Source code

001/*
002  GRANITE DATA SERVICES
003  Copyright (C) 2011 GRANITE DATA SERVICES S.A.S.
004
005  This file is part of Granite Data Services.
006
007  Granite Data Services is free software; you can redistribute it and/or modify
008  it under the terms of the GNU Library General Public License as published by
009  the Free Software Foundation; either version 2 of the License, or (at your
010  option) any later version.
011
012  Granite Data Services is distributed in the hope that it will be useful, but
013  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
014  FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License
015  for more details.
016
017  You should have received a copy of the GNU Library General Public License
018  along with this library; if not, see <http://www.gnu.org/licenses/>.
019*/
020
021package org.granite.tide.spring.security;
022
023import java.util.Arrays;
024import java.util.Collection;
025import java.util.Collections;
026import java.util.HashSet;
027import java.util.Set;
028
029import org.granite.tide.annotations.TideEnabled;
030import org.springframework.security.Authentication;
031import org.springframework.security.GrantedAuthority;
032import org.springframework.security.GrantedAuthorityImpl;
033import org.springframework.security.context.SecurityContextHolder;
034import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
035import org.springframework.util.StringUtils;
036
037
038/**
039 *      @author William DRAI
040 * 
041 *      Adapted from the Spring security JSP taglib
042 */
043@TideEnabled
044public class Identity {
045        
046    public Identity() {
047    }
048    
049    
050    public String isLoggedIn() {
051        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
052        if (auth != null && !(auth instanceof AnonymousAuthenticationToken))
053                return auth.getName();
054        return null;
055    }
056    
057    
058    public boolean ifNotGranted(String authorities) {
059        final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
060        Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
061        return grantedCopy.isEmpty();
062    }
063    
064    public boolean ifAllGranted(String authorities) {
065        final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
066        return granted.containsAll(parseAuthoritiesString(authorities));
067    }
068    
069    public boolean ifAnyGranted(String authorities) {
070        final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
071        Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
072        return !grantedCopy.isEmpty();
073    }
074
075    private Collection<GrantedAuthority> getPrincipalAuthorities() {
076        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
077
078        if (authentication == null || authentication.getAuthorities() == null)
079            return Collections.emptyList();
080
081        return Arrays.asList(authentication.getAuthorities());
082    }
083
084    private Set<GrantedAuthority> parseAuthoritiesString(String authorizationsString) {
085        final Set<GrantedAuthority> requiredAuthorities = new HashSet<GrantedAuthority>();
086        final String[] authorities = StringUtils.commaDelimitedListToStringArray(authorizationsString);
087
088        for (int i = 0; i < authorities.length; i++) {
089            String authority = authorities[i];
090            String role = authority.trim();
091            role = StringUtils.deleteAny(role, "\t\n\r\f");
092
093            requiredAuthorities.add(new GrantedAuthorityImpl(role));
094        }
095
096        return requiredAuthorities;
097    }
098
099    private Set<GrantedAuthority> retainAll(final Collection<GrantedAuthority> granted, final Set<GrantedAuthority> required) {
100        Set<String> grantedRoles = authoritiesToRoles(granted);
101        Set<String> requiredRoles = authoritiesToRoles(required);
102        grantedRoles.retainAll(requiredRoles);
103
104        return rolesToAuthorities(grantedRoles, granted);
105    }
106
107    private Set<String> authoritiesToRoles(Collection<GrantedAuthority> c) {
108        Set<String> roles = new HashSet<String>();
109        for (GrantedAuthority authority : c) {
110            if (authority.getAuthority() != null)
111                    roles.add(authority.getAuthority());
112        }
113        return roles;
114    }
115
116    private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<GrantedAuthority> granted) {
117        Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
118        for (String role : grantedRoles) {
119            for (GrantedAuthority authority : granted) {
120                if (authority.getAuthority().equals(role)) {
121                    target.add(authority);
122                    break;
123                }
124            }
125        }
126        return target;
127    }
128}