1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.module.admininterface.pages;
35
36 import java.util.ArrayList;
37 import java.util.Collection;
38 import java.util.Hashtable;
39 import java.util.Iterator;
40 import java.util.Map;
41
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpServletResponse;
44
45 import org.slf4j.Logger;
46 import org.slf4j.LoggerFactory;
47
48 import info.magnolia.cms.i18n.Messages;
49 import info.magnolia.cms.i18n.MessagesManager;
50 import info.magnolia.cms.security.Group;
51 import info.magnolia.cms.security.Permission;
52 import info.magnolia.cms.security.Security;
53 import info.magnolia.cms.security.User;
54 import info.magnolia.cms.security.auth.ACL;
55 import info.magnolia.cms.util.AlertUtil;
56 import info.magnolia.module.admininterface.TemplatedMVCHandler;
57
58
59
60
61
62
63 public class PermissionPage extends TemplatedMVCHandler {
64
65 public static Logger log = LoggerFactory.getLogger(PermissionPage.class);
66
67 private static final String VIEW_ERROR = "error";
68
69 private String mgnlUser;
70 private String mgnlGroup;
71 private Boolean mgnlACLs = false;
72 private Collection<String> permissionList = new ArrayList<String>();
73 private boolean createPermissionList;
74
75 private static Map<Long, String> mapNamePermissionURL = new Hashtable<Long, String>();
76 private static Map<Long, String> mapNamePermissionForum = new Hashtable<Long, String>();
77 private static Map<Long, String> mapNamePermission = new Hashtable<Long, String>();
78
79 static {
80 mapNamePermission.put(Long.valueOf(0), "roles.permission.deny");
81 mapNamePermission.put(Long.valueOf(Permission.READ), "roles.permission.readOnly");
82 mapNamePermission.put(Long.valueOf(Permission.ALL), "roles.permission.readWrite");
83 mapNamePermissionURL.put(Long.valueOf(0), "roles.permission.deny");
84 mapNamePermissionURL.put(Long.valueOf(Permission.READ), "roles.permission.get");
85 mapNamePermissionURL.put(Long.valueOf(Permission.ALL), "roles.permission.getAndPost");
86
87 mapNamePermissionForum.put(Long.valueOf(0), "roles.permission.deny");
88 mapNamePermissionForum.put(Long.valueOf(Permission.READ), "roles.permission.readOnly");
89 mapNamePermissionForum.put(Long.valueOf(Permission.WRITE), "roles.permission.post");
90 mapNamePermissionForum.put(Long.valueOf(75), "roles.permission.moderate");
91 mapNamePermissionForum.put(Long.valueOf(79), "roles.permission.moderateAndDelete");
92 mapNamePermissionForum.put(Long.valueOf(111), "roles.permission.admin");
93 }
94
95
96
97
98
99 public String getMgnlUser() {
100 return this.mgnlUser;
101 }
102
103
104
105
106
107 public void setMgnlUser(String mgnlUser) {
108 this.mgnlUser = mgnlUser;
109 }
110
111
112
113
114
115 public String getMgnlGroup() {
116 return mgnlGroup;
117 }
118
119
120
121
122
123 public void setMgnlGroup(String mgnlGroup) {
124 this.mgnlGroup = mgnlGroup;
125 }
126
127
128
129
130
131 public Boolean isMgnlACLs() {
132 return mgnlACLs;
133 }
134
135
136
137
138
139 public void setMgnlACLs(Boolean mgnlACLs) {
140 this.mgnlACLs = mgnlACLs;
141 }
142
143
144
145
146
147 public Collection<String> getPermissionList() {
148 return permissionList;
149 }
150
151
152
153
154
155 public boolean isCreatePermissionList() {
156 return this.createPermissionList;
157 }
158
159
160
161
162
163 public void setCreatePermissionList(boolean createPermissionList) {
164 this.createPermissionList = createPermissionList;
165 }
166
167
168
169
170
171
172 public PermissionPage(String name, HttpServletRequest request, HttpServletResponse response) {
173 super(name, request, response);
174 }
175
176
177
178
179
180 public String createpermissionlist() throws Exception {
181 Iterator<String> iterGroups;
182 Iterator<String> iterRoles;
183
184 if(!mgnlUser.isEmpty()){
185 User user = Security.getUserManager().getUser(mgnlUser);
186 if(user != null){
187 permissionList.add("<h3> " + getMessages().get("permissionlist.user", new String[]{mgnlUser}) + "</h3>");
188 iterGroups = user.getGroups().iterator();
189 iterRoles = user.getRoles().iterator();
190 }else{
191 log.error("User " + mgnlUser + " doesn't exist");
192 AlertUtil.setMessage(getMessages().get("permissionlist.user.error", new String[]{mgnlUser}));
193 return VIEW_ERROR;
194 }
195 }else if(!mgnlGroup.isEmpty()){
196 Group group = Security.getGroupManager().getGroup(mgnlGroup);
197 if(group != null){
198 permissionList.add("<h3> " + getMessages().get("permissionlist.group", new String[]{mgnlGroup}) + "</h3>");
199 iterGroups = group.getGroups().iterator();
200 iterRoles = group.getRoles().iterator();
201 }else{
202 log.error("Group " + mgnlGroup + " doesn't exist");
203 AlertUtil.setMessage(getMessages().get("permissionlist.group.error", new String[]{mgnlGroup}));
204 return VIEW_ERROR;
205 }
206 }else{
207 log.error("Enter the name of the user or group");
208 AlertUtil.setMessage(getMessages().get("permissionlist.notselected"));
209 return VIEW_ERROR;
210 }
211
212 if(iterGroups.hasNext() || iterRoles.hasNext()){
213 permissionList.add("<ul>");
214 getGroupRole(iterGroups);
215 getRole(iterRoles);
216 permissionList.add("</ul>");
217 }
218
219 return this.show();
220 }
221
222
223
224
225
226 private void getGroupRole(Iterator<String> iterGroup) throws Exception {
227 while(iterGroup.hasNext()){
228 Group group = Security.getGroupManager().getGroup(iterGroup.next());
229 permissionList.add("<li> " + getMessages().get("permissionlist.group", new String[]{group.getName()}) + "</li>");
230
231 Iterator<String> iterSubGroups = group.getGroups().iterator();
232 Iterator<String> iterRoles = group.getRoles().iterator();
233 if(iterSubGroups.hasNext() || iterRoles.hasNext()){
234 permissionList.add("<ul>");
235 getGroupRole(iterSubGroups);
236 getRole(iterRoles);
237 permissionList.add("</ul>");
238 }
239 }
240 }
241
242
243
244
245
246 private void getRole(Iterator<String> iterRoles) {
247 while(iterRoles.hasNext()){
248 String role = Security.getRoleManager().getRole(iterRoles.next()).getName();
249 permissionList.add("<li> " + getMessages().get("permissionlist.role", new String[]{role}) + "</li>");
250 if(mgnlACLs){
251 getPermission(role);
252 }
253 }
254 }
255
256
257
258
259
260 private void getPermission(String role){
261 Iterator<ACL> iterPermission = Security.getRoleManager().getACLs(role).values().iterator();
262 permissionList.add("<ul>");
263 while(iterPermission.hasNext()){
264 ACL acl = iterPermission.next();
265 if(!acl.getList().isEmpty()){
266 for (Permission permission : acl.getList()) {
267 String repoName = acl.getName();
268 String message = getMessages().get("permissionlist.permission", new String[]{getPermissionAsName(repoName, permission), repoName, permission.getPattern().getPatternString()});
269 permissionList.add("<li>" + message + "</li>");
270 }
271 }
272 }
273 permissionList.add("</ul>");
274 }
275
276
277
278
279
280 public String getPermissionAsName(String repoName, Permission permission) {
281 String msgName;
282 String msgModule = "info.magnolia.module.admininterface.messages";
283 if(repoName.equalsIgnoreCase("uri")){
284 msgName = mapNamePermissionURL.get(Long.valueOf(permission.getPermissions()));
285 }else if(repoName.equalsIgnoreCase("forum")){
286 msgName = mapNamePermissionForum.get(Long.valueOf(permission.getPermissions()));
287 msgModule = "info.magnolia.module.forum.messages";
288 }else{
289 msgName = mapNamePermission.get(Long.valueOf(permission.getPermissions()));
290 }
291 if(msgName == null){
292 return ("(" + permission.getPermissions() + ") unknown ");
293 }
294
295 return MessagesManager.getMessages(msgModule).get(msgName);
296 }
297
298 public Messages getMessages() {
299 return MessagesManager.getMessages();
300 }
301 }