001 //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/security/owsrequestvalidator/csw/CSWValidator.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.security.owsrequestvalidator.csw;
037
038 import org.deegree.ogcwebservices.InvalidParameterValueException;
039 import org.deegree.ogcwebservices.OGCWebServiceRequest;
040 import org.deegree.ogcwebservices.csw.discovery.DescribeRecord;
041 import org.deegree.ogcwebservices.csw.discovery.GetRecordById;
042 import org.deegree.ogcwebservices.csw.discovery.GetRecords;
043 import org.deegree.ogcwebservices.csw.discovery.GetRepositoryItem;
044 import org.deegree.ogcwebservices.csw.manager.Transaction;
045 import org.deegree.ogcwebservices.getcapabilities.GetCapabilities;
046 import org.deegree.security.UnauthorizedException;
047 import org.deegree.security.drm.model.User;
048 import org.deegree.security.owsrequestvalidator.OWSValidator;
049 import org.deegree.security.owsrequestvalidator.Policy;
050
051 /**
052 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
053 * @author last edited by: $Author: mschneider $
054 *
055 * @version $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18 Jun 2009) $
056 */
057
058 public class CSWValidator extends OWSValidator {
059
060 // private static final String MS_INVALIDREQUEST = Messages.getString( "CSW_INVALIDREQUEST" );
061
062 private static CSWValidator self = null;
063
064 private GetRecordsRequestValidator getRecordValidator;
065
066 // private DescribeRecordTypeRequestValidator describeRecordTypeValidator;
067 private TransactionValidator transactionValidator;
068
069 private GetRecordByIdRequestValidator byIdValidator;
070
071 private GetRecordByIdResponseValidator byIdResValidator;
072
073 private GetRepositoryItemRequestValidator getRepositoryItem;
074
075 /**
076 * @param policy
077 * @param proxyURL
078 */
079 public CSWValidator( Policy policy, String proxyURL ) {
080 super( policy, proxyURL );
081 this.getRepositoryItem = new GetRepositoryItemRequestValidator( policy );
082 this.getRecordValidator = new GetRecordsRequestValidator( policy );
083 // this.describeRecordTypeValidator = new DescribeRecordTypeRequestValidator( policy );
084 this.transactionValidator = new TransactionValidator( policy );
085 this.byIdValidator = new GetRecordByIdRequestValidator( policy );
086 this.byIdResValidator = new GetRecordByIdResponseValidator( policy );
087 }
088
089 /**
090 * returns an instance of <tt>WFSPolicyValidator</tt> --> singleton
091 * <p>
092 * before this method cann be called, WFSPolicyValidator.create(URL) must be called to intialize
093 * the <tt>WFSPolicyValidator</tt> otherwise this method returns <tt>null</tt>
094 *
095 * @return an instance of <tt>WFSPolicyValidator</tt>
096 */
097 public static CSWValidator getInstance() {
098 return self;
099 }
100
101 @Override
102 public void validateRequest( OGCWebServiceRequest request, User user )
103 throws InvalidParameterValueException, UnauthorizedException {
104
105 if ( request instanceof GetCapabilities ) {
106 getCapabilitiesValidator.validateRequest( request, user );
107 } else if ( request instanceof GetRecords ) {
108 getRecordValidator.validateRequest( request, user );
109 } else if ( request instanceof GetRecordById ) {
110 byIdValidator.validateRequest( request, user );
111 } else if ( request instanceof DescribeRecord ) {
112 //always allowed
113 } else if ( request instanceof Transaction ) {
114 transactionValidator.validateRequest( request, user );
115 } else if ( request instanceof GetRepositoryItem ) {
116 getRepositoryItem.validateRequest( request, user );
117 } else {
118 throw new InvalidParameterValueException( "The requested operation is unkwon to the security model, you are therefore not permitted acces." );
119 }
120 }
121
122 @Override
123 public byte[] validateResponse( OGCWebServiceRequest request, byte[] response, String mime,
124 User user )
125 throws InvalidParameterValueException, UnauthorizedException {
126
127 if ( request instanceof GetCapabilities ) {
128 response = getCapabilitiesValidatorR.validateResponse( "CSW", response, mime, user );
129 } else if ( request instanceof GetRecordById ) {
130 response = byIdResValidator.validateResponse( "CSW", response, mime, user );
131 }
132 // TODO responses to other requests
133 return response;
134 }
135 }