001    /*
002      GRANITE DATA SERVICES
003      Copyright (C) 2011 GRANITE DATA SERVICES S.A.S.
004    
005      This file is part of Granite Data Services.
006    
007      Granite Data Services is free software; you can redistribute it and/or modify
008      it under the terms of the GNU Library General Public License as published by
009      the Free Software Foundation; either version 2 of the License, or (at your
010      option) any later version.
011    
012      Granite Data Services is distributed in the hope that it will be useful, but
013      WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
014      FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License
015      for more details.
016    
017      You should have received a copy of the GNU Library General Public License
018      along with this library; if not, see <http://www.gnu.org/licenses/>.
019    */
020    
021    package org.granite.tide.spring.security;
022    
023    import java.util.Collection;
024    import java.util.Collections;
025    import java.util.HashSet;
026    import java.util.Set;
027    
028    import org.granite.tide.annotations.TideEnabled;
029    import org.springframework.security.authentication.AnonymousAuthenticationToken;
030    import org.springframework.security.core.Authentication;
031    import org.springframework.security.core.GrantedAuthority;
032    import org.springframework.security.core.authority.GrantedAuthorityImpl;
033    import org.springframework.security.core.context.SecurityContextHolder;
034    import org.springframework.util.StringUtils;
035    
036    
037    /**
038     *      @author William DRAI
039     * 
040     *      Adapted from the Spring security JSP taglib
041     */
042    @TideEnabled
043    public class Identity3 {
044            
045        public Identity3() {
046        }
047        
048        
049        public String isLoggedIn() {
050            Authentication auth = SecurityContextHolder.getContext().getAuthentication();
051            if (auth != null && !(auth instanceof AnonymousAuthenticationToken))
052                    return auth.getName();
053            return null;
054        }
055        
056        
057        public boolean ifNotGranted(String authorities) {
058            final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
059            Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
060            return grantedCopy.isEmpty();
061        }
062        
063        public boolean ifAllGranted(String authorities) {
064            final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
065            return granted.containsAll(parseAuthoritiesString(authorities));
066        }
067        
068        public boolean ifAnyGranted(String authorities) {
069            final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
070            Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
071            return !grantedCopy.isEmpty();
072        }
073    
074        private Collection<GrantedAuthority> getPrincipalAuthorities() {
075            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
076    
077            if (authentication == null || authentication.getAuthorities() == null)
078                return Collections.emptyList();
079    
080            return authentication.getAuthorities();
081        }
082    
083        private Set<GrantedAuthority> parseAuthoritiesString(String authorizationsString) {
084            final Set<GrantedAuthority> requiredAuthorities = new HashSet<GrantedAuthority>();
085            final String[] authorities = StringUtils.commaDelimitedListToStringArray(authorizationsString);
086    
087            for (int i = 0; i < authorities.length; i++) {
088                String authority = authorities[i];
089                String role = authority.trim();
090                role = StringUtils.deleteAny(role, "\t\n\r\f");
091    
092                requiredAuthorities.add(new GrantedAuthorityImpl(role));
093            }
094    
095            return requiredAuthorities;
096        }
097    
098        private Set<GrantedAuthority> retainAll(final Collection<GrantedAuthority> granted, final Set<GrantedAuthority> required) {
099            Set<String> grantedRoles = authoritiesToRoles(granted);
100            Set<String> requiredRoles = authoritiesToRoles(required);
101            grantedRoles.retainAll(requiredRoles);
102    
103            return rolesToAuthorities(grantedRoles, granted);
104        }
105    
106        private Set<String> authoritiesToRoles(Collection<GrantedAuthority> c) {
107            Set<String> roles = new HashSet<String>();
108            for (GrantedAuthority authority : c) {
109                if (authority.getAuthority() != null)
110                        roles.add(authority.getAuthority());
111            }
112            return roles;
113        }
114    
115        private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<GrantedAuthority> granted) {
116            Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
117            for (String role : grantedRoles) {
118                for (GrantedAuthority authority : granted) {
119                    if (authority.getAuthority().equals(role)) {
120                        target.add(authority);
121                        break;
122                    }
123                }
124            }
125            return target;
126        }
127    }