001 //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/branches/2.3_testing/src/org/deegree/security/owsrequestvalidator/csw/GetRecordByIdRequestValidator.java $ 002 /*---------------------------------------------------------------------------- 003 This file is part of deegree, http://deegree.org/ 004 Copyright (C) 2001-2009 by: 005 Department of Geography, University of Bonn 006 and 007 lat/lon GmbH 008 009 This library is free software; you can redistribute it and/or modify it under 010 the terms of the GNU Lesser General Public License as published by the Free 011 Software Foundation; either version 2.1 of the License, or (at your option) 012 any later version. 013 This library is distributed in the hope that it will be useful, but WITHOUT 014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 016 details. 017 You should have received a copy of the GNU Lesser General Public License 018 along with this library; if not, write to the Free Software Foundation, Inc., 019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 020 021 Contact information: 022 023 lat/lon GmbH 024 Aennchenstr. 19, 53177 Bonn 025 Germany 026 http://lat-lon.de/ 027 028 Department of Geography, University of Bonn 029 Prof. Dr. Klaus Greve 030 Postfach 1147, 53001 Bonn 031 Germany 032 http://www.geographie.uni-bonn.de/deegree/ 033 034 e-mail: info@deegree.org 035 ----------------------------------------------------------------------------*/ 036 package org.deegree.security.owsrequestvalidator.csw; 037 038 import java.util.ArrayList; 039 import java.util.List; 040 041 import org.deegree.datatypes.QualifiedName; 042 import org.deegree.datatypes.Types; 043 import org.deegree.model.feature.Feature; 044 import org.deegree.model.feature.FeatureFactory; 045 import org.deegree.model.feature.FeatureProperty; 046 import org.deegree.model.feature.schema.FeatureType; 047 import org.deegree.model.feature.schema.PropertyType; 048 import org.deegree.ogcwebservices.InvalidParameterValueException; 049 import org.deegree.ogcwebservices.OGCWebServiceRequest; 050 import org.deegree.ogcwebservices.csw.discovery.GetRecordById; 051 import org.deegree.portal.standard.security.control.ClientHelper; 052 import org.deegree.security.UnauthorizedException; 053 import org.deegree.security.drm.model.RightType; 054 import org.deegree.security.drm.model.User; 055 import org.deegree.security.owsproxy.Condition; 056 import org.deegree.security.owsproxy.OperationParameter; 057 import org.deegree.security.owsproxy.Request; 058 import org.deegree.security.owsrequestvalidator.Messages; 059 import org.deegree.security.owsrequestvalidator.Policy; 060 061 /** 062 * 063 * 064 * @version $Revision: 18195 $ 065 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a> 066 * @author last edited by: $Author: mschneider $ 067 * 068 * @version 1.0. $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18. Jun 2009) $ 069 * 070 * @since 2.0 071 */ 072 public class GetRecordByIdRequestValidator extends AbstractCSWRequestValidator { 073 074 private static final String ELEMENTSETNAME = "elementSetName"; 075 076 077 private static FeatureType grFT = null; 078 079 static { 080 if ( grFT == null ) { 081 grFT = GetRecordByIdRequestValidator.createFeatureType(); 082 } 083 } 084 085 /** 086 * @param policy 087 */ 088 public GetRecordByIdRequestValidator( Policy policy ) { 089 super( policy ); 090 } 091 092 /** 093 * @param request 094 * @param user 095 */ 096 @Override 097 public void validateRequest( OGCWebServiceRequest request, User user ) 098 throws InvalidParameterValueException, UnauthorizedException { 099 100 userCoupled = false; 101 Request req = policy.getRequest( "CSW", "GetRecordById" ); 102 // request is valid because no restrictions are made 103 if ( req.isAny() || req.getPreConditions().isAny() ) { 104 return; 105 } 106 Condition condition = req.getPreConditions(); 107 108 GetRecordById casreq = (GetRecordById) request; 109 110 validateVersion( condition, casreq.getVersion() ); 111 validateElementSetName( condition, casreq.getElementSetName() ); 112 113 if ( userCoupled ) { 114 validateAgainstRightsDB( casreq, user ); 115 } 116 117 } 118 119 /** 120 * validates the passed CSW GetRecordById request against a User- and 121 * Rights-Management DB. 122 * 123 * @param casreq 124 * @param user 125 */ 126 private void validateAgainstRightsDB( GetRecordById casreq, User user ) 127 throws InvalidParameterValueException, UnauthorizedException { 128 129 if ( user == null ) { 130 throw new UnauthorizedException( Messages.getString( "RequestValidator.NOACCESS" ) ); 131 } 132 133 List<FeatureProperty> fp = new ArrayList<FeatureProperty>(); 134 fp.add( FeatureFactory.createFeatureProperty( new QualifiedName( "version" ), casreq.getVersion() ) ); 135 fp.add( FeatureFactory.createFeatureProperty( new QualifiedName( "elementSetName" ), casreq.getElementSetName() ) ); 136 137 Feature feature = FeatureFactory.createFeature( "id", grFT, fp ); 138 // TODO 139 // substitue csw:profile by a dynamicly determined value 140 handleUserCoupledRules( user, feature, "csw:profile", ClientHelper.TYPE_METADATASCHEMA, 141 RightType.GETRECORDBYID ); 142 143 } 144 145 146 /** 147 * valides if the elementSetName parameter in a GetRecords request is valid against 148 * the policy assigned to Validator. 149 * 150 * @param condition 151 * @param elementSetName 152 * @throws InvalidParameterValueException 153 */ 154 private void validateElementSetName( Condition condition, String elementSetName ) 155 throws InvalidParameterValueException { 156 OperationParameter op = condition.getOperationParameter( ELEMENTSETNAME ); 157 158 // is valid because no restrictions are made 159 if ( op.isAny() ) 160 return; 161 162 List<String> list = op.getValues(); 163 164 if ( op.isUserCoupled() ) { 165 userCoupled = true; 166 } else { 167 if ( !list.contains( elementSetName ) ) { 168 String s = Messages.format( "GetRecordByIdRequestValidator.INVALIDELEMENTSETNAME", 169 elementSetName ); 170 throw new InvalidParameterValueException( s ); 171 } 172 } 173 174 } 175 176 177 /** 178 * creates a feature type that matches the parameters of a GetRecords 179 * request 180 * 181 * @return created <tt>FeatureType</tt> 182 */ 183 private static FeatureType createFeatureType() { 184 PropertyType[] ftps = new PropertyType[2]; 185 QualifiedName qn = new QualifiedName( "version" ); 186 ftps[0] = FeatureFactory.createSimplePropertyType( qn, Types.VARCHAR, false ); 187 188 qn = new QualifiedName( "elementSetName" ); 189 ftps[1] = FeatureFactory.createSimplePropertyType( qn, Types.VARCHAR, false ); 190 191 return FeatureFactory.createFeatureType( "GetRecordById", false, ftps ); 192 } 193 194 }