001/* 002 * (C) Copyright 2006-2008 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * bstefanescu 018 * 019 * $Id$ 020 */ 021 022package org.nuxeo.ecm.webengine.security.guards; 023 024import java.io.StringReader; 025import java.security.Principal; 026 027import javax.script.Bindings; 028import javax.script.Compilable; 029import javax.script.CompiledScript; 030import javax.script.ScriptEngine; 031import javax.script.ScriptException; 032import javax.script.SimpleBindings; 033 034import org.apache.commons.logging.Log; 035import org.apache.commons.logging.LogFactory; 036import org.nuxeo.common.xmap.annotation.XContent; 037import org.nuxeo.common.xmap.annotation.XNode; 038import org.nuxeo.common.xmap.annotation.XObject; 039import org.nuxeo.ecm.core.api.CoreSession; 040import org.nuxeo.ecm.core.api.DocumentModel; 041import org.nuxeo.ecm.webengine.WebEngine; 042import org.nuxeo.ecm.webengine.security.Guard; 043import org.nuxeo.runtime.api.Framework; 044import org.nuxeo.runtime.model.Adaptable; 045 046/** 047 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 048 */ 049@XObject("script") 050public class ScriptGuard implements Guard { 051 052 private static final Log log = LogFactory.getLog(ScriptGuard.class); 053 054 @XContent 055 protected String script; 056 057 @XNode("@type") 058 protected String type; 059 060 @XNode("@src") 061 protected String src; 062 063 protected ScriptEngine engine; 064 065 protected CompiledScript comp; 066 067 protected ScriptGuard() { 068 } 069 070 public ScriptGuard(String type, String script) { 071 this.type = type; 072 this.script = script; 073 } 074 075 public boolean check(Adaptable context) { 076 try { 077 if (engine == null) { 078 comp = compile(type, script); 079 } 080 Bindings bindings = new SimpleBindings(); 081 bindings.put("Context", context); 082 bindings.put("doc", context.getAdapter(DocumentModel.class)); 083 bindings.put("session", context.getAdapter(CoreSession.class)); 084 bindings.put("principal", context.getAdapter(Principal.class)); 085 Object result = null; 086 if (comp != null) { 087 result = comp.eval(bindings); 088 if (result == null) { 089 result = bindings.get("__result__"); 090 } 091 } else { 092 result = engine.eval(new StringReader(script), bindings); 093 } 094 return booleanValue(result); 095 } catch (ScriptException e) { 096 log.error(e, e); 097 return false; 098 } 099 } 100 101 protected static boolean booleanValue(Object obj) { 102 if (obj == null) { 103 return false; 104 } else if (obj.getClass() == Boolean.class) { 105 return (Boolean) obj; 106 } else if (obj instanceof Number) { 107 return ((Number) obj).intValue() != 0; 108 } 109 return false; 110 } 111 112 @Override 113 public String toString() { 114 return "SCRIPT:" + type + '[' + script + ']'; 115 } 116 117 private CompiledScript compile(String type, String content) throws ScriptException { 118 if (engine == null) { 119 engine = Framework.getLocalService(WebEngine.class).getScripting().getEngineManager().getEngineByName(type); 120 } 121 if (engine != null) { 122 if (engine instanceof Compilable) { 123 return ((Compilable) engine).compile(content); 124 } else { 125 return null; // script is not compilable 126 } 127 } else { 128 throw new ScriptException("No suitable script engine found for the file " + type); 129 } 130 } 131 132}