View Javadoc

1   /* (c) Copyright 2003 Caleigo AB, All rights reserved. 
2    * 
3    * This library is free software; you can redistribute it and/or
4    * modify it under the terms of the GNU Lesser General Public
5    * License as published by the Free Software Foundation; either
6    * version 2.1 of the License, or (at your option) any later version.
7    * 
8    * This library is distributed in the hope that it will be useful,
9    * but WITHOUT ANY WARRANTY; without even the implied warranty of
10   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
11   * Lesser General Public License for more details.
12   * 
13   * You should have received a copy of the GNU Lesser General Public
14   * License along with this library; if not, write to the Free Software
15   * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
16   *  
17   */
18  package org.caleigo.core;
19  
20  /*** <Description for DataAccessManager>
21   *
22   * @author  Dennis Zikovic
23   * @version 1.00
24   *
25   *//*
26   *
27   * WHEN        WHO               WHY & WHAT
28   * -----------------------------------------------------------------------------
29   * 2002-09-24  Dennis Zikovic    Creation
30   */
31  public abstract class DataAccessManager
32  {
33      // Constants ---------------------------------------------------------------
34      public static final int NONE = 0;
35      public static final int READ = 1;
36      public static final int WRITE = 2;
37      public static final int CONTENT_BASED = 3;
38      
39      // Data members ------------------------------------------------------------
40      private static final InheritableThreadLocal sActiveAccessManger;
41      private static DataAccessManager sDefaultAccessManger;
42      
43      // Static methods ----------------------------------------------------------
44      
45      static
46      {
47          sDefaultAccessManger = new ConstantDataAccessManager(NONE);
48          sActiveAccessManger = new InheritableThreadLocal();
49  //        sActiveAccessManger.set(new AccessManagerHolder(new ConstantDataAccessManager(NONE)));
50      }
51      
52      /*** Returns the currently active DataAccessManager. Note that different 
53       * managers based on the calling thread.
54       */
55      public static DataAccessManager getManager()
56      {
57          if(sActiveAccessManger.get()!=null)
58              return ((AccessManagerHolder)sActiveAccessManger.get()).manager;
59          else
60              return sDefaultAccessManger;
61      }
62      
63      /*** Sets the default DataAccessManager object that will be used as the 
64       * access manager for all threads that has not had another manager 
65       * explicitly set. <p>
66       * The manager will also be inherited by future threads created in
67       * the calling thread or any of its unmodified child threads.<p>
68       */
69      public static void setDefaultManager(DataAccessManager newManager)
70      {
71          if(sDefaultAccessManger!=null && !sDefaultAccessManger.acceptsReplacement(newManager))
72              throw new SecurityException("Current default DataAccessManager does not accept replacement by "+newManager);
73          sDefaultAccessManger = newManager;
74      }
75  
76      /*** Sets the active DataAccessManager object that defines the current user's 
77       * data access rights in the system. This is done for the current thread 
78       * and all the threads  child threads that have not defined their own 
79       * DataAccessManager. <p>
80       * The manager will also be inherited by future threads 
81       * created in the calling thread or any of its unmodified child threads.
82       */
83      public static void setManagerReqursively(DataAccessManager newManager)
84      {
85          if(!getManager().acceptsReplacement(newManager))
86              throw new SecurityException("Current DataAccessManager does not accept replacement by "+newManager);
87          ((AccessManagerHolder)sActiveAccessManger.get()).manager = newManager;
88      }
89      
90      /*** Sets the active DataAccessManager object that defines the current user's 
91       * data access rights in the system. This is done for the current thread 
92       * ONLY and future changes to the manager in any parent threads will no 
93       * longer affect the thhread that call this method. <p>
94       * The manager will also be inherited by future threads created in
95       * the calling thread or any of its unmodified child threads.<p>
96       */
97      public static void setManager(DataAccessManager newManager)
98      {
99          if(!getManager().acceptsReplacement(newManager))
100             throw new SecurityException("Current DataAccessManager does not accept replacement by "+newManager);
101         sActiveAccessManger.set(new AccessManagerHolder(newManager));
102     }
103     
104     // Action methods ----------------------------------------------------------
105     
106     /*** Returns the access level for the provided IDataSourceDescriptor defined
107      * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
108      * based no further check with hasReadAccess or hasWriteAccess is
109      * necessary wich can save alot of performance. 
110      */
111     public abstract int getAccessLevel(IDataSourceDescriptor dataSourceDescriptor);
112     
113     /*** Returns the access level for the provided IEntityDescriptor defined
114      * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
115      * based no further check with hasReadAccess or hasWriteAccess is
116      * necessary wich can save alot of performance. 
117      */
118     public abstract int getAccessLevel(IEntityDescriptor entityDescriptor);
119     
120     /*** Returns the access level for the provided IFieldDescriptor defined
121      * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
122      * based no further check with hasReadAccess or hasWriteAccess is
123      * necessary wich can save alot of performance. 
124      */
125     public abstract int getAccessLevel(IFieldDescriptor fieldDescriptor);
126     
127     /*** Returns the access level for the provided IEntityAction defined
128      * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
129      * based no further check with hasReadAccess or hasWriteAccess is
130      * necessary wich can save alot of performance. 
131      */
132     public abstract int getAccessLevel(IEntityAction entityAction);
133     
134     /*** Returns true if the user has read access to the provided IDataSource.
135      */
136     public abstract boolean hasReadAccess(IDataSource dataSource);
137     
138     /*** Returns true if the user has read access to the provided IEntity.
139      */
140     public abstract boolean hasReadAccess(IEntity entity);
141     
142     /*** Returns true if the user has read access to the provided fieldDescriptor 
143      * in the data content scope of the provided IEntity object.
144      */
145     public abstract boolean hasReadAccess(IFieldDescriptor fieldDescriptor, IEntity data);
146     
147     /*** Returns true if the user has read access to the provided IEntityAction 
148      * object in the data content scope of the provided IEntity object.
149      */
150     public abstract boolean hasReadAccess(IEntityAction entityAction, IEntity data);
151             
152     /*** Returns true if the user has write access to the provided IDataSource.
153      */
154     public abstract boolean hasWriteAccess(IDataSource dataSource);
155     
156     /*** Returns true if the user has write access to the provided IEntity.
157      */
158     public abstract boolean hasWriteAccess(IEntity entity);
159     
160     /*** Returns true if the user has write access to the provided  
161      * fieldDescriptor in the data content scope of the provided IEntity object.
162      */
163     public abstract boolean hasWriteAccess(IFieldDescriptor fieldDescriptor, IEntity data);
164     
165     /*** Returns true if the user has write access to the provided IEntityAction 
166      * object in the data content scope of the provided IEntity object.
167      */
168     public abstract boolean hasWriteAccess(IEntityAction entityAction, IEntity data);
169     
170     /*** This method allows a current manager to reject replacement by another
171      * DataAccessManager. 
172      */ 
173     public abstract boolean acceptsReplacement(DataAccessManager newManager);
174     
175     // Internal classes --------------------------------------------------------
176     
177     private static class AccessManagerHolder
178     {
179         public DataAccessManager manager;
180         
181         public AccessManagerHolder(DataAccessManager startingManager)
182         {
183             manager = startingManager;
184         }
185     }
186     
187     public static interface IContentAccessVerifier
188     {
189         public boolean hasReadAccess(Object descriptionObject, Object dataObject);
190         public boolean hasWriteAccess(Object descriptionObject, Object dataObject);
191     }
192     
193     /*** This simple DataAccessManager restricts access for all managed elements
194      * to a single access level. It can used as a default manager to allow full
195      * write access or view only access to any DataSource.
196      */
197     public static class ConstantDataAccessManager extends DataAccessManager
198     {
199         // Data members --------------------------------------------------------
200         private final int mDefaultAccessLevel;
201         
202         // Constructors --------------------------------------------------------
203         public ConstantDataAccessManager(int defaultAccessLevel)
204         {
205             if(defaultAccessLevel<NONE || defaultAccessLevel>WRITE)
206                 throw new IllegalArgumentException("The access level must be NONE, READ or WRITE!");
207             mDefaultAccessLevel = defaultAccessLevel;
208         }
209         
210         // Superclass overrides ------------------------------------------------
211         
212         /*** Returns the access level for the provided IDataSourceDescriptor defined
213          * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
214          * based no further check with hasReadAccess or hasWriteAccess is
215          * necessary wich can save alot of performance. 
216          */
217         public int getAccessLevel(IDataSourceDescriptor dataSourceDescriptor)
218         {
219             return mDefaultAccessLevel;
220         }
221 
222         /*** Returns the access level for the provided IEntityDescriptor defined
223          * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
224          * based no further check with hasReadAccess or hasWriteAccess is
225          * necessary wich can save alot of performance. 
226          */
227         public int getAccessLevel(IEntityDescriptor entityDescriptor)
228         {
229             return this.getAccessLevel(entityDescriptor.getDataSourceDescriptor());
230         }
231 
232         /*** Returns the access level for the provided IFieldDescriptor defined
233          * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
234          * based no further check with hasReadAccess or hasWriteAccess is
235          * necessary wich can save alot of performance. 
236          */
237         public int getAccessLevel(IFieldDescriptor fieldDescriptor)
238         {
239             return this.getAccessLevel(fieldDescriptor.getEntityDescriptor());
240         }
241 
242         /*** Returns the access level for the provided IEntityAction defined
243          * as NONE, READ, WRITE or CONTENT_BASED. If the access is not content
244          * based no further check with hasReadAccess or hasWriteAccess is
245          * necessary wich can save alot of performance. 
246          */
247         public int getAccessLevel(IEntityAction entityAction)
248         {
249             return this.getAccessLevel(entityAction.getEntityDescriptor());
250         }
251 
252         /*** Returns true if the user has read access to the provided IDataSource.
253          */
254         public boolean hasReadAccess(IDataSource dataSource)
255         {
256             return mDefaultAccessLevel >= READ;
257         }
258 
259         /*** Returns true if the user has read access to the provided IEntity.
260          */
261         public boolean hasReadAccess(IEntity entity)
262         {
263             return this.hasReadAccess(entity.getDataSource());
264         }
265 
266         /*** Returns true if the user has read access to the provided fieldDescriptor 
267          * in the data content scope of the provided IEntity object.
268          */
269         public boolean hasReadAccess(IFieldDescriptor fieldDescriptor, IEntity data)
270         {
271             return this.hasReadAccess(data);
272         }
273 
274         /*** Returns true if the user has read access to the provided IEntityAction 
275          * object in the data content scope of the provided IEntity object.
276          */
277         public boolean hasReadAccess(IEntityAction entityAction, IEntity data)
278         {
279             return this.hasReadAccess(data);
280         }
281 
282         /*** Returns true if the user has write access to the provided IDataSource.
283          */
284         public boolean hasWriteAccess(IDataSource dataSource)
285         {
286             return mDefaultAccessLevel >= WRITE;
287         }
288 
289         /*** Returns true if the user has write access to the provided IEntity.
290          */
291         public boolean hasWriteAccess(IEntity entity)
292         {
293             return this.hasWriteAccess(entity.getDataSource());
294         }
295 
296         /*** Returns true if the user has write access to the provided  
297          * fieldDescriptor in the data content scope of the provided IEntity object.
298          */
299         public boolean hasWriteAccess(IFieldDescriptor fieldDescriptor, IEntity data)
300         {
301             return this.hasWriteAccess(data);
302         }
303 
304         /*** Returns true if the user has write access to the provided IEntityAction 
305          * object in the data content scope of the provided IEntity object.
306          */
307         public boolean hasWriteAccess(IEntityAction entityAction, IEntity data)
308         {
309             return this.hasWriteAccess(data);
310         }
311 
312         /*** This method allows a current manager to reject replacement by another
313          * DataAccessManager. 
314          */ 
315         public boolean acceptsReplacement(DataAccessManager newManager)
316         {
317             return true;
318         }
319         
320         // Access methods ------------------------------------------------------
321         
322         /*** Access method that returns the default accss level of the manager.
323          */
324         public int getDefaultAccessLevel()
325         {
326             return mDefaultAccessLevel;
327         }
328     }    
329 }