Source code

001/*
002 * $Id: UserPermissions.java 542 2005-10-10 18:03:15Z rbair $
003 *
004 * Copyright 2004 Sun Microsystems, Inc., 4150 Network Circle,
005 * Santa Clara, California 95054, U.S.A. All rights reserved.
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 * 
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
015 * Lesser General Public License for more details.
016 * 
017 * You should have received a copy of the GNU Lesser General Public
018 * License along with this library; if not, write to the Free Software
019 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
020 */
021package org.jdesktop.swingx.auth;
022
023import java.beans.PropertyChangeListener;
024import java.beans.PropertyChangeSupport;
025
026/**
027 * This is a singleton that marks the set of permissions for a given logged in user.
028 * It is one of the optional results of a successful login operation.
029 * The purpose of this class is to provide a central location and client side bridge
030 * to the server side permissions and user roles (see J2EE role based authorization).
031 * This class is used by gui widgets and actions to determine visibility and enabled
032 * status and thus a UI can adapt itself to users with a lower set of privileges.
033 *
034 * This class is not meant as a secure barrier! It is only a thin layer to supplant the
035 * server side permissions. This class can be compromized by the user and thus its purpose
036 * is only to help UI flow and navigation and not to prevent attack against a client side
037 * UI. A server implementation must ALWAYS recheck permissions sent by the client regardless
038 * of the client.
039 *
040 * @author Shai Almog
041 */
042public class UserPermissions {
043    private static final UserPermissions INSTANCE = new UserPermissions();
044    private PropertyChangeSupport propertyChange = new PropertyChangeSupport(this);
045    private String[] roles;
046    
047    /** Creates a new instance of UserPermissions */
048    private UserPermissions() {
049    }
050    
051    public void addPropertyChangeListener(PropertyChangeListener listener) {
052        propertyChange.addPropertyChangeListener(listener);
053    }
054
055    public void addPropertyChangeListener(String name, PropertyChangeListener listener) {
056        propertyChange.addPropertyChangeListener(name, listener);
057    }
058    
059    public void removePropertyChangeListener(PropertyChangeListener listener) {
060        propertyChange.removePropertyChangeListener(listener);
061    }
062
063    public void removePropertyChangeListener(String name, PropertyChangeListener listener) {
064        propertyChange.removePropertyChangeListener(name, listener);
065    }
066
067    /**
068     * Returns the singleton instance of this class. A singleton is used to simplify access for
069     * the permissions from every point in the application.
070     */
071    public static UserPermissions getInstance() {
072        return INSTANCE;
073    }
074    
075    /**
076     * Returns the roles of the currently logged in user
077     */
078    public String[] getRoles() {
079        return roles;
080    }
081    
082    /**
083     * Returns true if the user is in the given role (case sensitive).
084     */
085    public boolean isUserInRole(String role) {
086        if(roles != null) {
087            for(int iter = 0 ; iter < roles.length ; iter++) {
088                if(roles[iter].equals(role)) {
089                    return true;
090                }
091            }
092        } 
093        return false;
094    }
095
096    /**
097     * Returns true if the user is in one of the given roles (case sensitive).
098     */
099    public boolean isUserInARole(String[] roles) {
100        for(int iter = 0 ; iter < roles.length ; iter++) {
101            if(isUserInRole(roles[iter])) {
102                return true;
103            }
104        }
105        return false;
106    }
107
108    /**
109     * Returns true if the user is in all of the given roles (case sensitive).
110     */
111    public boolean isUserInRoles(String[] roles) {
112        for(int iter = 0 ; iter < roles.length ; iter++) {
113            if(!isUserInRole(roles[iter])) {
114                return false;
115            }
116        }
117        return true;
118    }
119    
120    void setRoles(String[] roles) {
121        String[] oldValue = this.roles;
122        this.roles = roles;
123        propertyChange.firePropertyChange("roles", oldValue, roles);
124    }
125}
126