1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.module.admininterface.pages;
35
36 import info.magnolia.cms.i18n.Messages;
37 import info.magnolia.cms.i18n.MessagesManager;
38 import info.magnolia.cms.security.Group;
39 import info.magnolia.cms.security.Permission;
40 import info.magnolia.cms.security.Security;
41 import info.magnolia.cms.security.User;
42 import info.magnolia.cms.security.auth.ACL;
43 import info.magnolia.cms.util.AlertUtil;
44 import info.magnolia.module.admininterface.TemplatedMVCHandler;
45
46 import java.util.ArrayList;
47 import java.util.Collection;
48 import java.util.Hashtable;
49 import java.util.Iterator;
50 import java.util.Map;
51
52 import javax.servlet.http.HttpServletRequest;
53 import javax.servlet.http.HttpServletResponse;
54
55 import org.apache.commons.lang.StringEscapeUtils;
56 import org.slf4j.Logger;
57 import org.slf4j.LoggerFactory;
58
59
60
61
62
63
64 public class PermissionPage extends TemplatedMVCHandler {
65
66 public static Logger log = LoggerFactory.getLogger(PermissionPage.class);
67
68 private static final String VIEW_ERROR = "error";
69
70 private String mgnlUser;
71 private String mgnlGroup;
72 private Boolean mgnlACLs = false;
73 private final Collection<String> permissionList = new ArrayList<String>();
74 private boolean createPermissionList;
75
76 private static Map<Long, String> mapNamePermissionURL = new Hashtable<Long, String>();
77 private static Map<Long, String> mapNamePermissionForum = new Hashtable<Long, String>();
78 private static Map<Long, String> mapNamePermission = new Hashtable<Long, String>();
79
80 static {
81 mapNamePermission.put(Long.valueOf(0), "roles.permission.deny");
82 mapNamePermission.put(Long.valueOf(Permission.READ), "roles.permission.readOnly");
83 mapNamePermission.put(Long.valueOf(Permission.ALL), "roles.permission.readWrite");
84 mapNamePermissionURL.put(Long.valueOf(0), "roles.permission.deny");
85 mapNamePermissionURL.put(Long.valueOf(Permission.READ), "roles.permission.get");
86 mapNamePermissionURL.put(Long.valueOf(Permission.ALL), "roles.permission.getAndPost");
87
88 mapNamePermissionForum.put(Long.valueOf(0), "roles.permission.deny");
89 mapNamePermissionForum.put(Long.valueOf(Permission.READ), "roles.permission.readOnly");
90 mapNamePermissionForum.put(Long.valueOf(Permission.WRITE), "roles.permission.post");
91 mapNamePermissionForum.put(Long.valueOf(75), "roles.permission.moderate");
92 mapNamePermissionForum.put(Long.valueOf(79), "roles.permission.moderateAndDelete");
93 mapNamePermissionForum.put(Long.valueOf(111), "roles.permission.admin");
94 }
95
96
97
98
99
100 public String getMgnlUser() {
101 return this.mgnlUser;
102 }
103
104
105
106
107
108 public void setMgnlUser(String mgnlUser) {
109 this.mgnlUser = mgnlUser;
110 }
111
112
113
114
115
116 public String getMgnlGroup() {
117 return mgnlGroup;
118 }
119
120
121
122
123
124 public void setMgnlGroup(String mgnlGroup) {
125 this.mgnlGroup = mgnlGroup;
126 }
127
128
129
130
131
132 public Boolean isMgnlACLs() {
133 return mgnlACLs;
134 }
135
136
137
138
139
140 public void setMgnlACLs(Boolean mgnlACLs) {
141 this.mgnlACLs = mgnlACLs;
142 }
143
144
145
146
147
148 public Collection<String> getPermissionList() {
149 return permissionList;
150 }
151
152
153
154
155
156 public boolean isCreatePermissionList() {
157 return this.createPermissionList;
158 }
159
160
161
162
163
164 public void setCreatePermissionList(boolean createPermissionList) {
165 this.createPermissionList = createPermissionList;
166 }
167
168
169
170
171
172
173 public PermissionPage(String name, HttpServletRequest request, HttpServletResponse response) {
174 super(name, request, response);
175 }
176
177
178
179
180
181 public String createpermissionlist() throws Exception {
182 Iterator<String> iterGroups;
183 Iterator<String> iterRoles;
184
185 if(!mgnlUser.isEmpty()){
186 User user = Security.getUserManager().getUser(mgnlUser);
187 if(user != null){
188 permissionList.add("<h3> " + getMessages().get("permissionlist.user", new String[]{mgnlUser}) + "</h3>");
189 iterGroups = user.getGroups().iterator();
190 iterRoles = user.getRoles().iterator();
191 }else{
192 log.error("User " + mgnlUser + " doesn't exist");
193 AlertUtil.setMessage(getMessages().get("permissionlist.user.error", new String[]{StringEscapeUtils.escapeHtml(mgnlUser)}));
194 return VIEW_ERROR;
195 }
196 }else if(!mgnlGroup.isEmpty()){
197 Group group = Security.getGroupManager().getGroup(mgnlGroup);
198 if(group != null){
199 permissionList.add("<h3> " + getMessages().get("permissionlist.group", new String[]{mgnlGroup}) + "</h3>");
200 iterGroups = group.getGroups().iterator();
201 iterRoles = group.getRoles().iterator();
202 }else{
203 log.error("Group " + mgnlGroup + " doesn't exist");
204 AlertUtil.setMessage(getMessages().get("permissionlist.group.error", new String[]{StringEscapeUtils.escapeHtml(mgnlGroup)}));
205 return VIEW_ERROR;
206 }
207 }else{
208 log.error("Enter the name of the user or group");
209 AlertUtil.setMessage(getMessages().get("permissionlist.notselected"));
210 return VIEW_ERROR;
211 }
212
213 if(iterGroups.hasNext() || iterRoles.hasNext()){
214 permissionList.add("<ul>");
215 getGroupRole(iterGroups);
216 getRole(iterRoles);
217 permissionList.add("</ul>");
218 }
219
220 return this.show();
221 }
222
223
224
225
226
227 private void getGroupRole(Iterator<String> iterGroup) throws Exception {
228 while(iterGroup.hasNext()){
229 Group group = Security.getGroupManager().getGroup(iterGroup.next());
230 permissionList.add("<li> " + getMessages().get("permissionlist.group", new String[]{group.getName()}) + "</li>");
231
232 Iterator<String> iterSubGroups = group.getGroups().iterator();
233 Iterator<String> iterRoles = group.getRoles().iterator();
234 if(iterSubGroups.hasNext() || iterRoles.hasNext()){
235 permissionList.add("<ul>");
236 getGroupRole(iterSubGroups);
237 getRole(iterRoles);
238 permissionList.add("</ul>");
239 }
240 }
241 }
242
243
244
245
246
247 private void getRole(Iterator<String> iterRoles) {
248 while(iterRoles.hasNext()){
249 String role = Security.getRoleManager().getRole(iterRoles.next()).getName();
250 permissionList.add("<li> " + getMessages().get("permissionlist.role", new String[]{role}) + "</li>");
251 if(mgnlACLs){
252 getPermission(role);
253 }
254 }
255 }
256
257
258
259
260
261 private void getPermission(String role){
262 Iterator<ACL> iterPermission = Security.getRoleManager().getACLs(role).values().iterator();
263 permissionList.add("<ul>");
264 while(iterPermission.hasNext()){
265 ACL acl = iterPermission.next();
266 if(!acl.getList().isEmpty()){
267 for (Permission permission : acl.getList()) {
268 String repoName = acl.getName();
269 String message = getMessages().get("permissionlist.permission", new String[]{getPermissionAsName(repoName, permission), repoName, permission.getPattern().getPatternString()});
270 permissionList.add("<li>" + message + "</li>");
271 }
272 }
273 }
274 permissionList.add("</ul>");
275 }
276
277
278
279
280
281 public String getPermissionAsName(String repoName, Permission permission) {
282 String msgName;
283 String msgModule = "info.magnolia.module.admininterface.messages";
284 if(repoName.equalsIgnoreCase("uri")){
285 msgName = mapNamePermissionURL.get(Long.valueOf(permission.getPermissions()));
286 }else if(repoName.equalsIgnoreCase("forum")){
287 msgName = mapNamePermissionForum.get(Long.valueOf(permission.getPermissions()));
288 msgModule = "info.magnolia.module.forum.messages";
289 }else{
290 msgName = mapNamePermission.get(Long.valueOf(permission.getPermissions()));
291 }
292 if(msgName == null){
293 return ("(" + permission.getPermissions() + ") unknown ");
294 }
295
296 return MessagesManager.getMessages(msgModule).get(msgName);
297 }
298
299 public Messages getMessages() {
300 return MessagesManager.getMessages();
301 }
302 }