001/* 002 * (C) Copyright 2006-2008 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * bstefanescu 018 * 019 * $Id$ 020 */ 021 022package org.nuxeo.ecm.webengine.security.guards; 023 024import java.io.StringReader; 025import java.security.Principal; 026 027import javax.script.Bindings; 028import javax.script.Compilable; 029import javax.script.CompiledScript; 030import javax.script.ScriptEngine; 031import javax.script.ScriptException; 032import javax.script.SimpleBindings; 033 034import org.apache.commons.logging.Log; 035import org.apache.commons.logging.LogFactory; 036import org.nuxeo.common.xmap.annotation.XContent; 037import org.nuxeo.common.xmap.annotation.XNode; 038import org.nuxeo.common.xmap.annotation.XObject; 039import org.nuxeo.ecm.core.api.CoreSession; 040import org.nuxeo.ecm.core.api.DocumentModel; 041import org.nuxeo.ecm.webengine.WebEngine; 042import org.nuxeo.ecm.webengine.security.Guard; 043import org.nuxeo.runtime.api.Framework; 044import org.nuxeo.runtime.model.Adaptable; 045 046/** 047 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 048 */ 049@XObject("script") 050public class ScriptGuard implements Guard { 051 052 private static final Log log = LogFactory.getLog(ScriptGuard.class); 053 054 @XContent 055 protected String script; 056 057 @XNode("@type") 058 protected String type; 059 060 @XNode("@src") 061 protected String src; 062 063 protected ScriptEngine engine; 064 065 protected CompiledScript comp; 066 067 protected ScriptGuard() { 068 } 069 070 public ScriptGuard(String type, String script) { 071 this.type = type; 072 this.script = script; 073 } 074 075 @Override 076 public boolean check(Adaptable context) { 077 try { 078 if (engine == null) { 079 comp = compile(type, script); 080 } 081 Bindings bindings = new SimpleBindings(); 082 bindings.put("Context", context); 083 bindings.put("doc", context.getAdapter(DocumentModel.class)); 084 bindings.put("session", context.getAdapter(CoreSession.class)); 085 bindings.put("principal", context.getAdapter(Principal.class)); 086 Object result = null; 087 if (comp != null) { 088 result = comp.eval(bindings); 089 if (result == null) { 090 result = bindings.get("__result__"); 091 } 092 } else { 093 result = engine.eval(new StringReader(script), bindings); 094 } 095 return booleanValue(result); 096 } catch (ScriptException e) { 097 log.error(e, e); 098 return false; 099 } 100 } 101 102 protected static boolean booleanValue(Object obj) { 103 if (obj == null) { 104 return false; 105 } else if (obj.getClass() == Boolean.class) { 106 return (Boolean) obj; 107 } else if (obj instanceof Number) { 108 return ((Number) obj).intValue() != 0; 109 } 110 return false; 111 } 112 113 @Override 114 public String toString() { 115 return "SCRIPT:" + type + '[' + script + ']'; 116 } 117 118 private CompiledScript compile(String type, String content) throws ScriptException { 119 if (engine == null) { 120 engine = Framework.getService(WebEngine.class).getScripting().getEngineManager().getEngineByName(type); 121 } 122 if (engine != null) { 123 if (engine instanceof Compilable) { 124 return ((Compilable) engine).compile(content); 125 } else { 126 return null; // script is not compilable 127 } 128 } else { 129 throw new ScriptException("No suitable script engine found for the file " + type); 130 } 131 } 132 133}