001    /**
002     *   GRANITE DATA SERVICES
003     *   Copyright (C) 2006-2013 GRANITE DATA SERVICES S.A.S.
004     *
005     *   This file is part of the Granite Data Services Platform.
006     *
007     *   Granite Data Services is free software; you can redistribute it and/or
008     *   modify it under the terms of the GNU Lesser General Public
009     *   License as published by the Free Software Foundation; either
010     *   version 2.1 of the License, or (at your option) any later version.
011     *
012     *   Granite Data Services is distributed in the hope that it will be useful,
013     *   but WITHOUT ANY WARRANTY; without even the implied warranty of
014     *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
015     *   General Public License for more details.
016     *
017     *   You should have received a copy of the GNU Lesser General Public
018     *   License along with this library; if not, write to the Free Software
019     *   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
020     *   USA, or see <http://www.gnu.org/licenses/>.
021     */
022    package org.granite.tide.spring.security;
023    
024    import java.util.Collection;
025    import java.util.Collections;
026    import java.util.HashSet;
027    import java.util.Set;
028    
029    import org.granite.tide.annotations.TideEnabled;
030    import org.springframework.security.authentication.AnonymousAuthenticationToken;
031    import org.springframework.security.core.Authentication;
032    import org.springframework.security.core.GrantedAuthority;
033    import org.springframework.security.core.authority.GrantedAuthorityImpl;
034    import org.springframework.security.core.context.SecurityContextHolder;
035    import org.springframework.util.StringUtils;
036    
037    
038    /**
039     *      @author William DRAI
040     * 
041     *      Adapted from the Spring security JSP taglib
042     */
043    @SuppressWarnings("deprecation")
044    @TideEnabled
045    public class Identity {
046            
047        public Identity() {
048        }
049        
050        
051        public String isLoggedIn() {
052            Authentication auth = SecurityContextHolder.getContext().getAuthentication();
053            if (auth != null && !(auth instanceof AnonymousAuthenticationToken))
054                    return auth.getName();
055            return null;
056        }
057        
058        
059        public boolean ifNotGranted(String authorities) {
060            final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
061            Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
062            return grantedCopy.isEmpty();
063        }
064        
065        public boolean ifAllGranted(String authorities) {
066            final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
067            return granted.containsAll(parseAuthoritiesString(authorities));
068        }
069        
070        public boolean ifAnyGranted(String authorities) {
071            final Collection<? extends GrantedAuthority> granted = getPrincipalAuthorities();
072            Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
073            return !grantedCopy.isEmpty();
074        }
075    
076        private Collection<? extends GrantedAuthority> getPrincipalAuthorities() {
077            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
078    
079            if (authentication == null || authentication.getAuthorities() == null)
080                return Collections.emptyList();
081    
082            return authentication.getAuthorities();
083        }
084    
085            private Set<GrantedAuthority> parseAuthoritiesString(String authorizationsString) {
086            final Set<GrantedAuthority> requiredAuthorities = new HashSet<GrantedAuthority>();
087            final String[] authorities = StringUtils.commaDelimitedListToStringArray(authorizationsString);
088    
089            for (int i = 0; i < authorities.length; i++) {
090                String authority = authorities[i];
091                String role = authority.trim();
092                role = StringUtils.deleteAny(role, "\t\n\r\f");
093    
094                requiredAuthorities.add(new GrantedAuthorityImpl(role));
095            }
096    
097            return requiredAuthorities;
098        }
099    
100        private Set<GrantedAuthority> retainAll(final Collection<? extends GrantedAuthority> granted, final Set<GrantedAuthority> required) {
101            Set<String> grantedRoles = authoritiesToRoles(granted);
102            Set<String> requiredRoles = authoritiesToRoles(required);
103            grantedRoles.retainAll(requiredRoles);
104    
105            return rolesToAuthorities(grantedRoles, granted);
106        }
107    
108        private Set<String> authoritiesToRoles(Collection<? extends GrantedAuthority> c) {
109            Set<String> roles = new HashSet<String>();
110            for (GrantedAuthority authority : c) {
111                if (authority.getAuthority() != null)
112                        roles.add(authority.getAuthority());
113            }
114            return roles;
115        }
116    
117        private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<? extends GrantedAuthority> granted) {
118            Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
119            for (String role : grantedRoles) {
120                for (GrantedAuthority authority : granted) {
121                    if (authority.getAuthority().equals(role)) {
122                        target.add(authority);
123                        break;
124                    }
125                }
126            }
127            return target;
128        }
129    }