001: //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/security/owsrequestvalidator/wfs/DescribeFeatureTypeRequestValidator.java $
002: /*---------------- FILE HEADER ------------------------------------------
003:
004: This file is part of deegree.
005: Copyright (C) 2001-2008 by:
006: EXSE, Department of Geography, University of Bonn
007: http://www.giub.uni-bonn.de/deegree/
008: lat/lon GmbH
009: http://www.lat-lon.de
010:
011: This library is free software; you can redistribute it and/or
012: modify it under the terms of the GNU Lesser General Public
013: License as published by the Free Software Foundation; either
014: version 2.1 of the License, or (at your option) any later version.
015:
016: This library is distributed in the hope that it will be useful,
017: but WITHOUT ANY WARRANTY; without even the implied warranty of
018: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: Lesser General Public License for more details.
020:
021: You should have received a copy of the GNU Lesser General Public
022: License along with this library; if not, write to the Free Software
023: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024:
025: Contact:
026:
027: Andreas Poth
028: lat/lon GmbH
029: Aennchenstr. 19
030: 53115 Bonn
031: Germany
032: E-Mail: poth@lat-lon.de
033:
034: Prof. Dr. Klaus Greve
035: Department of Geography
036: University of Bonn
037: Meckenheimer Allee 166
038: 53115 Bonn
039: Germany
040: E-Mail: greve@giub.uni-bonn.de
041:
042: ---------------------------------------------------------------------------*/
043: package org.deegree.security.owsrequestvalidator.wfs;
044:
045: import java.util.List;
046:
047: import org.deegree.datatypes.QualifiedName;
048: import org.deegree.datatypes.Types;
049: import org.deegree.framework.log.ILogger;
050: import org.deegree.framework.log.LoggerFactory;
051: import org.deegree.i18n.Messages;
052: import org.deegree.model.feature.Feature;
053: import org.deegree.model.feature.FeatureFactory;
054: import org.deegree.model.feature.FeatureProperty;
055: import org.deegree.model.feature.schema.FeatureType;
056: import org.deegree.model.feature.schema.PropertyType;
057: import org.deegree.ogcwebservices.InvalidParameterValueException;
058: import org.deegree.ogcwebservices.OGCWebServiceRequest;
059: import org.deegree.ogcwebservices.wfs.operation.DescribeFeatureType;
060: import org.deegree.portal.standard.security.control.ClientHelper;
061: import org.deegree.security.UnauthorizedException;
062: import org.deegree.security.drm.model.RightType;
063: import org.deegree.security.drm.model.User;
064: import org.deegree.security.owsproxy.Condition;
065: import org.deegree.security.owsproxy.OperationParameter;
066: import org.deegree.security.owsproxy.Request;
067: import org.deegree.security.owsrequestvalidator.Policy;
068:
069: /**
070: *
071: *
072: *
073: * @version $Revision: 10573 $
074: * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
075: * @author last edited by: $Author: rbezema $
076: *
077: * @version 1.0. $Revision: 10573 $, $Date: 2008-03-13 02:44:08 -0700 (Thu, 13 Mar 2008) $
078: *
079: * @since 2.0
080: */
081: class DescribeFeatureTypeRequestValidator extends
082: AbstractWFSRequestValidator {
083:
084: private static final ILogger LOG = LoggerFactory
085: .getLogger(DescribeFeatureTypeRequestValidator.class);
086:
087: // known condition parameter
088: private static final String FORMAT = "format";
089:
090: private static FeatureType gfFT = null;
091:
092: static {
093: if (gfFT == null) {
094: gfFT = DescribeFeatureTypeRequestValidator
095: .createFeatureType();
096: }
097: }
098:
099: /**
100: * @param policy
101: */
102: public DescribeFeatureTypeRequestValidator(Policy policy) {
103: super (policy);
104: }
105:
106: @Override
107: public void validateRequest(OGCWebServiceRequest request, User user)
108: throws InvalidParameterValueException,
109: UnauthorizedException {
110: userCoupled = false;
111: Request req = policy.getRequest("WFS", "DescribeFeatureType");
112:
113: if (req == null) {
114: LOG
115: .logWarning("Did you define a DescribeFeatureType section in your WFS policy file?");
116: }
117:
118: // request is valid because no restrictions are made
119: if (req.isAny())
120: return;
121: Condition condition = req.getPreConditions();
122:
123: DescribeFeatureType wfsreq = (DescribeFeatureType) request;
124:
125: validateVersion(condition, wfsreq.getVersion());
126:
127: QualifiedName[] typeNames = wfsreq.getTypeNames();
128: String[] ft = new String[typeNames.length];
129: for (int i = 0; i < ft.length; i++) {
130: StringBuffer sb = new StringBuffer(200);
131: sb.append('{').append(
132: typeNames[i].getNamespace().toASCIIString());
133: sb.append("}:").append(typeNames[i].getLocalName());
134: ft[i] = sb.toString();
135: }
136: validateFeatureTypes(condition, ft);
137: validateFormat(condition, wfsreq.getOutputFormat());
138:
139: if (userCoupled) {
140: validateAgainstRightsDB(wfsreq, user);
141: }
142: }
143:
144: /**
145: * valides if the format you in a GetFeature request is valid against the policy assigned to
146: * Validator. If the passed user is not <tt>null</tt> and the format parameter is user coupled
147: * the format will be validated against a users and rights management system.
148: *
149: * @param condition
150: * @param format
151: * @throws InvalidParameterValueException
152: */
153: private void validateFormat(Condition condition, String format)
154: throws InvalidParameterValueException {
155: OperationParameter op = condition.getOperationParameter(FORMAT);
156:
157: // version is valid because no restrictions are made
158: if (op.isAny())
159: return;
160:
161: List<String> validLayers = op.getValues();
162: if (op.isUserCoupled()) {
163: userCoupled = true;
164: } else {
165: if (!validLayers.contains(format)) {
166: String s = Messages.getMessage(
167: "OWSPROXY_DESCRIBEFEATURETYPE_FORMAT", format);
168: throw new InvalidParameterValueException(s);
169: }
170: }
171:
172: }
173:
174: /**
175: * validates the passed WMS GetMap request against a User- and Rights-Management DB.
176: *
177: * @param wfsreq
178: * @param user
179: * @throws InvalidParameterValueException
180: */
181: private void validateAgainstRightsDB(DescribeFeatureType wfsreq,
182: User user) throws InvalidParameterValueException,
183: UnauthorizedException {
184:
185: if (user == null) {
186: throw new UnauthorizedException(
187: "no access to anonymous user");
188: }
189:
190: // create feature that describes the map request
191: FeatureProperty[] fps = new FeatureProperty[2];
192: fps[0] = FeatureFactory.createFeatureProperty(
193: new QualifiedName("version"), wfsreq.getVersion());
194: fps[1] = FeatureFactory.createFeatureProperty(
195: new QualifiedName("outputformat"), wfsreq
196: .getOutputFormat());
197:
198: Feature feature = FeatureFactory.createFeature("id", gfFT, fps);
199: QualifiedName[] typeNames = wfsreq.getTypeNames();
200: for (int i = 0; i < typeNames.length; i++) {
201: StringBuffer sb = new StringBuffer(200);
202: sb.append('{').append(
203: typeNames[i].getNamespace().toASCIIString());
204: sb.append("}:").append(typeNames[i].getLocalName());
205: LOG
206: .logDebug(
207: "validating feature type (DESCRIBEFEATURETYPE) against rights database: ",
208: sb);
209: handleUserCoupledRules(user, feature, sb.toString(),
210: ClientHelper.TYPE_FEATURETYPE,
211: RightType.DESCRIBEFEATURETYPE);
212: }
213:
214: }
215:
216: /**
217: * creates a feature type that matches the parameters of a GetLagendGraphic request
218: *
219: * @return created <tt>FeatureType</tt>
220: */
221: private static FeatureType createFeatureType() {
222: PropertyType[] ftps = new PropertyType[2];
223: ftps[0] = FeatureFactory.createSimplePropertyType(
224: new QualifiedName("version"), Types.VARCHAR, false);
225: ftps[1] = FeatureFactory
226: .createSimplePropertyType(new QualifiedName(
227: "outputformat"), Types.VARCHAR, false);
228:
229: return FeatureFactory.createFeatureType("DescribeFeatureType",
230: false, ftps);
231: }
232:
233: }
|