/**
* Loads the deegree SecurityAccesManager if no instance is present jet.
*
* @throws GeneralSecurityException if the no instance of the deegree securitymanager could be
* touched.
*/
private void initializeSecurityAccessManager() throws GeneralSecurityException {
if (databaseInfo == null) {
LOG.logError(Messages.getMessage("WASS_ERROR_SECURITYACCESSMANAGER_NO_DBINFO"));
return;
}
Properties properties = new Properties();
properties.setProperty("driver", databaseInfo.getDriver());
properties.setProperty("url", databaseInfo.getURL());
properties.setProperty("user", databaseInfo.getUser());
properties.setProperty("password", databaseInfo.getPassword());
try {
securityAccessManager = SecurityAccessManager.getInstance();
} catch (GeneralSecurityException gse) {
try {
SecurityAccessManager.initialize(
"org.deegree.security.drm.SQLRegistry", properties, 60 * 1000);
securityAccessManager = SecurityAccessManager.getInstance();
} catch (GeneralSecurityException gse2) {
LOG.logError(Messages.getMessage("WASS_ERROR_SECURITYACCESSMANAGER"));
LOG.logError(gse2.getLocalizedMessage(), gse2);
throw new GeneralSecurityException(getMessage("WASS_ERROR_SECURITYACCESSMANAGER"));
}
}
}
@Override
public void actionPerformed(FormEvent event) {
ServletRequest request = getRequest();
try {
// perform access check
SecurityAccess access = acquireAccess(this);
if (access == null) {
getRequest().setAttribute("SOURCE", this.getClass().getName());
getRequest().setAttribute("MESSAGE", get("IGEO_STD_SEC_ERROR_UNAUTHORIZED_ACCESS"));
setNextPage("error.jsp");
return;
}
checkForAdminRole(access);
LinkedList<Service> services = access.getAllServices();
request.setAttribute("SERVICES", services);
} catch (GeneralSecurityException e) {
getRequest().setAttribute("SOURCE", this.getClass().getName());
getRequest()
.setAttribute("MESSAGE", get("IGEO_STD_SEC_FAIL_INIT_SERVICES_EDITOR", e.getMessage()));
setNextPage("error.jsp");
LOG.logError(e.getMessage(), e);
} catch (Exception e) {
LOG.logError(get("IGEO_STD_SEC_ERROR_UNKNOWN", stackTraceToString(e)));
getRequest().setAttribute("SOURCE", this.getClass().getName());
getRequest()
.setAttribute("MESSAGE", get("IGEO_STD_SEC_FAIL_INIT_SERVICES_EDITOR", e.getMessage()));
setNextPage("error.jsp");
}
}
/** Returns a <code>String</code> representation of this object. */
public String toString(SecurityAccess securityAccess) {
StringBuffer sb = new StringBuffer("Name: ").append(name);
try {
sb.append(", Users (Members): [");
User[] users = getUsers(securityAccess);
for (int i = 0; i < users.length; i++) {
sb.append(users[i].getName());
if (i != users.length - 1) {
sb.append(", ");
}
}
sb.append("]");
sb.append(", Groups (Members): [");
Group[] groups = getGroups(securityAccess);
for (int i = 0; i < groups.length; i++) {
sb.append(groups[i].getName());
if (i != groups.length - 1) {
sb.append(", ");
}
}
sb.append("]");
sb.append(", Roles: [");
Role[] roles = getRoles(securityAccess);
for (int i = 0; i < roles.length; i++) {
sb.append(roles[i].getName());
if (i != roles.length - 1) {
sb.append(", ");
}
}
sb.append("]");
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
return sb.toString();
}
@Override
public void actionPerformed(FormEvent event) {
// the Role for which the rights are to be set
int roleId = -1;
// array of ints, ids of Layers (SecuredObjects) for which
// the Role has access rights
int[] layers = null;
// corresponding maps of key (PropertyName) / value-pairs that
// constitute access constraints
Map<String, Object>[] layerConstraints = null;
SecurityAccessManager manager = null;
SecurityTransaction transaction = null;
try {
RPCWebEvent ev = (RPCWebEvent) event;
RPCMethodCall rpcCall = ev.getRPCMethodCall();
RPCParameter[] params = rpcCall.getParameters();
// validates the incomming method call and extracts the roleID
roleId = validate(params);
RPCParameter[] layerParams = (RPCParameter[]) params[1].getValue();
layers = new int[layerParams.length];
layerConstraints = new Map[layerParams.length];
extractLayerValues(layers, layerConstraints, layerParams);
// extract FeatureType rights
if (!(params[2].getValue() instanceof RPCParameter[])) {
throw new RPCException(Messages.getMessage("IGEO_STD_STORERIGHTS_THIRD_PARAM"));
}
// array of ints, ids of FeatureTypes (SecuredObjects) for which
// the Role has access rights
FeatureTypeRight[] featureTypes = extractFeatureTypeValues(params);
transaction = SecurityHelper.acquireTransaction(this);
SecurityHelper.checkForAdminRole(transaction);
manager = SecurityAccessManager.getInstance();
User user = transaction.getUser();
Role role = transaction.getRoleById(roleId);
// perform access check
if (!user.hasRight(transaction, "update", role)) {
getRequest().setAttribute("SOURCE", this.getClass().getName());
String s = Messages.getMessage("IGEO_STD_STORERIGHTS_MISSING_RIGHTS", role.getName());
getRequest().setAttribute("MESSAGE", s);
setNextPage("error.jsp");
return;
}
// set/delete access rights for Layers
SecuredObject[] presentLayers = transaction.getAllSecuredObjects(ClientHelper.TYPE_LAYER);
setAccessRightsForLayers(layers, layerConstraints, transaction, role, presentLayers);
// set/delete access rights for FeatureTypes
SecuredObject[] presentFeatureTypes =
transaction.getAllSecuredObjects(ClientHelper.TYPE_FEATURETYPE);
setAccessRightsForFeatureTypes(featureTypes, transaction, role, presentFeatureTypes);
manager.commitTransaction(transaction);
transaction = null;
String s = Messages.getMessage("IGEO_STD_STORERIGHTS_SUCCESS", role.getID());
getRequest().setAttribute("MESSAGE", s);
} catch (RPCException e) {
getRequest().setAttribute("SOURCE", this.getClass().getName());
String s = Messages.getMessage("IGEO_STD_STORERIGHTS_INVALID_REQ", e.getMessage());
getRequest().setAttribute("MESSAGE", s);
setNextPage("error.jsp");
LOG.logDebug(e.getMessage(), e);
} catch (GeneralSecurityException e) {
getRequest().setAttribute("SOURCE", this.getClass().getName());
String s = Messages.getMessage("IGEO_STD_STORERIGHTS_ERROR", e.getMessage());
getRequest().setAttribute("MESSAGE", s);
setNextPage("error.jsp");
LOG.logDebug(e.getMessage(), e);
} finally {
if (manager != null && transaction != null) {
try {
manager.abortTransaction(transaction);
} catch (GeneralSecurityException e) {
LOG.logDebug(e.getMessage(), e);
}
}
}
}