001: /* Copyright 2001 The JA-SIG Collaborative. All rights reserved.
002: * See license distributed with this file and
003: * available online at http://www.uportal.org/license.html
004: */
005:
006: package org.jasig.portal.channels.permissionsmanager;
007:
008: import java.util.ArrayList;
009: import java.util.Calendar;
010: import java.util.Enumeration;
011:
012: import org.jasig.portal.ChannelCacheKey;
013: import org.jasig.portal.ChannelRuntimeData;
014: import org.jasig.portal.ChannelRuntimeProperties;
015: import org.jasig.portal.ICacheable;
016: import org.jasig.portal.IChannel;
017: import org.jasig.portal.PortalException;
018: import org.jasig.portal.channels.groupsmanager.CGroupsManagerServantFactory;
019: import org.jasig.portal.groups.IEntityGroup;
020: import org.jasig.portal.groups.IGroupMember;
021: import org.jasig.portal.security.IAuthorizationPrincipal;
022: import org.jasig.portal.security.IPermissionManager;
023: import org.jasig.portal.services.AuthorizationService;
024: import org.jasig.portal.services.GroupService;
025: import org.apache.commons.logging.Log;
026: import org.apache.commons.logging.LogFactory;
027: import org.jasig.portal.utils.XSLT;
028: import org.w3c.dom.Element;
029:
030: /**
031: * CPermissionsManager allows graphical administration of permissions for all owners
032: * that have a representative implementation of IPermissible recorded in the table
033: * UPC_PERM_MGR
034: *
035: * @author Alex Vigdor
036: * @version $Revision: 36568 $
037: */
038: public class CPermissionsManager implements IChannel, ICacheable {
039: private static final Log log = LogFactory
040: .getLog(CPermissionsManager.class);
041:
042: protected PermissionsSessionData session;
043: protected final String sslLocation = "CPermissionsManager.ssl";
044:
045: /**
046: * put your documentation comment here
047: */
048: public CPermissionsManager() {
049: }
050:
051: /**
052: * put your documentation comment here
053: * @param rD
054: */
055: public void setRuntimeData(org.jasig.portal.ChannelRuntimeData rD) {
056: session.startRD = Calendar.getInstance().getTime().getTime();
057: session.runtimeData = rD;
058: log.debug("PermissionsManager - setting runtime data");
059: // test if servant exists and has finished
060: if (session.servant != null) {
061: try {
062: ((IChannel) session.servant).setRuntimeData(rD);
063: if (session.servant.isFinished()) {
064: getGroupServantResults(session);
065: }
066: } catch (Exception e) {
067: log.error(e, e);
068: }
069: }
070:
071: String prmCommand = session.runtimeData
072: .getParameter("prmCommand");
073: if (prmCommand != null) {
074: IPermissionCommand pc = CommandFactory.get(prmCommand);
075: if (pc != null) {
076: try {
077: pc.execute(session);
078: } catch (Exception e) {
079: log.error("Error executing command [" + prmCommand
080: + "]", e);
081: session.runtimeData.setParameter("commandResponse",
082: "Error executing command " + prmCommand
083: + ": " + e.getMessage());
084: }
085: }
086: }
087:
088: if ((!session.gotOwners)) {
089: session.view = "Select Owners";
090: }
091: if ((session.gotOwners) && (!session.gotActivities)) {
092: PermissionsXML.autoSelectSingleChoice(session, "activity");
093: session.view = "Select Activities";
094: }
095: if (session.gotActivities && !session.gotTargets) {
096: PermissionsXML.autoSelectSingleChoice(session, "target");
097: session.view = "Select Targets";
098: }
099: if (session.gotTargets && (session.principals == null)) {
100: log.debug("PermissionsManager - Checking Servant");
101: prepServant(session);
102: }
103: if (session.principals != null) {
104: if (session.staticData.getParameter("prmView") != null) {
105: session.view = session.staticData
106: .getParameter("prmView");
107: session.staticData.remove("prmView");
108: } else if (session.runtimeData.getParameter("prmView") != null) {
109: session.view = session.runtimeData
110: .getParameter("prmView");
111: } else if (!session.view.startsWith("Assign")) {
112: session.view = "Assign By Principal";
113: }
114: }
115: }
116:
117: protected void prepServant(PermissionsSessionData session) {
118: try {
119: if (session.servant == null) {
120:
121: // get a different version of the servant depnding on whether Owners have been retrieved
122: if (!session.gotOwners) {
123: log
124: .debug("PermissionsManager - creating new basic Servant");
125: session.servant = CGroupsManagerServantFactory
126: .getGroupsServantforSelection(
127: session.staticData,
128: "Select principals you would like to assign permissions to",
129: GroupService.EVERYONE);
130: } else {
131: // build an array of groupmembers for pre-selection
132: log
133: .debug("PermissionsManager - creating new pre-selecting Servant");
134: ArrayList gmembers = new ArrayList();
135: Element[] owners = PermissionsXML
136: .getSelectedOwners(session);
137: for (int j = 0; j < owners.length; j++) {
138: if (log.isDebugEnabled())
139: log.debug("analyzing owner "
140: + owners[j].getAttribute("name"));
141: String ownerKey = owners[j]
142: .getAttribute("token");
143: IPermissionManager pm = AuthorizationService
144: .instance().newPermissionManager(
145: ownerKey);
146: String[] acts = null;
147: if (session.gotActivities) {
148: acts = PermissionsXML
149: .getSelectedActivities(session,
150: owners[j]);
151: }
152: String[] tgts = null;
153: if (session.gotTargets) {
154: tgts = PermissionsXML.getSelectedTargets(
155: session, owners[j]);
156: }
157:
158: if (acts != null) {
159: for (int a = 0; a < acts.length; a++) {
160: if (tgts != null) {
161: for (int t = 0; t < tgts.length; t++) {
162: populateMembers(
163: gmembers,
164: pm
165: .getAuthorizedPrincipals(
166: acts[a],
167: tgts[t]));
168: }
169: } else {
170: populateMembers(gmembers, pm
171: .getAuthorizedPrincipals(
172: acts[a], null));
173: }
174: }
175: } else {
176: if (tgts != null) {
177: for (int t = 0; t < tgts.length; t++) {
178: populateMembers(gmembers, pm
179: .getAuthorizedPrincipals(
180: null, tgts[t]));
181: }
182: } else {
183: populateMembers(gmembers, pm
184: .getAuthorizedPrincipals(null,
185: null));
186: }
187: }
188:
189: // use pre-populated list to get servant
190: session.servant = CGroupsManagerServantFactory
191: .getGroupsServantforSelection(
192: session.staticData,
193: "You may view principals with existing permissions on the items you have selected by clicking \"Done\", or use the select and deselect buttons to add or remove principals for whom you would like to view/assign permissions",
194: GroupService.EVERYONE,
195: true,
196: true,
197: (IGroupMember[]) gmembers
198: .toArray(new IGroupMember[0]));
199: }
200: }
201: ChannelRuntimeData servantRD = (ChannelRuntimeData) session.runtimeData
202: .clone();
203: Enumeration srd = servantRD.keys();
204: // clear out runtimeData in case of chained Group servant creation
205: while (srd.hasMoreElements()) {
206: servantRD.remove(srd.nextElement());
207: }
208: ((IChannel) session.servant).setRuntimeData(servantRD);
209: session.view = "Select Principals";
210: } else {
211: log
212: .debug("PermissionsManager - using existing Servant");
213: }
214:
215: } catch (Exception e) {
216: log.error(e, e);
217: }
218: }
219:
220: protected void populateMembers(ArrayList gmembers,
221: IAuthorizationPrincipal[] aps) {
222: if (log.isDebugEnabled())
223: log
224: .debug("PermissionsManager.PopulateMembers(): checking principal set of size"
225: + aps.length);
226: for (int a = 0; a < aps.length; a++) {
227: try {
228: IGroupMember agm = AuthorizationService.instance()
229: .getGroupMember(aps[a]);
230: if (log.isDebugEnabled())
231: log
232: .debug("PermissionsManager.PopulateMembers(): checking whether "
233: + agm.getType()
234: + "."
235: + agm.getKey()
236: + " needs to be added");
237: if (!gmembers.contains(agm)) {
238: gmembers.add(agm);
239: }
240: } catch (Exception e) {
241: log.error(e, e);
242: }
243: }
244: }
245:
246: protected void getGroupServantResults(PermissionsSessionData session) {
247: try {
248: log.debug("PermissionsManager - Getting servant results");
249: Object[] results = session.servant.getResults();
250: if (results != null && results.length > 0) {
251: IAuthorizationPrincipal[] iap = new IAuthorizationPrincipal[results.length];
252: for (int i = 0; i < results.length; i++) {
253: IGroupMember gm = (IGroupMember) results[i];
254: iap[i] = AuthorizationService.instance()
255: .newPrincipal(gm);
256: }
257: session.principals = iap;
258: log
259: .debug("PermissionsManager - Getting rid of Servant");
260: session.servant = null;
261: PermissionsXML.populatePrincipals(session);
262: } else {
263: log
264: .debug("PermissionsManager - Group Servant yielded no results, assuming abort and running Cancel");
265: IPermissionCommand cmd = CommandFactory.get("Cancel");
266: cmd.execute(session);
267: //session.isFinished=true;
268: //session.runtimeData.setParameter("commandResponse", "You must select at least once principal to continue");
269: }
270: } catch (Exception e) {
271: log.error(e, e);
272: }
273: }
274:
275: /**
276: * put your documentation comment here
277: * @param portalEvent
278: */
279: public void receiveEvent(org.jasig.portal.PortalEvent portalEvent) {
280: }
281:
282: /**
283: * put your documentation comment here
284: * @return a new <code>ChannelRuntimeProperties</code>
285: */
286: public org.jasig.portal.ChannelRuntimeProperties getRuntimeProperties() {
287: return new ChannelRuntimeProperties();
288: }
289:
290: /**
291: * put your documentation comment here
292: * @param out
293: */
294: public void renderXML(org.xml.sax.ContentHandler out)
295: throws PortalException {
296: long time1 = Calendar.getInstance().getTime().getTime();
297: if (session.view.equals("Select Principals")
298: && session.isAuthorized) {
299: log.debug("PermissionsManager - Calling servant renderXML");
300: //IChannel servant = (IChannel)staticData.get("prmServant");
301: ((IChannel) session.servant).renderXML(out);
302:
303: }
304: if (!session.view.equals("Select Principals")
305: || !session.isAuthorized) {
306: long time2 = Calendar.getInstance().getTime().getTime();
307: XSLT xslt = XSLT.getTransformer(this , session.runtimeData
308: .getLocales());
309: xslt.setXML(PermissionsXML.getViewDoc(session));
310: xslt.setTarget(out);
311: xslt.setStylesheetParameter("baseActionURL",
312: session.runtimeData.getBaseActionURL());
313: xslt.setStylesheetParameter("prmView", session.view);
314: if (session.runtimeData.get("commandResponse") != null) {
315: xslt.setStylesheetParameter("commandResponse",
316: session.runtimeData
317: .getParameter("commandResponse"));
318: }
319: xslt.setXSL(sslLocation, "CPermissions",
320: session.runtimeData.getBrowserInfo());
321: transform(xslt);
322: if (log.isDebugEnabled()) {
323: long time3 = Calendar.getInstance().getTime().getTime();
324: log.debug("CPermissionsManager timer: "
325: + String.valueOf((time3 - time1))
326: + " ms total, xsl took "
327: + String.valueOf((time3 - time2))
328: + " ms for view " + session.view);
329: log.debug("CPermissionsManager timer: "
330: + String.valueOf((time3 - session.startRD))
331: + " since start RD");
332: }
333:
334: }
335: }
336:
337: /**
338: * put your documentation comment here
339: * @param xslt
340: */
341: protected void transform(XSLT xslt) throws PortalException {
342: // TODO need to commit this change to CVS
343: // fixed so exception will be shown if there is an error in the xslt transform
344: if (session.isAuthorized) {
345: xslt.setStylesheetParameter("isAdminUser", "true");
346: }
347: xslt.transform();
348: }
349:
350: /**
351: * put your documentation comment here
352: * @param sD
353: */
354: public void setStaticData(org.jasig.portal.ChannelStaticData sD)
355: throws PortalException {
356: this .session = new PermissionsSessionData();
357: session.staticData = sD;
358: IEntityGroup admin = GroupService
359: .getDistinguishedGroup(GroupService.PORTAL_ADMINISTRATORS);
360: IGroupMember me = AuthorizationService.instance()
361: .getGroupMember(
362: session.staticData.getAuthorizationPrincipal());
363: if (admin.deepContains(me)) {
364: session.isAuthorized = true;
365: }
366: session.isFinished = false;
367:
368: }
369:
370: /**
371: * put your documentation comment here
372: * @return a <code>ChannelCacheKey</code> used to lookup Channels from the cache
373: */
374: public ChannelCacheKey generateKey() {
375: ChannelCacheKey cck;
376: if (session.servant == null) {
377: cck = new ChannelCacheKey();
378: cck.setKey(session.staticData.getChannelPublishId()
379: + "-"
380: + session.staticData.getChannelSubscribeId()
381: + "-"
382: + String.valueOf(session.staticData.getPerson()
383: .getID()));
384: cck.setKeyValidity(session.runtimeData
385: .getParameter("prmView"));
386: log
387: .debug("CPermissionsManager.generateKey() : set validity to "
388: + session.runtimeData
389: .getParameter("prmView"));
390: } else {
391: cck = ((ICacheable) session.servant).generateKey();
392: }
393: return cck;
394: }
395:
396: /**
397: * put your documentation comment here
398: *
399: * @param validity
400: * @return <code>true</code> if cache is valid; <code>false</code> otherwise
401: */
402: public boolean isCacheValid(Object validity) {
403: boolean valid = false;
404: if (session.servant == null) {
405: if (validity != null) {
406: if (validity.equals(session.runtimeData
407: .getParameter("prmView"))
408: && session.runtimeData.get("commandResponse") == null) {
409: valid = true;
410: }
411: }
412: if (log.isDebugEnabled()) {
413: long time3 = Calendar.getInstance().getTime().getTime();
414: log
415: .debug("CPermissionsManager.isCacheValid() time since setRD: "
416: + String
417: .valueOf((time3 - session.startRD))
418: + ", valid=" + valid);
419: }
420:
421: } else {
422: valid = ((ICacheable) session.servant)
423: .isCacheValid(validity);
424: }
425: return valid;
426: }
427: }
|