All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.efaps.jaas.AppAccessHandler Maven / Gradle / Ivy

Go to download

eFaps is a framework used to map objects with or without attached files to a relational database and optional file systems (only for attaches files). Configurable access control can be provided down to object and attribute level depending on implementation and use case. Depending on requirements, events (like triggers) allow to implement business logic and to separate business logic from user interface. The framework includes integrations (e.g. webdav, full text search) and a web application as 'simple' configurable user interface. Some best practises, example web application modules (e.g. team work module) support administrators and implementers using this framework.

There is a newer version: 3.2.0
Show newest version
/*
 * Copyright 2003 - 2012 The eFaps Team
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * Revision:        $Rev: 7483 $
 * Last Changed:    $Date: 2012-05-11 11:57:38 -0500 (Fri, 11 May 2012) $
 * Last Changed By: $Author: [email protected] $
 */

package org.efaps.jaas;

import java.util.Collections;
import java.util.Set;

import org.efaps.util.EFapsException;

/**
 * Class contains the information about the access rigths for
 * one instance of the application. The Handler defines two different
 * modi.

 * 
    
 *  
  • If the loginRoles contain names than only the access for this roles
 * are accepted. If for example a command does not have an access
 * definition it must not be accessible.
    • 
 *  
  • If the loginRoles is empty than access of all roles inside eFaps
 * are accepted. If for example a command does not have an access
 * definition it is accessible.
    • 
 * 

 *
 *
 * @author The eFaps Team
 * @version $Id: AppAccessHandler.java 7483 2012-05-11 16:57:38Z [email protected] $
 */
public final class AppAccessHandler
{
    /**
     * Handler for the current application.
     */
    private static AppAccessHandler HANDLER;

    /**
     * Default key of the related Application if not set explicitely.
     */
    private static final String KEYDEFAULT = "eFaps";

    /**
     * Immutable Set of login roles that is allowed for the application instance
     * related to this filter.
     */
    private final Set loginRoles;

    /**
     * Key of the Aplication this AccessHandler belongs to.
     */
    private final String appKey;

    /**
     * Private Constructor to make a Singleton.
     * @param _appKey of the application
     * @param _loginRoles allowed login roles
     */
    private AppAccessHandler(final String _appKey,
                             final Set _loginRoles)
    {
        this.appKey = _appKey == null ? AppAccessHandler.KEYDEFAULT : _appKey;
        this.loginRoles = Collections.unmodifiableSet(_loginRoles);
    }

    /**
     * @return Hanlder for currecnt application instance
     * @throws EFapsException if not initialized
     */
    public static AppAccessHandler getAccessHandler()
        throws EFapsException
    {
        if (!AppAccessHandler.initialized()) {
            throw new EFapsException(AppAccessHandler.class, "not initialized", "");
        }
        return AppAccessHandler.HANDLER;
    }

    /**
     * Init the Handler. Can only be executed once.
     * @param _appKey of the application
     * @param _loginRoles allowd Login roles
     */
    public static void init(final String _appKey,
                            final Set _loginRoles)
    {
        if (AppAccessHandler.HANDLER == null) {
            AppAccessHandler.HANDLER = new AppAccessHandler(_appKey, _loginRoles);
        }
    }

    /**
     * Is the Handler initialized.
     *
     * @return true if allready the Handler is set
     */
    public static boolean initialized()
    {
        return AppAccessHandler.HANDLER != null;
    }

    /**
     *
     * @return allowed login roles
     * @throws EFapsException if not initialized
     */
    public static Set getLoginRoles()
        throws EFapsException
    {
        if (!AppAccessHandler.initialized()) {
            throw new EFapsException(AppAccessHandler.class, "not initialized", "");
        }
        return AppAccessHandler.HANDLER.loginRoles;
    }

    /**
     * @return true if include mode
     * @throws EFapsException if not initialized
     */
    public static boolean excludeMode()
        throws EFapsException
    {
        if (!AppAccessHandler.initialized()) {
            throw new EFapsException(AppAccessHandler.class, "not initialized", "");
        }
        return !AppAccessHandler.HANDLER.loginRoles.isEmpty();
    }

    /**
     * @return key of the related application
     * @throws EFapsException if not initialized
     */
    public static String getApplicationKey()
        throws EFapsException
    {
        if (!AppAccessHandler.initialized()) {
            throw new EFapsException(AppAccessHandler.class, "not initialized", "");
        }
        return AppAccessHandler.HANDLER.appKey;
    }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy