001/* 002 * (C) Copyright 2006-2008 Nuxeo SAS (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * bstefanescu 016 * 017 * $Id$ 018 */ 019 020package org.nuxeo.ecm.webengine.security.guards; 021 022import java.io.StringReader; 023import java.security.Principal; 024 025import javax.script.Bindings; 026import javax.script.Compilable; 027import javax.script.CompiledScript; 028import javax.script.ScriptEngine; 029import javax.script.ScriptException; 030import javax.script.SimpleBindings; 031 032import org.apache.commons.logging.Log; 033import org.apache.commons.logging.LogFactory; 034import org.nuxeo.common.xmap.annotation.XContent; 035import org.nuxeo.common.xmap.annotation.XNode; 036import org.nuxeo.common.xmap.annotation.XObject; 037import org.nuxeo.ecm.core.api.CoreSession; 038import org.nuxeo.ecm.core.api.DocumentModel; 039import org.nuxeo.ecm.webengine.WebEngine; 040import org.nuxeo.ecm.webengine.security.Guard; 041import org.nuxeo.runtime.api.Framework; 042import org.nuxeo.runtime.model.Adaptable; 043 044/** 045 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 046 */ 047@XObject("script") 048public class ScriptGuard implements Guard { 049 050 private static final Log log = LogFactory.getLog(ScriptGuard.class); 051 052 @XContent 053 protected String script; 054 055 @XNode("@type") 056 protected String type; 057 058 @XNode("@src") 059 protected String src; 060 061 protected ScriptEngine engine; 062 063 protected CompiledScript comp; 064 065 protected ScriptGuard() { 066 } 067 068 public ScriptGuard(String type, String script) { 069 this.type = type; 070 this.script = script; 071 } 072 073 public boolean check(Adaptable context) { 074 try { 075 if (engine == null) { 076 comp = compile(type, script); 077 } 078 Bindings bindings = new SimpleBindings(); 079 bindings.put("Context", context); 080 bindings.put("doc", context.getAdapter(DocumentModel.class)); 081 bindings.put("session", context.getAdapter(CoreSession.class)); 082 bindings.put("principal", context.getAdapter(Principal.class)); 083 Object result = null; 084 if (comp != null) { 085 result = comp.eval(bindings); 086 if (result == null) { 087 result = bindings.get("__result__"); 088 } 089 } else { 090 result = engine.eval(new StringReader(script), bindings); 091 } 092 return booleanValue(result); 093 } catch (ScriptException e) { 094 log.error(e, e); 095 return false; 096 } 097 } 098 099 protected static boolean booleanValue(Object obj) { 100 if (obj == null) { 101 return false; 102 } else if (obj.getClass() == Boolean.class) { 103 return (Boolean) obj; 104 } else if (obj instanceof Number) { 105 return ((Number) obj).intValue() != 0; 106 } 107 return false; 108 } 109 110 @Override 111 public String toString() { 112 return "SCRIPT:" + type + '[' + script + ']'; 113 } 114 115 private CompiledScript compile(String type, String content) throws ScriptException { 116 if (engine == null) { 117 engine = Framework.getLocalService(WebEngine.class).getScripting().getEngineManager().getEngineByName(type); 118 } 119 if (engine != null) { 120 if (engine instanceof Compilable) { 121 return ((Compilable) engine).compile(content); 122 } else { 123 return null; // script is not compilable 124 } 125 } else { 126 throw new ScriptException("No suitable script engine found for the file " + type); 127 } 128 } 129 130}