vs = map.get( layer );
181
182 if ( vs == null ) {
183 if ( !op.isUserCoupled() ) {
184 throw new InvalidParameterValueException( INVALIDLAYER + layer );
185 }
186 userCoupled = true;
187 } else if ( !style.equalsIgnoreCase( "default" )
188 && vs.indexOf( "$any$" ) < 0 && vs.indexOf( style ) < 0 ) {
189 if ( !op.isUserCoupled() ) {
190 // a style is valid for a layer if it's the default style
191 // or the layer accepts any style or a style is explicit defined
192 // to be valid
193 throw new InvalidParameterValueException( INVALIDSTYLE + layer + ':' + style );
194 }
195 userCoupled = true;
196 }
197
198 }
199
200 /**
201 * checks if the passed reference to a SLD document is valid against the defined in the policy.
202 * If <tt>user</ff> != <tt>null</tt> the valid
203 * sld reference addresses will be read from the user/rights repository
204 * @param condition condition containing the definition of the valid sldRef
205 * @param sldRef
206 * @throws InvalidParameterValueException
207 */
208 private void validateSLD( Condition condition, URL sldRef )
209 throws InvalidParameterValueException {
210
211 OperationParameter op = condition.getOperationParameter( SLD );
212
213 if ( op == null && sldRef != null ) {
214 throw new InvalidParameterValueException( INVALIDSLD + sldRef );
215 }
216
217 // sldRef is valid because no restrictions are made
218 if ( sldRef == null || op.isAny() )
219 return;
220
221 List list = op.getValues();
222 String port = null;
223 if ( sldRef.getPort() != -1 ) {
224 port = ":" + sldRef.getPort();
225 } else {
226 port = ":80";
227 }
228 String addr = sldRef.getProtocol() + "://" + sldRef.getHost() + port;
229 if ( !list.contains( addr ) ) {
230 if ( !op.isUserCoupled() ) {
231 throw new InvalidParameterValueException( INVALIDSLD + sldRef );
232 }
233 userCoupled = true;
234 }
235
236 try {
237 SLDFactory.createSLD( sldRef );
238 } catch ( XMLParsingException e ) {
239 String s = org.deegree.i18n.Messages.getMessage( "WMS_SLD_IS_NOT_VALID", sldRef );
240 throw new InvalidParameterValueException( s );
241 }
242 }
243
244 /**
245 * validates the passed WMS GetMap request against a User- and Rights-Management DB.
246 *
247 * @param wmsreq
248 * @throws InvalidParameterValueException
249 */
250 private void validateAgainstRightsDB( GetLegendGraphic wmsreq, User user )
251 throws InvalidParameterValueException,
252 UnauthorizedException {
253
254 if ( user == null ) {
255 throw new UnauthorizedException( "no access to anonymous user" );
256 }
257
258 // create feature that describes the map request
259 FeatureProperty[] fps = new FeatureProperty[7];
260 fps[0] = FeatureFactory.createFeatureProperty( new QualifiedName( "version" ), wmsreq.getVersion() );
261 fps[1] = FeatureFactory.createFeatureProperty( new QualifiedName( "width" ), new Integer( wmsreq.getWidth() ) );
262 fps[2] = FeatureFactory.createFeatureProperty( new QualifiedName( "height" ), new Integer( wmsreq.getHeight() ) );
263 fps[3] = FeatureFactory.createFeatureProperty( new QualifiedName( "format" ), wmsreq.getFormat() );
264 fps[4] = FeatureFactory.createFeatureProperty( new QualifiedName( "exceptions" ), wmsreq.getExceptions() );
265 fps[5] = FeatureFactory.createFeatureProperty( new QualifiedName( "sld" ), wmsreq.getSLD() );
266 fps[6] = FeatureFactory.createFeatureProperty( new QualifiedName( "style" ), wmsreq.getStyle() );
267 Feature feature = FeatureFactory.createFeature( "id", glgFT, fps );
268 handleUserCoupledRules( user, feature, wmsreq.getLayer(), "Layer",
269 RightType.GETLEGENDGRAPHIC );
270
271 }
272
273 /**
274 * creates a feature type that matches the parameters of a GetLagendGraphic request
275 *
276 * @return created <tt>FeatureType</tt>
277 */
278 private static FeatureType createFeatureType() {
279 PropertyType[] ftps = new PropertyType[7];
280 ftps[0] = FeatureFactory.createSimplePropertyType( new QualifiedName( "version" ),
281 Types.VARCHAR, false );
282 ftps[1] = FeatureFactory.createSimplePropertyType( new QualifiedName( "width" ),
283 Types.INTEGER, false );
284 ftps[2] = FeatureFactory.createSimplePropertyType( new QualifiedName( "height" ),
285 Types.INTEGER, false );
286 ftps[3] = FeatureFactory.createSimplePropertyType( new QualifiedName( "format" ),
287 Types.VARCHAR, false );
288 ftps[4] = FeatureFactory.createSimplePropertyType( new QualifiedName( "exceptions" ),
289 Types.VARCHAR, false );
290 ftps[5] = FeatureFactory.createSimplePropertyType( new QualifiedName( "sld" ),
291 Types.VARCHAR, false );
292 ftps[6] = FeatureFactory.createSimplePropertyType( new QualifiedName( "style" ),
293 Types.VARCHAR, false );
294
295 return FeatureFactory.createFeatureType( "GetLegendGraphic", false, ftps );
296 }
297
298 }