Java tutorial
/* * Copyright 2000-2013 Enonic AS * http://www.enonic.com/license */ package com.enonic.cms.web.portal.services; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; import javax.annotation.PostConstruct; import org.apache.commons.lang.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.enonic.cms.core.structure.SiteKey; import com.enonic.cms.core.structure.SiteProperties; import com.enonic.cms.core.structure.SitePropertiesListener; import com.enonic.cms.core.structure.SitePropertiesService; import com.enonic.cms.core.structure.SitePropertyNames; import com.enonic.cms.core.structure.SiteService; @Component public class UserServicesAccessManagerImpl implements UserServicesAccessManager, SitePropertiesListener { private static enum AccessPermission { ALLOW, DENY, } private static final String ACCESS_RULE_ALL = "*"; private static final AccessPermission DEFAULT_ACCESS_RULE = AccessPermission.DENY; private SitePropertiesService sitePropertiesService; private SiteService siteService; private ConcurrentMap<SiteKey, ConcurrentMap<String, AccessPermission>> sitesAccessRules; public UserServicesAccessManagerImpl() { sitesAccessRules = new ConcurrentHashMap<SiteKey, ConcurrentMap<String, AccessPermission>>(); } @PostConstruct public void postConstruct() { sitePropertiesService.registerSitePropertiesListener(this); } @Override public boolean isOperationAllowed(SiteKey site, String service, String operation) { siteService.checkSiteExist(site); ConcurrentMap<String, AccessPermission> siteRules = getRulesForSite(site); AccessPermission access = applyAccessRules(service, operation, siteRules); return access == AccessPermission.ALLOW; } private AccessPermission applyAccessRules(String service, String operation, ConcurrentMap<String, AccessPermission> siteRules) { // search for specific rule: "service.operation" AccessPermission accessServiceOperation = siteRules.get(service + "." + operation); if (accessServiceOperation != null) { return accessServiceOperation; } // search for generic rule: "service.*" AccessPermission accessService = siteRules.get(service + ".*"); if (accessService != null) { siteRules.putIfAbsent(service + "." + operation, accessService); return accessService; } // no rule found -> return default and cache value AccessPermission defaultAccess = siteRules.get(ACCESS_RULE_ALL); siteRules.putIfAbsent(service + "." + operation, defaultAccess); return defaultAccess; } private ConcurrentMap<String, AccessPermission> getRulesForSite(SiteKey site) { ConcurrentMap<String, AccessPermission> rules = sitesAccessRules.get(site); if (rules == null) { initSiteRules(site); rules = sitesAccessRules.get(site); } return rules; } @Override public void sitePropertiesLoaded(final SiteProperties siteProperties) { // nothing } @Override public void sitePropertiesReloaded(final SiteProperties siteProperties) { sitesAccessRules.remove(siteProperties.getSiteKey()); initSiteRules(siteProperties.getSiteKey()); } private void initSiteRules(SiteKey site) { ConcurrentMap<String, AccessPermission> siteRules = new ConcurrentHashMap<String, AccessPermission>(); String allowRules = sitePropertiesService.getSiteProperty(site, SitePropertyNames.HTTP_SERVICES_ALLOW_PROPERTY); String denyRules = sitePropertiesService.getSiteProperty(site, SitePropertyNames.HTTP_SERVICES_DENY_PROPERTY); parseAndAddRules(allowRules, AccessPermission.ALLOW, siteRules, site); parseAndAddRules(denyRules, AccessPermission.DENY, siteRules, site); siteRules.putIfAbsent(ACCESS_RULE_ALL, DEFAULT_ACCESS_RULE); sitesAccessRules.putIfAbsent(site, siteRules); } private void parseAndAddRules(String accessRules, AccessPermission accessPermission, ConcurrentMap<String, AccessPermission> siteRules, SiteKey site) { accessRules = StringUtils.trimToEmpty(accessRules); String[] ruleItems = accessRules.split(","); for (String ruleItem : ruleItems) { ruleItem = ruleItem.trim(); if (ruleItem.isEmpty()) { continue; } if (siteRules.containsKey(ruleItem)) { throw new IllegalArgumentException( "Duplicated value for http service access rule '" + ruleItem + "' on site " + site); } siteRules.put(ruleItem, accessPermission); } } @Autowired public void setSitePropertiesService(SitePropertiesService sitePropertiesService) { this.sitePropertiesService = sitePropertiesService; } @Autowired public void setSiteService(SiteService siteService) { this.siteService = siteService; } }