1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security;
35
36 import info.magnolia.jcr.node2bean.Node2BeanTransformer;
37 import info.magnolia.jcr.node2bean.PropertyTypeDescriptor;
38 import info.magnolia.jcr.node2bean.TransformationState;
39 import info.magnolia.jcr.node2bean.TypeDescriptor;
40 import info.magnolia.jcr.node2bean.TypeMapping;
41 import info.magnolia.jcr.node2bean.impl.Node2BeanTransformerImpl;
42 import info.magnolia.objectfactory.ComponentProvider;
43 import info.magnolia.objectfactory.ObservedComponentFactory;
44 import info.magnolia.repository.RepositoryConstants;
45
46 import javax.jcr.RepositoryException;
47 import javax.servlet.http.HttpServletRequest;
48 import java.util.Arrays;
49 import java.util.Collections;
50 import java.util.HashMap;
51 import java.util.Map;
52 import java.util.Set;
53 import java.util.TreeSet;
54
55
56
57
58
59
60 public class IPSecurityManagerImpl implements IPSecurityManager {
61 private static final String ALL = "*";
62
63
64
65
66 private Map<String, Rule> rules;
67
68 public IPSecurityManagerImpl() {
69 this.rules = new HashMap<String, Rule>();
70 }
71
72 @Override
73 public boolean isAllowed(HttpServletRequest req) {
74 final Rule rule = getRule(req.getRemoteAddr());
75 return rule != null && rule.allowsMethod(req.getMethod());
76 }
77
78 @Override
79 public boolean isAllowed(String ip) {
80 return getRule(ip) != null;
81 }
82
83 protected Rule getRule(String ip) {
84 return (rules.containsKey(ip)) ? rules.get(ip) : rules.get(ALL);
85 }
86
87 public Map<String, Rule> getRules() {
88 return rules;
89 }
90
91 public void setRules(Map<String, Rule> rules) {
92 this.rules = rules;
93 }
94
95 public void addRule(String name, Rule rule) {
96 rules.put(name, rule);
97 }
98
99
100
101
102 public static final class InstanceFactory extends ObservedComponentFactory<IPSecurityManager> {
103 public InstanceFactory() {
104 super(RepositoryConstants.CONFIG, "/server/IPConfig", IPSecurityManager.class);
105 }
106
107 @Override
108 protected Node2BeanTransformer getNode2BeanTransformer() {
109 return new IPSecurityManagerTransformer();
110 }
111 }
112
113
114
115
116 public static final class IPSecurityManagerTransformer extends Node2BeanTransformerImpl {
117
118 @Override
119 public void setProperty(TypeMapping typeMapping, TransformationState state, PropertyTypeDescriptor descriptor, Map<String, Object> values) throws RepositoryException {
120 final Object currentBean = state.getCurrentBean();
121 if (currentBean instanceof IPSecurityManagerImpl) {
122 final IPSecurityManagerImpl ipSecMan = (IPSecurityManagerImpl) currentBean;
123 for (Object o : values.values()) {
124 if (o instanceof Rule) {
125 final Rule rule = (Rule) o;
126 ipSecMan.addRule(rule.getIP(), rule);
127 }
128 }
129 }
130 super.setProperty(typeMapping, state, descriptor, values);
131 }
132
133 @Override
134 protected TypeDescriptor onResolveType(TypeMapping typeMapping, TransformationState state, TypeDescriptor resolvedType, ComponentProvider componentProvider) {
135 if (state.getLevel() == 2 && resolvedType == null) {
136 return typeMapping.getTypeDescriptor(Rule.class);
137 }
138 return super.onResolveType(typeMapping, state, resolvedType, componentProvider);
139 }
140
141 }
142
143
144
145
146 public static final class Rule {
147 private String name;
148 private String ip;
149 private Set<String> methods;
150
151 public Rule() {
152 this.methods = Collections.emptySet();
153 }
154
155 public String getName() {
156 return name;
157 }
158
159 public void setName(String name) {
160 this.name = name;
161 }
162
163 public String getIP() {
164 return ip;
165 }
166
167 public void setIP(String ip) {
168 this.ip = ip;
169 }
170
171 public boolean allowsMethod(String s) {
172 return methods.contains(s);
173 }
174
175 public String getMethods() {
176 throw new IllegalStateException("Just faking a getter for content2bean's sake.");
177 }
178
179 public void setMethods(String methods) {
180 this.methods = new TreeSet<String>(String.CASE_INSENSITIVE_ORDER);
181 this.methods.addAll(Arrays.asList(methods.split(",")));
182 }
183 }
184
185 }