Source code

001/*
002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 */
019
020package org.nuxeo.ecm.platform.ui.web.auth.service;
021
022import java.io.Serializable;
023import java.util.regex.Matcher;
024import java.util.regex.Pattern;
025
026import javax.servlet.http.HttpServletRequest;
027
028import org.nuxeo.common.xmap.annotation.XNode;
029import org.nuxeo.common.xmap.annotation.XObject;
030import org.nuxeo.runtime.api.Framework;
031
032@XObject("openUrl")
033public class OpenUrlDescriptor implements Serializable {
034
035    private static final long serialVersionUID = 1L;
036
037    @XNode("@name")
038    protected String name;
039
040    protected String grantPattern;
041
042    protected Pattern compiledGrantPattern;
043
044    @XNode("denyPattern")
045    protected String denyPattern;
046
047    protected Pattern compiledDenyPattern;
048
049    @XNode("method")
050    protected String method;
051
052    public String getName() {
053        return name;
054    }
055
056    @XNode("grantPattern")
057    public void setGrantPattern(String grantPattern) {
058        this.grantPattern = Framework.expandVars(grantPattern);
059    }
060
061    public String getGrantPattern() {
062        return grantPattern;
063    }
064
065    public Pattern getCompiledGrantPattern() {
066        if (compiledGrantPattern == null && (grantPattern != null && grantPattern.length() > 0)) {
067            compiledGrantPattern = Pattern.compile(grantPattern);
068        }
069        return compiledGrantPattern;
070    }
071
072    public Pattern getCompiledDenyPattern() {
073        if (compiledDenyPattern == null && denyPattern != null && denyPattern.length() > 0) {
074            compiledDenyPattern = Pattern.compile(denyPattern);
075        }
076        return compiledDenyPattern;
077    }
078
079    public String getDenyPattern() {
080        return denyPattern;
081    }
082
083    public String getMethod() {
084        return method;
085    }
086
087    public boolean allowByPassAuth(HttpServletRequest httpRequest) {
088        String uri = httpRequest.getRequestURI();
089        String requestMethod = httpRequest.getMethod();
090
091        if (method != null && !requestMethod.equals(method)) {
092            return false;
093        }
094
095        Pattern deny = getCompiledDenyPattern();
096        if (deny != null) {
097            Matcher denyMatcher = deny.matcher(uri);
098            if (denyMatcher.matches()) {
099                return false;
100            }
101        }
102
103        Pattern grant = getCompiledGrantPattern();
104        if (grant != null) {
105            Matcher grantMatcher = grant.matcher(uri);
106            if (grantMatcher.matches()) {
107                return true;
108            }
109        }
110        return false;
111    }
112
113}