001    /*
002    @license.text@
003     */
004    package biz.hammurapi.authorization;
005    
006    import java.security.AccessControlException;
007    import java.util.Collection;
008    
009    import org.w3c.dom.Node;
010    
011    /**
012     * "Hub" class for authorization checks.
013     * @author Pavel Vlasov
014     * @revision $Revision$
015     */
016    public class AuthorizationManager {
017                    
018            public static boolean hasClassPermission(Class clazz, String action) {
019                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
020                    return provider==null ? true : provider.hasClassPermission(clazz, action);
021            }
022            
023            public static void checkClassPermission(Class clazz, String action) throws AccessControlException {
024                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
025                    if (provider!=null) {
026                            provider.checkClassPermission(clazz, action);
027                    }
028            }
029            
030            /**
031             * Authorization provider determines permission type from subject type
032             * @param instance
033             * @param action
034             * @return
035             */
036            public static boolean hasObjectPermission(Object instance, String action) {
037                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
038                    return provider==null ? true : provider.hasInstancePermission(instance, action);
039            }
040    
041            /**
042             * Authorization provider determines permission type from subject.
043             * @param instance
044             * @param action
045             * @return
046             */
047            public static void checkInstancePermission(Object instance, String action) throws AccessControlException {
048                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
049                    if (provider!=null) {
050                            provider.checkInstancePermission(instance, action);
051                    }
052            }
053            
054            /**
055             * Authorization provider determines permission type from className.
056             * This method is to be used from XSL stylesheets.
057             * @param subject
058             * @param action
059             * @return
060             */
061            public static boolean hasClassPermission(String className, String action) {
062                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
063                    return provider==null ? true : provider.hasClassPermission(className, action);
064            }
065    
066            /**
067             * Authorization provider determines permission type from Node where 
068             * subject was serialized to.
069             * This method is to be used from XSL stylesheets.
070             * @param subject
071             * @param action
072             * @return
073             */
074            public static boolean hasInstancePermission(Node subjectNode, String className, String action) {
075                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
076                    return provider==null ? true : provider.hasInstancePermission(subjectNode, className, action);
077            }
078            
079            private static InheritableThreadLocal threadProvider=new InheritableThreadLocal();
080            
081            public static void setThreadProvider(AuthorizationProvider provider) {
082                    threadProvider.set(provider);
083            }
084            
085            public static boolean isUserInRole(String role) {
086                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
087                    return provider==null ? true : provider.isUserInRole(role);             
088            }
089                            
090            public static String getUserName() {
091                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
092                    return provider==null ? null : provider.getUserName();          
093            }
094            
095            /**
096             * @return Collection of permissions
097             */
098            public static Collection getPermissions() {
099                    AuthorizationProvider provider =  (AuthorizationProvider) threadProvider.get();
100                    return provider==null ? null : provider.getPermissions();                               
101            }
102            
103                            
104    }