001    //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/security/owsrequestvalidator/csw/CSWValidator.java $
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005       Department of Geography, University of Bonn
006     and
007       lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035    ----------------------------------------------------------------------------*/
036    package org.deegree.security.owsrequestvalidator.csw;
037    
038    import org.deegree.ogcwebservices.InvalidParameterValueException;
039    import org.deegree.ogcwebservices.OGCWebServiceRequest;
040    import org.deegree.ogcwebservices.csw.discovery.DescribeRecord;
041    import org.deegree.ogcwebservices.csw.discovery.GetRecordById;
042    import org.deegree.ogcwebservices.csw.discovery.GetRecords;
043    import org.deegree.ogcwebservices.csw.discovery.GetRepositoryItem;
044    import org.deegree.ogcwebservices.csw.manager.Transaction;
045    import org.deegree.ogcwebservices.getcapabilities.GetCapabilities;
046    import org.deegree.security.UnauthorizedException;
047    import org.deegree.security.drm.model.User;
048    import org.deegree.security.owsrequestvalidator.OWSValidator;
049    import org.deegree.security.owsrequestvalidator.Policy;
050    
051    /**
052     * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
053     * @author last edited by: $Author: mschneider $
054     *
055     * @version $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18 Jun 2009) $
056     */
057    
058    public class CSWValidator extends OWSValidator {
059    
060    //    private static final String MS_INVALIDREQUEST = Messages.getString( "CSW_INVALIDREQUEST" );
061    
062        private static CSWValidator self = null;
063    
064        private GetRecordsRequestValidator getRecordValidator;
065    
066        // private DescribeRecordTypeRequestValidator describeRecordTypeValidator;
067        private TransactionValidator transactionValidator;
068    
069        private GetRecordByIdRequestValidator byIdValidator;
070    
071        private GetRecordByIdResponseValidator byIdResValidator;
072    
073        private GetRepositoryItemRequestValidator getRepositoryItem;
074    
075        /**
076         * @param policy
077         * @param proxyURL
078         */
079        public CSWValidator( Policy policy, String proxyURL ) {
080            super( policy, proxyURL );
081            this.getRepositoryItem = new GetRepositoryItemRequestValidator( policy );
082            this.getRecordValidator = new GetRecordsRequestValidator( policy );
083            // this.describeRecordTypeValidator = new DescribeRecordTypeRequestValidator( policy );
084            this.transactionValidator = new TransactionValidator( policy );
085            this.byIdValidator = new GetRecordByIdRequestValidator( policy );
086            this.byIdResValidator = new GetRecordByIdResponseValidator( policy );
087        }
088    
089        /**
090         * returns an instance of <tt>WFSPolicyValidator</tt> --> singleton
091         * <p>
092         * before this method cann be called, WFSPolicyValidator.create(URL) must be called to intialize
093         * the <tt>WFSPolicyValidator</tt> otherwise this method returns <tt>null</tt>
094         *
095         * @return an instance of <tt>WFSPolicyValidator</tt>
096         */
097        public static CSWValidator getInstance() {
098            return self;
099        }
100    
101        @Override
102        public void validateRequest( OGCWebServiceRequest request, User user )
103                                throws InvalidParameterValueException, UnauthorizedException {
104    
105            if ( request instanceof GetCapabilities ) {
106                getCapabilitiesValidator.validateRequest( request, user );
107            } else if ( request instanceof GetRecords ) {
108                getRecordValidator.validateRequest( request, user );
109            } else if ( request instanceof GetRecordById ) {
110                byIdValidator.validateRequest( request, user );
111            } else if ( request instanceof DescribeRecord ) {
112                //always allowed
113            } else if ( request instanceof Transaction ) {
114                transactionValidator.validateRequest( request, user );
115            } else if ( request instanceof GetRepositoryItem ) {
116                getRepositoryItem.validateRequest( request, user );
117            } else {
118                throw new InvalidParameterValueException( "The requested operation is unkwon to the security model, you are therefore not permitted acces." );
119            }
120        }
121    
122        @Override
123        public byte[] validateResponse( OGCWebServiceRequest request, byte[] response, String mime,
124                                        User user )
125                                throws InvalidParameterValueException, UnauthorizedException {
126    
127            if ( request instanceof GetCapabilities ) {
128                response = getCapabilitiesValidatorR.validateResponse( "CSW", response, mime, user );
129            } else if ( request instanceof GetRecordById ) {
130                response = byIdResValidator.validateResponse( "CSW", response, mime, user );
131            }
132            // TODO responses to other requests
133            return response;
134        }
135    }