001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.pacl.checker;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.security.pacl.permission.PortalMessageBusPermission;
020    
021    import java.security.Permission;
022    
023    import java.util.Set;
024    import java.util.TreeSet;
025    
026    /**
027     * @author Brian Wing Shun Chan
028     * @author Raymond Augé
029     */
030    public class PortalMessageBusChecker extends BaseChecker {
031    
032            public void afterPropertiesSet() {
033                    initListenDestinationNames();
034                    initSendDestinationNames();
035            }
036    
037            public void checkPermission(Permission permission) {
038                    PortalMessageBusPermission portalMessageBusPermission =
039                            (PortalMessageBusPermission)permission;
040    
041                    String name = portalMessageBusPermission.getName();
042                    String destinationName =
043                            portalMessageBusPermission.getDestinationName();
044    
045                    if (name.equals(PORTAL_MESSAGE_BUS_PERMISSION_LISTEN)) {
046                            if (!_listenDestinationNames.contains(destinationName)) {
047                                    throwSecurityException(
048                                            _log,
049                                            "Attempted to listen on destination " + destinationName);
050                            }
051                    }
052                    else if (name.equals(PORTAL_MESSAGE_BUS_PERMISSION_SEND)) {
053                            if (!_sendDestinationNames.contains(destinationName)) {
054                                    throwSecurityException(
055                                            _log, "Attempted to send to " + destinationName);
056                            }
057                    }
058    
059            }
060    
061            @Override
062            public AuthorizationProperty generateAuthorizationProperty(
063                    Object... arguments) {
064    
065                    if ((arguments == null) || (arguments.length != 1) ||
066                            !(arguments[0] instanceof Permission)) {
067    
068                            return null;
069                    }
070    
071                    PortalMessageBusPermission portalMessageBusPermission =
072                            (PortalMessageBusPermission)arguments[0];
073    
074                    String name = portalMessageBusPermission.getName();
075    
076                    String key = null;
077    
078                    if (name.equals(PORTAL_MESSAGE_BUS_PERMISSION_LISTEN)) {
079                            key = "security-manager-message-bus-listen";
080                    }
081                    else if (name.equals(PORTAL_MESSAGE_BUS_PERMISSION_SEND)) {
082                            key = "security-manager-message-bus-send";
083                    }
084                    else {
085                            return null;
086                    }
087    
088                    AuthorizationProperty authorizationProperty =
089                            new AuthorizationProperty();
090    
091                    authorizationProperty.setKey(key);
092                    authorizationProperty.setValue(
093                            portalMessageBusPermission.getDestinationName());
094    
095                    return authorizationProperty;
096            }
097    
098            protected void initListenDestinationNames() {
099                    _listenDestinationNames = getPropertySet(
100                            "security-manager-message-bus-listen");
101    
102                    if (_log.isDebugEnabled()) {
103                            Set<String> destinationNames = new TreeSet<String>(
104                                    _listenDestinationNames);
105    
106                            for (String destinationName : destinationNames) {
107                                    _log.debug(
108                                            "Allowing message listeners to listen on destination " +
109                                                    destinationName);
110                            }
111                    }
112            }
113    
114            protected void initSendDestinationNames() {
115                    _sendDestinationNames = getPropertySet(
116                            "security-manager-message-bus-send");
117    
118                    if (_log.isDebugEnabled()) {
119                            Set<String> destinationNames = new TreeSet<String>(
120                                    _sendDestinationNames);
121    
122                            for (String destinationName : destinationNames) {
123                                    _log.debug(
124                                            "Allowing the message bus to send to destination " +
125                                                    destinationName);
126                            }
127                    }
128            }
129    
130            private static Log _log = LogFactoryUtil.getLog(
131                    PortalMessageBusChecker.class);
132    
133            private Set<String> _listenDestinationNames;
134            private Set<String> _sendDestinationNames;
135    
136    }