001    /*
002      GRANITE DATA SERVICES
003      Copyright (C) 2011 GRANITE DATA SERVICES S.A.S.
004    
005      This file is part of Granite Data Services.
006    
007      Granite Data Services is free software; you can redistribute it and/or modify
008      it under the terms of the GNU Library General Public License as published by
009      the Free Software Foundation; either version 2 of the License, or (at your
010      option) any later version.
011    
012      Granite Data Services is distributed in the hope that it will be useful, but
013      WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
014      FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License
015      for more details.
016    
017      You should have received a copy of the GNU Library General Public License
018      along with this library; if not, see <http://www.gnu.org/licenses/>.
019    */
020    
021    package org.granite.tide.spring.security;
022    
023    import java.util.Arrays;
024    import java.util.Collection;
025    import java.util.Collections;
026    import java.util.HashSet;
027    import java.util.Set;
028    
029    import org.granite.tide.annotations.TideEnabled;
030    import org.springframework.security.Authentication;
031    import org.springframework.security.GrantedAuthority;
032    import org.springframework.security.GrantedAuthorityImpl;
033    import org.springframework.security.context.SecurityContextHolder;
034    import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
035    import org.springframework.util.StringUtils;
036    
037    
038    /**
039     *      @author William DRAI
040     * 
041     *      Adapted from the Spring security JSP taglib
042     */
043    @TideEnabled
044    public class Identity {
045            
046        public Identity() {
047        }
048        
049        
050        public String isLoggedIn() {
051            Authentication auth = SecurityContextHolder.getContext().getAuthentication();
052            if (auth != null && !(auth instanceof AnonymousAuthenticationToken))
053                    return auth.getName();
054            return null;
055        }
056        
057        
058        public boolean ifNotGranted(String authorities) {
059            final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
060            Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
061            return grantedCopy.isEmpty();
062        }
063        
064        public boolean ifAllGranted(String authorities) {
065            final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
066            return granted.containsAll(parseAuthoritiesString(authorities));
067        }
068        
069        public boolean ifAnyGranted(String authorities) {
070            final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
071            Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
072            return !grantedCopy.isEmpty();
073        }
074    
075        private Collection<GrantedAuthority> getPrincipalAuthorities() {
076            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
077    
078            if (authentication == null || authentication.getAuthorities() == null)
079                return Collections.emptyList();
080    
081            return Arrays.asList(authentication.getAuthorities());
082        }
083    
084        private Set<GrantedAuthority> parseAuthoritiesString(String authorizationsString) {
085            final Set<GrantedAuthority> requiredAuthorities = new HashSet<GrantedAuthority>();
086            final String[] authorities = StringUtils.commaDelimitedListToStringArray(authorizationsString);
087    
088            for (int i = 0; i < authorities.length; i++) {
089                String authority = authorities[i];
090                String role = authority.trim();
091                role = StringUtils.deleteAny(role, "\t\n\r\f");
092    
093                requiredAuthorities.add(new GrantedAuthorityImpl(role));
094            }
095    
096            return requiredAuthorities;
097        }
098    
099        private Set<GrantedAuthority> retainAll(final Collection<GrantedAuthority> granted, final Set<GrantedAuthority> required) {
100            Set<String> grantedRoles = authoritiesToRoles(granted);
101            Set<String> requiredRoles = authoritiesToRoles(required);
102            grantedRoles.retainAll(requiredRoles);
103    
104            return rolesToAuthorities(grantedRoles, granted);
105        }
106    
107        private Set<String> authoritiesToRoles(Collection<GrantedAuthority> c) {
108            Set<String> roles = new HashSet<String>();
109            for (GrantedAuthority authority : c) {
110                if (authority.getAuthority() != null)
111                        roles.add(authority.getAuthority());
112            }
113            return roles;
114        }
115    
116        private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<GrantedAuthority> granted) {
117            Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
118            for (String role : grantedRoles) {
119                for (GrantedAuthority authority : granted) {
120                    if (authority.getAuthority().equals(role)) {
121                        target.add(authority);
122                        break;
123                    }
124                }
125            }
126            return target;
127        }
128    }