001    //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/portal/standard/security/control/InitServiceRightsEditorListener.java $
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005     Department of Geography, University of Bonn
006     and
007     lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035     ----------------------------------------------------------------------------*/
036    package org.deegree.portal.standard.security.control;
037    
038    import java.util.LinkedList;
039    import java.util.ListIterator;
040    
041    import javax.servlet.ServletRequest;
042    
043    import org.deegree.enterprise.control.AbstractListener;
044    import org.deegree.enterprise.control.FormEvent;
045    import org.deegree.enterprise.control.RPCException;
046    import org.deegree.enterprise.control.RPCMethodCall;
047    import org.deegree.enterprise.control.RPCParameter;
048    import org.deegree.enterprise.control.RPCWebEvent;
049    import org.deegree.framework.log.ILogger;
050    import org.deegree.framework.log.LoggerFactory;
051    import org.deegree.i18n.Messages;
052    import org.deegree.security.GeneralSecurityException;
053    import org.deegree.security.drm.SecurityAccess;
054    import org.deegree.security.drm.model.RightType;
055    import org.deegree.security.drm.model.Role;
056    import org.deegree.security.drm.model.Service;
057    import org.deegree.security.drm.model.User;
058    
059    /**
060     * This <code>Listener</code> reacts on RPC-EditRole events, extracts the submitted role-id and passes the role + known
061     * securable objects on the JSP.
062     * <p>
063     * Access constraints:
064     * <ul>
065     * <li>only users that have the 'SEC_ADMIN'-role are allowed</li>
066     * </ul>
067     * 
068     * @author <a href="mschneider@lat-lon.de">Markus Schneider</a>
069     * @author last edited by: $Author: aschmitz $
070     * 
071     * @version $Revision: 25490 $, $Date: 2010-07-26 11:47:34 +0200 (Mo, 26 Jul 2010) $
072     */
073    public class InitServiceRightsEditorListener extends AbstractListener {
074    
075        private static final ILogger LOG = LoggerFactory.getLogger( InitServiceRightsEditorListener.class );
076    
077        @Override
078        public void actionPerformed( FormEvent event ) {
079            ServletRequest request = getRequest();
080            try {
081                // perform access check
082                SecurityAccess access = SecurityHelper.acquireAccess( this );
083                SecurityHelper.checkForAdminRole( access );
084                User user = access.getUser();
085    
086                RPCWebEvent ev = (RPCWebEvent) event;
087                RPCMethodCall rpcCall = ev.getRPCMethodCall();
088                RPCParameter[] params = rpcCall.getParameters();
089    
090                if ( params.length != 1 ) {
091                    throw new RPCException( Messages.getMessage( "IGEO_STD_SEC_WRONG_PARAM_NUM" ) );
092                }
093                if ( params[0].getType() != String.class ) {
094                    throw new RPCException( Messages.getMessage( "IGEO_STD_SEC_MISSING_STRING" ) );
095                }
096                int roleId = -1;
097                try {
098                    roleId = Integer.parseInt( (String) params[0].getValue() );
099                } catch ( NumberFormatException e ) {
100                    throw new RPCException( Messages.getMessage( "IGEO_STD_SEC_WRONG_ROLE_VALUE" ) );
101                }
102    
103                // get Role to be edited
104                Role role = access.getRoleById( roleId );
105    
106                // check if user has the right to update the role
107                if ( !user.hasRight( access, RightType.UPDATE, role ) ) {
108                    throw new GeneralSecurityException( Messages.getMessage( "IGEO_STD_SEC_MISSING_RIGHT", role.getName() ) );
109                }
110    
111                LinkedList<Service> services = access.getRolesServices( role );
112                LinkedList<Service> otherServices = access.getAllServices();
113                ListIterator<Service> iter = otherServices.listIterator();
114                while ( iter.hasNext() ) {
115                    Service s = iter.next();
116                    if ( services.contains( s ) ) {
117                        iter.remove();
118                    }
119                }
120                request.setAttribute( "SELECTED_SERVICES", services );
121                request.setAttribute( "AVAILABLE_SERVICES", otherServices );
122                request.setAttribute( "ROLE", role );
123            } catch ( RPCException e ) {
124                LOG.logError( e.getMessage(), e );
125                request.setAttribute( "SOURCE", this.getClass().getName() );
126                request.setAttribute( "MESSAGE", Messages.getMessage( "IGEO_STD_SEC_ERROR_RIGHTSEDITOR_REQUEST",
127                                                                      e.getMessage() ) );
128                setNextPage( "error.jsp" );
129            } catch ( GeneralSecurityException e ) {
130                LOG.logError( e.getMessage(), e );
131                request.setAttribute( "SOURCE", this.getClass().getName() );
132                request.setAttribute( "MESSAGE", Messages.getMessage( "IGEO_STD_SEC_ERROR_RIGHTSEDITOR", e.getMessage() ) );
133                setNextPage( "error.jsp" );
134            } catch ( Exception e ) {
135                LOG.logError( e.getMessage(), e );
136            }
137    
138        }
139    
140    }