Source code: org/acs/damsel/srvr/auth/AuthMgr.java

   package org.acs.damsel.srvr.auth;
   
   import java.sql.*;
   import java.util.*;
   import org.apache.log4j.*;
   
   import org.acs.damsel.srvr.user.*;
   import org.acs.damsel.srvr.db.*;
   
  /**
   * <p>Class Name: AuthMgr</p>
   * <p>Description: The Authorization Manager (AuthMgr for short) is a manager-level
   * class that facilitates communication between the server layer and the presentation
   * layer. It provides support for all things related to authorization, including methods
   * for asking whether a specific user has permission to perform a specific action,
   * retrieving permission names from the database, authenticating a user based on
   * username and password, and verifying whether a user is in an administrator.</p>
   * @version 1.0
   */
  
  public class AuthMgr {
  
    private static Logger log = Logger.getLogger(AssetDB.class);
  
    public AuthMgr() {
      super();
    }
  
    /**
     * Method to validate high level permissions associated with a specified user in
     * the GroupsTable in the database.
     * @param username String containing userName of user whose permissions are being checked.
     * @param action String containing action being called. Note, action will ONLY be
     * Create, Edit, or Remove.
     * @param target String containing target action will be performed on. Note that target
     * can only be Collections, Repositories, Assets, Users, Schemas, or Groups
     * @throws SQLException
     * @return boolean true if username can perform the action on the target, false otherwise
     */
    public boolean can(String username, String action, String target) throws
        SQLException {
      String colName = new String();
      action = (action.substring(0, 1)).toUpperCase() + action.substring(1);
      target = (target.substring(0, 1)).toUpperCase() + target.substring(1);
      colName = "Can" + action + target;
      return DBUtils.instance().canDoHighPerm(username, colName);
    }
  
    /**
     * Method validates low level permissions associated with a specified user in
     * the PermissionsTable table in the database.
     * @param username String containing username of user whose permissions are being checked.
     * @param action String containing action being called. Note that action can ONLY be
     * Read, Write, or Delete.
     * @param targetType String containing the table that the object the action will be performed
     * on is in.
     * @param keyName String containing the name of the table's key field.
     * @param keyValue String containing the name of the table's key value.
     * @throws SQLException
     * @return boolean
     * michelle s. and christy
     */
    public boolean can(String username, String action, String targetType,
                       String keyName, String keyValue) throws SQLException{
      return DBUtils.instance().canDoLowPerm(username, action, targetType, keyName, keyValue);
    }
  
    /**
     * Method returns a validated user, returns null if user is not valid, or
     * password for user is incorrect.
     * @param username String containing the username of the user to get from db
     * @param password String containing the password of the user to get from the db
     * @return User containing the User from the db if username and password were valid, null otherwise.
     */
    public User getUser(String username, String password) {
      try {
        return AssetDB.instance().getUser(username, password);
      }
      catch (SQLException ex) {
        return null;
      }
    }
  
     /**
      * Determines if the specified user is an administrator.
      * @param user User representing the user in question
      * @return true if the specified user is an administrator, false otherwise
      */
    public boolean isAdministrator(User user) {
      try {
        Vector users = AssetDB.instance().getUsersInGroup("Administrators");
        String u;
        for (int i = 0; i < users.size(); i ++) {
          u = (String) users.elementAt(i);
          if (u.equals(user.getUserName()))
            return true;
        }
      }
      catch (SQLException ex) {
       log.warn("Unexpected SQLException in AuthMgr.isAdministrator() " + ex.getMessage());
     }
     return false;
   }
 
   /**
    * This method takes a vector of fieldNames and a vector of values and returns the
    * corresponding permissionID. Note that each vector will ALWAYS have ONLY nine elements.
    * @param fields Vector vector of strings containing all field names, such as OwnerRead,
    * OwnerWrite, OwnerDelete, GroupRead, etc.
    * @param values Vector vector of strings containing the value for each field, either
    * true or false.
    * @return String, string form of permissionID.
    */
   public int getAllPermissions(Vector fields, Vector values){
     char [] permissionString = { '-','-','-','-','-','-','-','-','-'};
     if(values.elementAt(fields.indexOf("ownerRead")).equals("true") )
       permissionString[0] = 'r';
     if(values.elementAt(fields.indexOf("ownerWrite")).equals("true") )
       permissionString[1] = 'w';
     if(values.elementAt(fields.indexOf("ownerDelete")).equals("true") )
       permissionString[2] = 'd';
     if(values.elementAt(fields.indexOf("groupRead")).equals("true") )
       permissionString[3] = 'r';
     if(values.elementAt(fields.indexOf("groupWrite")).equals("true"))
       permissionString[4] = 'w';
     if(values.elementAt(fields.indexOf("groupDelete")).equals("true"))
       permissionString[5] = 'd';
     if(values.elementAt(fields.indexOf("othersRead")).equals("true"))
       permissionString[6] = 'r';
     if(values.elementAt(fields.indexOf("othersWrite")).equals("true"))
       permissionString[7] = 'w';
     if(values.elementAt(fields.indexOf("othersDelete")).equals("true"))
       permissionString[8] = 'd';
     return this.getAllPermissions(new String(permissionString));
   }
 
   /**
    * This method takes in a string and returns the int that would be stored in
    * the database.
    * @param perm String of the form "rwdrwdrwd"
    * @return int representing the permissionID in the database
    */
   public int getAllPermissions(String perm) {
     try {
       return DBUtils.instance().getPermissions(perm);
     }
     catch (SQLException ex) {
       log.warn("Unexpected SQLException caught in getAllPermissions(String) : " + ex.getMessage());
       return -1;
     }
 
   }
 
   /**
    * This method takes in an int and returns the permissions string that the int
    * will represent in the database.
    * @param permissionID int between 0 and 511
    * @return String of the form "rwdrwdrwd" with dashes in the place of perms that
    * are not held
    */
   public String getAllPermissions(int permissionID) {
     try {
       return DBUtils.instance().getPermissions(permissionID);
     }
     catch (SQLException ex) {
       log.warn("Unexpected SQLException caught in getAllPermissions(int) : " + ex.getMessage());
       return null;
     }
 
   }
 
 
   /**
    * Method that gets a vector of strings listing all possible permissions in the db.
    * @return Vector containing strings listing every possible permission in the
    * database of the form CanActionEntity (ex. CanCreateAssets)
    */
   public Vector getPermissionsList() {
     try {
       return DBUtils.instance().getPermissionsList();
     }
     catch (SQLException ex) {
       return null;
     }
   }
 
   /**
    * Determines whether the specified user belongs to the specified group.
    * @param userName String referring to the user in question
    * @param groupName String referring to the group in question
    * @return true if user is in collection, false otherwise
    * @throws SQLException
    */
   public boolean isUserInGroup(String userName, String groupName) {
     try {
       DBUtils dbUtils = DBUtils.instance();
       return dbUtils.isUserInGroup(userName, groupName);
     }
     catch (SQLException ex) {
       return false;
     }
   }
 
   /**
    * This method takes in the permission ID and returns a vector of strings
    * for all the permissions that ID entails.
    * @param permissionID String, a string containing an integer between 0 and 511
    * representing the permission ID in the db.
    * @return Vector, a vector of strings listing the parameter IDs
    */
   public Vector getPermissionNamesFromID(String permissionID) {
     int permNum;
     permNum = Integer.parseInt(permissionID);
     Vector permissionsList = new Vector();
     String binary = Integer.toBinaryString(permNum);
     for (int i = 0 ; i < binary.length(); i++) {
       if (binary.charAt(binary.length()-i-1) == '1' && i == 0)
         permissionsList.addElement("ownerRead");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 1)
         permissionsList.addElement("ownerWrite");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 2)
         permissionsList.addElement("ownerDelete");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 3)
         permissionsList.addElement("groupRead");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 4)
         permissionsList.addElement("groupWrite");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 5)
         permissionsList.addElement("groupDelete");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 6)
         permissionsList.addElement("othersRead");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 7)
         permissionsList.addElement("othersWrite");
       if (binary.charAt(binary.length()-i-1) == '1' && i == 8)
         permissionsList.addElement("othersDelete");
     }
     return permissionsList;
   }
 
 
 
 } // end of class