Source code

001/*
002  GRANITE DATA SERVICES
003  Copyright (C) 2011 GRANITE DATA SERVICES S.A.S.
004
005  This file is part of Granite Data Services.
006
007  Granite Data Services is free software; you can redistribute it and/or modify
008  it under the terms of the GNU Library General Public License as published by
009  the Free Software Foundation; either version 2 of the License, or (at your
010  option) any later version.
011
012  Granite Data Services is distributed in the hope that it will be useful, but
013  WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
014  FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License
015  for more details.
016
017  You should have received a copy of the GNU Library General Public License
018  along with this library; if not, see <http://www.gnu.org/licenses/>.
019*/
020
021package org.granite.tide.spring.security;
022
023import java.util.Collection;
024import java.util.Collections;
025import java.util.HashSet;
026import java.util.Set;
027
028import org.granite.tide.annotations.TideEnabled;
029import org.springframework.security.authentication.AnonymousAuthenticationToken;
030import org.springframework.security.core.Authentication;
031import org.springframework.security.core.GrantedAuthority;
032import org.springframework.security.core.authority.GrantedAuthorityImpl;
033import org.springframework.security.core.context.SecurityContextHolder;
034import org.springframework.util.StringUtils;
035
036
037/**
038 *      @author William DRAI
039 * 
040 *      Adapted from the Spring security JSP taglib
041 */
042@TideEnabled
043public class Identity3 {
044        
045    public Identity3() {
046    }
047    
048    
049    public String isLoggedIn() {
050        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
051        if (auth != null && !(auth instanceof AnonymousAuthenticationToken))
052                return auth.getName();
053        return null;
054    }
055    
056    
057    public boolean ifNotGranted(String authorities) {
058        final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
059        Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
060        return grantedCopy.isEmpty();
061    }
062    
063    public boolean ifAllGranted(String authorities) {
064        final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
065        return granted.containsAll(parseAuthoritiesString(authorities));
066    }
067    
068    public boolean ifAnyGranted(String authorities) {
069        final Collection<GrantedAuthority> granted = getPrincipalAuthorities();
070        Set<GrantedAuthority> grantedCopy = retainAll(granted, parseAuthoritiesString(authorities));
071        return !grantedCopy.isEmpty();
072    }
073
074    private Collection<GrantedAuthority> getPrincipalAuthorities() {
075        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
076
077        if (authentication == null || authentication.getAuthorities() == null)
078            return Collections.emptyList();
079
080        return authentication.getAuthorities();
081    }
082
083    private Set<GrantedAuthority> parseAuthoritiesString(String authorizationsString) {
084        final Set<GrantedAuthority> requiredAuthorities = new HashSet<GrantedAuthority>();
085        final String[] authorities = StringUtils.commaDelimitedListToStringArray(authorizationsString);
086
087        for (int i = 0; i < authorities.length; i++) {
088            String authority = authorities[i];
089            String role = authority.trim();
090            role = StringUtils.deleteAny(role, "\t\n\r\f");
091
092            requiredAuthorities.add(new GrantedAuthorityImpl(role));
093        }
094
095        return requiredAuthorities;
096    }
097
098    private Set<GrantedAuthority> retainAll(final Collection<GrantedAuthority> granted, final Set<GrantedAuthority> required) {
099        Set<String> grantedRoles = authoritiesToRoles(granted);
100        Set<String> requiredRoles = authoritiesToRoles(required);
101        grantedRoles.retainAll(requiredRoles);
102
103        return rolesToAuthorities(grantedRoles, granted);
104    }
105
106    private Set<String> authoritiesToRoles(Collection<GrantedAuthority> c) {
107        Set<String> roles = new HashSet<String>();
108        for (GrantedAuthority authority : c) {
109            if (authority.getAuthority() != null)
110                    roles.add(authority.getAuthority());
111        }
112        return roles;
113    }
114
115    private Set<GrantedAuthority> rolesToAuthorities(Set<String> grantedRoles, Collection<GrantedAuthority> granted) {
116        Set<GrantedAuthority> target = new HashSet<GrantedAuthority>();
117        for (String role : grantedRoles) {
118            for (GrantedAuthority authority : granted) {
119                if (authority.getAuthority().equals(role)) {
120                    target.add(authority);
121                    break;
122                }
123            }
124        }
125        return target;
126    }
127}