/**
* Checks whether a group is specifically allowed to access the request action This method ignores
* the "*" action and is here to play a maintenance role.
*/
public boolean allowsSpecificGroup(String action, String group) {
SecurityAccess access = (SecurityAccess) getAccess(action);
if (access.getAllAllows() != null) {
Iterator allAllows = access.getAllows().iterator();
while (allAllows.hasNext()) {
SecurityAllow allow = (SecurityAllow) allAllows.next();
if (allow.getGroup() != null && allow.getGroup().equals(group)) {
return true;
}
}
}
return false;
}
/**
* Add access elements to the access map. The elements will be appened to the appropiate map.
*
* @param accessMap to receive accessElements
* @param accessElement to copy to access map
*/
private void addAllows(Map accessMap, SecurityAccess accessElement) {
SecurityAllow allowElement = null;
String role = null;
String group = null;
Map ownerMap = null; // Map of owner allowed
Map roleMap = null; // Map of roles allowed
Map groupMap = null; // Map of groups allowed
Map groupRoleMap = null; // Map of group role allowed
Map userMap = null; // Map of users allowed
String userName = null;
if (accessElement.getAllAllows() == null) {
return;
}
// Add allows to the action Map
for (Iterator allowIterator = accessElement.getAllAllows().iterator();
allowIterator.hasNext(); ) {
allowElement = (SecurityAllow) allowIterator.next();
role = null;
userName = null;
group = null;
// Add Owner
if (allowElement.isOwner() == true) {
ownerMap = (Map) accessMap.get(OWNER_MAP);
if (ownerMap == null) {
ownerMap = new HashMap();
accessMap.put(OWNER_MAP, ownerMap);
}
ownerMap.put(null, null);
}
// Add Role
role = allowElement.getRole();
if (role != null) {
// Role map
roleMap = (Map) accessMap.get(ROLE_MAP);
if (roleMap == null) {
roleMap = new HashMap();
accessMap.put(ROLE_MAP, roleMap);
}
roleMap.put(role, null);
// Group role map
groupRoleMap = (Map) accessMap.get(GROUP_ROLE_MAP);
if (groupRoleMap == null) {
groupRoleMap = new HashMap();
accessMap.put(GROUP_ROLE_MAP, groupRoleMap);
}
if (group == null) {
group = GroupManagement.DEFAULT_GROUP_NAME;
}
groupRoleMap.put(group + role, null);
}
// Add Group
group = allowElement.getGroup();
if (group != null) {
// Group map
groupMap = (Map) accessMap.get(GROUP_MAP);
if (groupMap == null) {
groupMap = new HashMap();
accessMap.put(GROUP_MAP, groupMap);
}
groupMap.put(group, null);
// Group role map
groupRoleMap = (Map) accessMap.get(GROUP_ROLE_MAP);
if (groupRoleMap == null) {
groupRoleMap = new HashMap();
accessMap.put(GROUP_ROLE_MAP, groupRoleMap);
}
if (role == null) {
role = RoleManagement.DEFAULT_ROLE_NAME;
}
groupRoleMap.put(group + role, null);
}
// Add User
userName = allowElement.getUser();
if (userName != null) {
userMap = (Map) accessMap.get(USER_MAP);
if (userMap == null) {
userMap = new HashMap();
accessMap.put(USER_MAP, userMap);
}
userMap.put(userName, null);
}
}
}
