001 //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/security/owsrequestvalidator/wms/GetLegendGraphicRequestValidator.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.security.owsrequestvalidator.wms;
037
038 import static org.deegree.security.drm.model.RightType.GETLEGENDGRAPHIC;
039
040 import java.net.URL;
041 import java.util.HashMap;
042 import java.util.List;
043 import java.util.Map;
044
045 import org.deegree.datatypes.QualifiedName;
046 import org.deegree.datatypes.Types;
047 import org.deegree.framework.util.StringTools;
048 import org.deegree.framework.xml.XMLParsingException;
049 import org.deegree.graphics.sld.SLDFactory;
050 import org.deegree.model.feature.Feature;
051 import org.deegree.model.feature.FeatureFactory;
052 import org.deegree.model.feature.FeatureProperty;
053 import org.deegree.model.feature.schema.FeatureType;
054 import org.deegree.model.feature.schema.PropertyType;
055 import org.deegree.ogcwebservices.InvalidParameterValueException;
056 import org.deegree.ogcwebservices.OGCWebServiceRequest;
057 import org.deegree.ogcwebservices.wms.operation.GetLegendGraphic;
058 import org.deegree.security.UnauthorizedException;
059 import org.deegree.security.drm.model.User;
060 import org.deegree.security.owsproxy.Condition;
061 import org.deegree.security.owsproxy.OperationParameter;
062 import org.deegree.security.owsproxy.Request;
063 import org.deegree.security.owsrequestvalidator.Messages;
064 import org.deegree.security.owsrequestvalidator.Policy;
065
066 /**
067 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
068 * @author last edited by: $Author: mschneider $
069 *
070 * @version 1.1, $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18 Jun 2009) $
071 *
072 * @since 1.1
073 */
074
075 class GetLegendGraphicRequestValidator extends AbstractWMSRequestValidator {
076
077 // known condition parameter
078 private static final String LAYER = "layers";
079
080 private static final String SLD = "sld";
081
082 private static final String INVALIDSLD = Messages.getString( "GetLegendGraphicRequestValidator.INVALIDSLD" );
083
084 private static final String INVALIDLAYER = Messages.getString( "GetLegendGraphicRequestValidator.INVALIDLAYER" );
085
086 private static final String INVALIDSTYLE = Messages.getString( "GetLegendGraphicRequestValidator.INVALIDSTYLE" );
087
088 private static FeatureType glgFT = null;
089
090 static {
091 if ( glgFT == null ) {
092 glgFT = GetLegendGraphicRequestValidator.createFeatureType();
093 }
094 }
095
096 /**
097 * @param policy
098 */
099 public GetLegendGraphicRequestValidator( Policy policy ) {
100 super( policy );
101 }
102
103 /**
104 * validates the incomming GetLegendGraphic request against the policy assigend to a validator
105 *
106 * @param request
107 * request to validate
108 * @param user
109 * name of the user who likes to perform the request (can be null)
110 */
111 @Override
112 public void validateRequest( OGCWebServiceRequest request, User user )
113 throws InvalidParameterValueException, UnauthorizedException {
114
115 userCoupled = false;
116 Request req = policy.getRequest( "WMS", "GetLegendGraphic" );
117 // request is valid because no restrictions are made
118 if ( req.isAny() || req.getPreConditions().isAny() ) {
119 return;
120 }
121 Condition condition = req.getPreConditions();
122
123 GetLegendGraphic wmsreq = (GetLegendGraphic) request;
124
125 validateVersion( condition, wmsreq.getVersion() );
126 validateLayer( condition, wmsreq.getLayer(), wmsreq.getStyle() );
127 validateExceptions( condition, wmsreq.getExceptions() );
128 validateFormat( condition, wmsreq.getFormat() );
129 validateMaxWidth( condition, wmsreq.getWidth() );
130 validateMaxHeight( condition, wmsreq.getHeight() );
131 validateSLD( condition, wmsreq.getSLD() );
132
133 if ( userCoupled ) {
134 validateAgainstRightsDB( wmsreq, user );
135 }
136
137 }
138
139 /**
140 * validates if the requested layer is valid against the policy/condition. If the passed user <> null this is
141 * checked against the user- and rights-management system/repository
142 *
143 * @param condition
144 * @param layer
145 * @throws InvalidParameterValueException
146 */
147 private void validateLayer( Condition condition, String layer, String style )
148 throws InvalidParameterValueException {
149
150 OperationParameter op = condition.getOperationParameter( LAYER );
151
152 // version is valid because no restrictions are made
153 if ( op.isAny() ) {
154 return;
155 }
156
157 List<String> v = op.getValues();
158
159 // seperate layers from assigned styles
160 Map<String, String> map = new HashMap<String, String>();
161 for ( int i = 0; i < v.size(); i++ ) {
162 String[] tmp = StringTools.toArray( v.get( i ), "|", false );
163 map.put( tmp[0], tmp[1] );
164 }
165
166 String vs = map.get( layer );
167
168 if ( vs == null ) {
169 if ( !op.isUserCoupled() ) {
170 throw new InvalidParameterValueException( INVALIDLAYER + layer );
171 }
172 userCoupled = true;
173 } else if ( !style.equalsIgnoreCase( "default" ) && vs.indexOf( "$any$" ) < 0 && vs.indexOf( style ) < 0 ) {
174 if ( !op.isUserCoupled() ) {
175 // a style is valid for a layer if it's the default style
176 // or the layer accepts any style or a style is explicit defined
177 // to be valid
178 throw new InvalidParameterValueException( INVALIDSTYLE + layer + ':' + style );
179 }
180 userCoupled = true;
181 }
182
183 }
184
185 /**
186 * checks if the passed reference to a SLD document is valid against the defined in the policy. If
187 * <tt>user</ff> != <tt>null</tt> the valid sld reference addresses will be read from the user/rights repository
188 *
189 * @param condition
190 * condition containing the definition of the valid sldRef
191 * @param sldRef
192 * @throws InvalidParameterValueException
193 */
194 private void validateSLD( Condition condition, URL sldRef )
195 throws InvalidParameterValueException {
196
197 OperationParameter op = condition.getOperationParameter( SLD );
198
199 if ( op == null && sldRef != null ) {
200 throw new InvalidParameterValueException( INVALIDSLD + sldRef );
201 }
202
203 // sldRef is valid because no restrictions are made
204 if ( sldRef == null || op.isAny() )
205 return;
206
207 List<String> list = op.getValues();
208 String port = null;
209 if ( sldRef.getPort() != -1 ) {
210 port = ":" + sldRef.getPort();
211 } else {
212 port = ":80";
213 }
214 String addr = sldRef.getProtocol() + "://" + sldRef.getHost() + port;
215 if ( !list.contains( addr ) ) {
216 if ( !op.isUserCoupled() ) {
217 throw new InvalidParameterValueException( INVALIDSLD + sldRef );
218 }
219 userCoupled = true;
220 }
221
222 try {
223 SLDFactory.createSLD( sldRef );
224 } catch ( XMLParsingException e ) {
225 String s = org.deegree.i18n.Messages.getMessage( "WMS_SLD_IS_NOT_VALID", sldRef );
226 throw new InvalidParameterValueException( s );
227 }
228 }
229
230 /**
231 * validates the passed WMS GetMap request against a User- and Rights-Management DB.
232 *
233 * @param wmsreq
234 * @throws InvalidParameterValueException
235 */
236 private void validateAgainstRightsDB( GetLegendGraphic wmsreq, User user )
237 throws InvalidParameterValueException, UnauthorizedException {
238
239 if ( user == null ) {
240 throw new UnauthorizedException( "no access to anonymous user" );
241 }
242
243 // create feature that describes the map request
244 FeatureProperty[] fps = new FeatureProperty[7];
245 fps[0] = FeatureFactory.createFeatureProperty( new QualifiedName( "version" ), wmsreq.getVersion() );
246 fps[1] = FeatureFactory.createFeatureProperty( new QualifiedName( "width" ), new Integer( wmsreq.getWidth() ) );
247 fps[2] = FeatureFactory.createFeatureProperty( new QualifiedName( "height" ), new Integer( wmsreq.getHeight() ) );
248 fps[3] = FeatureFactory.createFeatureProperty( new QualifiedName( "format" ), wmsreq.getFormat() );
249 fps[4] = FeatureFactory.createFeatureProperty( new QualifiedName( "exceptions" ), wmsreq.getExceptions() );
250 fps[5] = FeatureFactory.createFeatureProperty( new QualifiedName( "sld" ), wmsreq.getSLD() );
251 fps[6] = FeatureFactory.createFeatureProperty( new QualifiedName( "style" ), wmsreq.getStyle() );
252 Feature feature = FeatureFactory.createFeature( "id", glgFT, fps );
253 if ( securityConfig.getProxiedUrl() == null ) {
254 handleUserCoupledRules( user, feature, wmsreq.getLayer(), "Layer", GETLEGENDGRAPHIC );
255 } else {
256 handleUserCoupledRules( user, feature, "[" + securityConfig.getProxiedUrl() + "]:" + wmsreq.getLayer(),
257 "Layer", GETLEGENDGRAPHIC );
258 }
259
260 }
261
262 /**
263 * creates a feature type that matches the parameters of a GetLagendGraphic request
264 *
265 * @return created <tt>FeatureType</tt>
266 */
267 private static FeatureType createFeatureType() {
268 PropertyType[] ftps = new PropertyType[7];
269 ftps[0] = FeatureFactory.createSimplePropertyType( new QualifiedName( "version" ), Types.VARCHAR, false );
270 ftps[1] = FeatureFactory.createSimplePropertyType( new QualifiedName( "width" ), Types.INTEGER, false );
271 ftps[2] = FeatureFactory.createSimplePropertyType( new QualifiedName( "height" ), Types.INTEGER, false );
272 ftps[3] = FeatureFactory.createSimplePropertyType( new QualifiedName( "format" ), Types.VARCHAR, false );
273 ftps[4] = FeatureFactory.createSimplePropertyType( new QualifiedName( "exceptions" ), Types.VARCHAR, false );
274 ftps[5] = FeatureFactory.createSimplePropertyType( new QualifiedName( "sld" ), Types.VARCHAR, false );
275 ftps[6] = FeatureFactory.createSimplePropertyType( new QualifiedName( "style" ), Types.VARCHAR, false );
276
277 return FeatureFactory.createFeatureType( "GetLegendGraphic", false, ftps );
278 }
279
280 }