001 //$HeadURL: svn+ssh://developername@svn.wald.intevation.org/deegree/base/trunk/resources/eclipse/files_template.xml $ 002 /*---------------------------------------------------------------------------- 003 This file is part of deegree, http://deegree.org/ 004 Copyright (C) 2001-2009 by: 005 - Department of Geography, University of Bonn - 006 and 007 - lat/lon GmbH - 008 009 This library is free software; you can redistribute it and/or modify it under 010 the terms of the GNU Lesser General Public License as published by the Free 011 Software Foundation; either version 2.1 of the License, or (at your option) 012 any later version. 013 This library is distributed in the hope that it will be useful, but WITHOUT 014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 016 details. 017 You should have received a copy of the GNU Lesser General Public License 018 along with this library; if not, write to the Free Software Foundation, Inc., 019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 020 021 Contact information: 022 023 lat/lon GmbH 024 Aennchenstr. 19, 53177 Bonn 025 Germany 026 http://lat-lon.de/ 027 028 Department of Geography, University of Bonn 029 Prof. Dr. Klaus Greve 030 Postfach 1147, 53001 Bonn 031 Germany 032 http://www.geographie.uni-bonn.de/deegree/ 033 034 e-mail: info@deegree.org 035 ----------------------------------------------------------------------------*/ 036 package org.deegree.portal.cataloguemanager.servlet; 037 038 import java.io.IOException; 039 import java.net.URI; 040 041 import javax.servlet.Filter; 042 import javax.servlet.FilterChain; 043 import javax.servlet.FilterConfig; 044 import javax.servlet.ServletException; 045 import javax.servlet.ServletRequest; 046 import javax.servlet.ServletResponse; 047 import javax.servlet.http.HttpServletRequest; 048 049 import org.deegree.datatypes.QualifiedName; 050 import org.deegree.enterprise.servlet.ServletRequestWrapper; 051 import org.deegree.framework.log.ILogger; 052 import org.deegree.framework.log.LoggerFactory; 053 import org.deegree.framework.xml.XMLFragment; 054 import org.deegree.model.filterencoding.ComplexFilter; 055 import org.deegree.model.filterencoding.Expression; 056 import org.deegree.model.filterencoding.Operation; 057 import org.deegree.model.filterencoding.OperationDefines; 058 import org.deegree.model.filterencoding.PropertyIsNullOperation; 059 import org.deegree.model.filterencoding.PropertyName; 060 import org.deegree.ogcwebservices.OGCRequestFactory; 061 import org.deegree.ogcwebservices.OGCWebServiceException; 062 import org.deegree.ogcwebservices.OGCWebServiceRequest; 063 import org.deegree.ogcwebservices.csw.discovery.GetRecords; 064 import org.deegree.ogcwebservices.csw.discovery.Query; 065 import org.deegree.ogcwebservices.csw.discovery.XMLFactory; 066 import org.deegree.ogcwebservices.csw.manager.Transaction; 067 068 /** 069 * TODO add class documentation here 070 * 071 * @author <a href="mailto:name@deegree.org">Andreas Poth</a> 072 * @author last edited by: $Author: admin $ 073 * 074 * @version $Revision: $, $Date: $ 075 */ 076 public class SimpleCSWFilter implements Filter { 077 078 private static ILogger LOG = LoggerFactory.getLogger( SimpleCSWFilter.class ); 079 080 /* 081 * (non-Javadoc) 082 * 083 * @see javax.servlet.Filter#destroy() 084 */ 085 public void destroy() { 086 // TODO Auto-generated method stub 087 } 088 089 /* 090 * (non-Javadoc) 091 * 092 * @see javax.servlet.Filter#init(javax.servlet.FilterConfig) 093 */ 094 public void init( FilterConfig config ) 095 throws ServletException { 096 // TODO Auto-generated method stub 097 } 098 099 /* 100 * (non-Javadoc) 101 * 102 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, 103 * javax.servlet.FilterChain) 104 */ 105 public void doFilter( ServletRequest req, ServletResponse res, FilterChain chain ) 106 throws IOException, ServletException { 107 108 String userName = null; 109 if ( ( (HttpServletRequest) req ).getUserPrincipal() != null ) { 110 userName = ( (HttpServletRequest) req ).getUserPrincipal().getName(); 111 } 112 LOG.logInfo( "user name: ", userName ); 113 if ( "cmEditor".equals( userName ) || "cmAdmin".equals( userName ) ) { 114 chain.doFilter( req, res ); 115 } else { 116 ServletRequestWrapper requestWrapper = null; 117 118 if ( req instanceof ServletRequestWrapper ) { 119 LOG.logDebug( "OWSProxySerlvetFilter: the incoming request is actually an org.deegree.enterprise.servlet.RequestWrapper, so not creating new instance." ); 120 requestWrapper = (ServletRequestWrapper) req; 121 } else { 122 requestWrapper = new ServletRequestWrapper( (HttpServletRequest) req ); 123 } 124 LOG.logDebug( "ConfigurableOWSProxyServletFilter: GetContentype(): " + requestWrapper.getContentType() ); 125 126 OGCWebServiceRequest owsReq = null; 127 try { 128 owsReq = OGCRequestFactory.create( requestWrapper ); 129 } catch ( OGCWebServiceException e ) { 130 LOG.logError( "OWSProxyServletFilter: Couln't create an OGCWebserviceRequest because: " 131 + e.getMessage(), e ); 132 throw new ServletException( e.getMessage() ); 133 } 134 if ( owsReq instanceof Transaction ) { 135 throw new ServletException( "user: " + userName + " is not allowed to perform CSW transactions" ); 136 } else if ( owsReq instanceof GetRecords && !"cmUser".equals( userName ) && !"cmEditor".equals( userName ) 137 && !"cmAdmin".equals( userName ) ) { 138 //owsReq = addFilter( (GetRecords) owsReq ); 139 } 140 141 try { 142 XMLFragment doc = null; 143 if ( owsReq instanceof Transaction ) { 144 doc = org.deegree.ogcwebservices.csw.manager.XMLFactory.export( (Transaction) owsReq ); 145 } else if ( owsReq instanceof GetRecords ) { 146 doc = XMLFactory.exportWithVersion( (GetRecords) owsReq ); 147 } 148 if ( doc != null ) { 149 requestWrapper.setInputStreamAsByteArray( doc.getAsString().getBytes() ); 150 } 151 } catch ( Exception e ) { 152 throw new ServletException( e ); 153 } 154 chain.doFilter( requestWrapper, res ); 155 } 156 } 157 158 private GetRecords addFilter( GetRecords casreq ) { 159 Query query = casreq.getQuery(); 160 ComplexFilter qFilter = (ComplexFilter) query.getContraint(); 161 QualifiedName qn = new QualifiedName( "AccessConstraints", 162 URI.create( "http://www.opengis.net/cat/csw/apiso/1.0" ) ); 163 Expression exp1 = new PropertyName( qn ); 164 165 Operation op = new PropertyIsNullOperation( (PropertyName) exp1 ); 166 org.deegree.model.filterencoding.Filter filter = new ComplexFilter( op ); 167 if ( qFilter instanceof ComplexFilter ) { 168 filter = new ComplexFilter( qFilter, (ComplexFilter) filter, OperationDefines.AND ); 169 } 170 171 // substitue query by a new one using the re-created filter 172 query = new Query( query.getElementSetName(), query.getElementSetNameTypeNamesList(), 173 query.getElementSetNameVariables(), query.getElementNamesAsPropertyPaths(), filter, 174 query.getSortProperties(), query.getTypeNamesAsList(), query.getDeclaredTypeNameVariables() ); 175 176 casreq.setQuery( query ); 177 178 // if ( LOG.getLevel() == ILogger.LOG_DEBUG ) { 179 // try { 180 // XMLFactory.export( casreq ).prettyPrint( System.out ); 181 // } catch ( Exception e ) { 182 // } 183 // } 184 try { 185 XMLFactory.export( casreq ).prettyPrint( System.out ); 186 } catch ( Exception e ) { 187 } 188 return casreq; 189 } 190 }