Source code

001/**
002 *   GRANITE DATA SERVICES
003 *   Copyright (C) 2006-2013 GRANITE DATA SERVICES S.A.S.
004 *
005 *   This file is part of the Granite Data Services Platform.
006 *
007 *   Granite Data Services is free software; you can redistribute it and/or
008 *   modify it under the terms of the GNU Lesser General Public
009 *   License as published by the Free Software Foundation; either
010 *   version 2.1 of the License, or (at your option) any later version.
011 *
012 *   Granite Data Services is distributed in the hope that it will be useful,
013 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
014 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
015 *   General Public License for more details.
016 *
017 *   You should have received a copy of the GNU Lesser General Public
018 *   License along with this library; if not, write to the Free Software
019 *   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
020 *   USA, or see <http://www.gnu.org/licenses/>.
021 */
022package org.granite.tide.spring.security;
023
024import java.util.Collection;
025import java.util.Collections;
026import java.util.HashSet;
027import java.util.Set;
028
029import org.granite.tide.annotations.TideEnabled;
030import org.springframework.security.authentication.AnonymousAuthenticationToken;
031import org.springframework.security.core.Authentication;
032import org.springframework.security.core.GrantedAuthority;
033import org.springframework.security.core.authority.GrantedAuthorityImpl;
034import org.springframework.security.core.context.SecurityContextHolder;
035import org.springframework.util.StringUtils;
036
037
038/**
039 *      @author William DRAI
040 * 
041 *      Adapted from the Spring security JSP taglib
042 */
043@SuppressWarnings("deprecation")
044@TideEnabled
045public class Identity {
046        
047    public Identity() {
048    }
049    
050    
051    public String isLoggedIn() {
052        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
053        if (auth != null && !(auth instanceof AnonymousAuthenticationToken))
054                return auth.getName();
055        return null;
056    }
057    
058    
059    public boolean ifNotGranted(String authorities) {
060        final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
061        Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
062        return grantedCopy.isEmpty();
063    }
064    
065    public boolean ifAllGranted(String authorities) {
066        final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
067        return granted.containsAll(parseAuthoritiesString(authorities));
068    }
069    
070    public boolean ifAnyGranted(String authorities) {
071        final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
072        Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
073        return !grantedCopy.isEmpty();
074    }
075
076    private Collection<? extends GrantedAuthority> getPrincipalAuthorities() {
077        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
078
079        if (authentication == null || authentication.getAuthorities() == null)
080            return Collections.emptyList();
081
082        return authentication.getAuthorities();
083    }
084
085        private Set<GrantedAuthority> parseAuthoritiesString(String authorizationsString) {
086        final Set<GrantedAuthority> requiredAuthorities = new HashSet<GrantedAuthority>();
087        final String[] authorities = StringUtils.commaDelimitedListToStringArray(authorizationsString);
088
089        for (int i = 0; i < authorities.length; i++) {
090            String authority = authorities[i];
091            String role = authority.trim();
092            role = StringUtils.deleteAny(role, "\t\n\r\f");
093
094            requiredAuthorities.add(new GrantedAuthorityImpl(role));
095        }
096
097        return requiredAuthorities;
098    }
099
100    private Set<GrantedAuthority> retainAll(final Collection<? extends GrantedAuthority> granted, final Set<GrantedAuthority> required) {
101        Set<String> grantedRoles = authoritiesToRoles(granted);
102        Set<String> requiredRoles = authoritiesToRoles(required);
103        grantedRoles.retainAll(requiredRoles);
104
105        return rolesToAuthorities(grantedRoles, granted);
106    }
107
108    private Set<String> authoritiesToRoles(Collection<? extends GrantedAuthority> c) {
109        Set<String> roles = new HashSet<String>();
110        for (GrantedAuthority authority : c) {
111            if (authority.getAuthority() != null)
112                    roles.add(authority.getAuthority());
113        }
114        return roles;
115    }
116
117    private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<? extends GrantedAuthority> granted) {
118        Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
119        for (String role : grantedRoles) {
120            for (GrantedAuthority authority : granted) {
121                if (authority.getAuthority().equals(role)) {
122                    target.add(authority);
123                    break;
124                }
125            }
126        }
127        return target;
128    }
129}