001 //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/branches/2.3_testing/src/org/deegree/security/owsrequestvalidator/csw/GetRecordByIdRequestValidator.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.security.owsrequestvalidator.csw;
037
038 import java.util.ArrayList;
039 import java.util.List;
040
041 import org.deegree.datatypes.QualifiedName;
042 import org.deegree.datatypes.Types;
043 import org.deegree.model.feature.Feature;
044 import org.deegree.model.feature.FeatureFactory;
045 import org.deegree.model.feature.FeatureProperty;
046 import org.deegree.model.feature.schema.FeatureType;
047 import org.deegree.model.feature.schema.PropertyType;
048 import org.deegree.ogcwebservices.InvalidParameterValueException;
049 import org.deegree.ogcwebservices.OGCWebServiceRequest;
050 import org.deegree.ogcwebservices.csw.discovery.GetRecordById;
051 import org.deegree.portal.standard.security.control.ClientHelper;
052 import org.deegree.security.UnauthorizedException;
053 import org.deegree.security.drm.model.RightType;
054 import org.deegree.security.drm.model.User;
055 import org.deegree.security.owsproxy.Condition;
056 import org.deegree.security.owsproxy.OperationParameter;
057 import org.deegree.security.owsproxy.Request;
058 import org.deegree.security.owsrequestvalidator.Messages;
059 import org.deegree.security.owsrequestvalidator.Policy;
060
061 /**
062 *
063 *
064 * @version $Revision: 18195 $
065 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
066 * @author last edited by: $Author: mschneider $
067 *
068 * @version 1.0. $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18. Jun 2009) $
069 *
070 * @since 2.0
071 */
072 public class GetRecordByIdRequestValidator extends AbstractCSWRequestValidator {
073
074 private static final String ELEMENTSETNAME = "elementSetName";
075
076
077 private static FeatureType grFT = null;
078
079 static {
080 if ( grFT == null ) {
081 grFT = GetRecordByIdRequestValidator.createFeatureType();
082 }
083 }
084
085 /**
086 * @param policy
087 */
088 public GetRecordByIdRequestValidator( Policy policy ) {
089 super( policy );
090 }
091
092 /**
093 * @param request
094 * @param user
095 */
096 @Override
097 public void validateRequest( OGCWebServiceRequest request, User user )
098 throws InvalidParameterValueException, UnauthorizedException {
099
100 userCoupled = false;
101 Request req = policy.getRequest( "CSW", "GetRecordById" );
102 // request is valid because no restrictions are made
103 if ( req.isAny() || req.getPreConditions().isAny() ) {
104 return;
105 }
106 Condition condition = req.getPreConditions();
107
108 GetRecordById casreq = (GetRecordById) request;
109
110 validateVersion( condition, casreq.getVersion() );
111 validateElementSetName( condition, casreq.getElementSetName() );
112
113 if ( userCoupled ) {
114 validateAgainstRightsDB( casreq, user );
115 }
116
117 }
118
119 /**
120 * validates the passed CSW GetRecordById request against a User- and
121 * Rights-Management DB.
122 *
123 * @param casreq
124 * @param user
125 */
126 private void validateAgainstRightsDB( GetRecordById casreq, User user )
127 throws InvalidParameterValueException, UnauthorizedException {
128
129 if ( user == null ) {
130 throw new UnauthorizedException( Messages.getString( "RequestValidator.NOACCESS" ) );
131 }
132
133 List<FeatureProperty> fp = new ArrayList<FeatureProperty>();
134 fp.add( FeatureFactory.createFeatureProperty( new QualifiedName( "version" ), casreq.getVersion() ) );
135 fp.add( FeatureFactory.createFeatureProperty( new QualifiedName( "elementSetName" ), casreq.getElementSetName() ) );
136
137 Feature feature = FeatureFactory.createFeature( "id", grFT, fp );
138 // TODO
139 // substitue csw:profile by a dynamicly determined value
140 handleUserCoupledRules( user, feature, "csw:profile", ClientHelper.TYPE_METADATASCHEMA,
141 RightType.GETRECORDBYID );
142
143 }
144
145
146 /**
147 * valides if the elementSetName parameter in a GetRecords request is valid against
148 * the policy assigned to Validator.
149 *
150 * @param condition
151 * @param elementSetName
152 * @throws InvalidParameterValueException
153 */
154 private void validateElementSetName( Condition condition, String elementSetName )
155 throws InvalidParameterValueException {
156 OperationParameter op = condition.getOperationParameter( ELEMENTSETNAME );
157
158 // is valid because no restrictions are made
159 if ( op.isAny() )
160 return;
161
162 List<String> list = op.getValues();
163
164 if ( op.isUserCoupled() ) {
165 userCoupled = true;
166 } else {
167 if ( !list.contains( elementSetName ) ) {
168 String s = Messages.format( "GetRecordByIdRequestValidator.INVALIDELEMENTSETNAME",
169 elementSetName );
170 throw new InvalidParameterValueException( s );
171 }
172 }
173
174 }
175
176
177 /**
178 * creates a feature type that matches the parameters of a GetRecords
179 * request
180 *
181 * @return created <tt>FeatureType</tt>
182 */
183 private static FeatureType createFeatureType() {
184 PropertyType[] ftps = new PropertyType[2];
185 QualifiedName qn = new QualifiedName( "version" );
186 ftps[0] = FeatureFactory.createSimplePropertyType( qn, Types.VARCHAR, false );
187
188 qn = new QualifiedName( "elementSetName" );
189 ftps[1] = FeatureFactory.createSimplePropertyType( qn, Types.VARCHAR, false );
190
191 return FeatureFactory.createFeatureType( "GetRecordById", false, ftps );
192 }
193
194 }