View Javadoc
1   /*
2    * Copyright (c) 2002-2025, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.service.accesscontrol;
35  
36  import java.util.Locale;
37  
38  import javax.servlet.http.HttpServletRequest;
39  
40  import org.springframework.beans.factory.BeanDefinitionStoreException;
41  import org.springframework.beans.factory.CannotLoadBeanClassException;
42  import org.springframework.beans.factory.NoSuchBeanDefinitionException;
43  
44  import fr.paris.lutece.api.user.User;
45  import fr.paris.lutece.portal.business.accesscontrol.AccessControlSessionData;
46  import fr.paris.lutece.portal.service.plugin.PluginService;
47  import fr.paris.lutece.portal.service.spring.SpringContextService;
48  import fr.paris.lutece.portal.web.xpages.XPage;
49  import fr.paris.lutece.util.ReferenceList;
50  
51  /**
52   * AccessControlService
53   */
54  public final class AccessControlService
55  {
56      private static AccessControlService _singleton;
57      private boolean _bServiceAvailable = true;
58      private IAccessControlServiceProvider _provider;
59  
60      /**
61       * Private constructor
62       */
63      private AccessControlService( )
64      {
65          try
66          {
67              _provider = SpringContextService.getBean( "accesscontrol.accessControlServiceProvider" );
68              _bServiceAvailable = ( _provider != null );
69          }
70          catch( CannotLoadBeanClassException | NoSuchBeanDefinitionException | BeanDefinitionStoreException e )
71          {
72              _bServiceAvailable = false;
73          }
74      }
75  
76      /**
77       * Check if the access control service is available. To be available, the following conditions must be verified :
78       * <ul>
79       * <li>the Bean service is not null</li>
80       * <li>the plugin-accesscontrol must be enable</li>
81       * </ul>
82       * 
83       * @return true if the workflow service is available
84       */
85      public boolean isAvailable( )
86      {
87          return _bServiceAvailable && ( _provider != null ) && PluginService.isPluginEnable( "accesscontrol" );
88      }
89  
90      /**
91       * Returns the unique instance of the service
92       * 
93       * @return The instance of the service
94       */
95      public static synchronized AccessControlService getInstance( )
96      {
97          if ( _singleton == null )
98          {
99              _singleton = new AccessControlService( );
100         }
101         return _singleton;
102     }
103 
104     /**
105      * return a reference list which contains a list enabled AccessControl
106      * 
107      * @param user
108      *            the User
109      * @param locale
110      *            the locale
111      * @return a reference list which contains a list enabled AccessControl
112      */
113     public ReferenceList getAccessControlsEnabled( User user, Locale locale )
114     {
115         return isAvailable( ) ? _provider.getAccessControlsEnabled( user, locale ) : null;
116     }
117 
118     /**
119      * Find the access control used by a resource.
120      * 
121      * @param idResource
122      * @param resourceType
123      * @return the id of the access control, -1 if none
124      */
125     public int findAccessControlForResource( int idResource, String resourceType )
126     {
127         return isAvailable( ) ? _provider.findAccessControlForResource( idResource, resourceType ) : -1;
128     }
129 
130     /**
131      * Links the given resource to the given access control. <br />
132      * if idAccessControl = -1, deletes the link between the resource and any access control.
133      * 
134      * @param idResource
135      * @param resourceType
136      * @param idAccessControl
137      */
138     public void linkResourceToAccessControl( int idResource, String resourceType, int idAccessControl )
139     {
140         if ( isAvailable( ) )
141         {
142             _provider.createOrUpdateAccessControlResource( idResource, resourceType, idAccessControl );
143         }
144     }
145 
146     /**
147      * Redirects to the Access Control exists if the resource has an AccesControl tha has not already been validated
148      * 
149      * @param request
150      * @param idResource
151      * @param resourceType
152      * @return
153      */
154     public XPage doExecuteAccessControl( HttpServletRequest request, int idResource, String resourceType, Object destination )
155     {
156         if ( isAvailable( ) )
157         {
158             int idAccessControl = findAccessControlForResource( idResource, resourceType );
159             if ( idAccessControl != -1 )
160             {
161                 AccessControlSessionData sessionData = _provider.getSessionDataForResource( request, idResource, resourceType );
162                 if ( sessionData == null || !sessionData.isAccessControlResult( ) )
163                 {
164                     return _provider.redirectToAccessControlXPage( request, idResource, resourceType, idAccessControl );
165                 }
166                 if ( sessionData.isAccessControlResult( ) )
167                 {
168                     _provider.applyPersistentData( sessionData, destination ); 
169                 }
170             }
171         }
172         return null;
173     }
174 
175     /**
176      * Remove the Session Data for the give Data
177      * 
178      * @param request
179      * @param idResource
180      * @param resourceType
181      */
182     public void cleanSessionData( HttpServletRequest request, int idResource, String resourceType )
183     {
184         if ( isAvailable( ) )
185         {
186             _provider.deleteSessionDataForResource( request, idResource, resourceType );
187         }
188     }
189 }