View Javadoc

1   /**
2    * Copyright 2011 The Kuali Foundation Licensed under the
3    * Educational Community License, Version 2.0 (the "License"); you may
4    * not use this file except in compliance with the License. You may
5    * obtain a copy of the License at
6    *
7    * http://www.osedu.org/licenses/ECL-2.0
8    *
9    * Unless required by applicable law or agreed to in writing,
10   * software distributed under the License is distributed on an "AS IS"
11   * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12   * or implied. See the License for the specific language governing
13   * permissions and limitations under the License.
14   */
15  package org.kuali.mobility.shared.controllers;
16  
17  import org.kuali.mobility.security.authn.util.AuthenticationConstants;
18  import org.kuali.mobility.security.group.api.Group;
19  import org.kuali.mobility.security.user.api.User;
20  
21  import javax.annotation.Resource;
22  import javax.servlet.http.HttpServletRequest;
23  import java.util.Properties;
24  
25  /**
26   * Base controller that provides utilities for managing authorization
27   *
28   * @author Kuali Mobility Team (mobility.dev@kuali.org)
29   * @since 2.0.0
30   */
31  public class AbstractMobilityController {
32  
33      @Resource(name="kmeProperties")
34      private Properties kmeProperties;
35  
36      public boolean isAllowedAccess(String roleName, HttpServletRequest request) {
37          boolean isAllowed = false;
38  
39          if( roleName == null || roleName.isEmpty() ) {
40              isAllowed = true;
41          } else if ( request.getSession() == null ) {
42              isAllowed = false;
43          } else {
44              User user = (User)request.getSession().getAttribute(AuthenticationConstants.KME_USER_KEY);
45              if( user == null || user.isPublicUser() ) {
46                  isAllowed = false;
47              } else if( user.getGroups() == null || user.getGroups().isEmpty() ) {
48                  isAllowed = false;
49              } else {
50                  for( Group group : user.getGroups() ) {
51                      if( group.getName().equalsIgnoreCase(roleName) ) {
52                          isAllowed = true;
53                          break;
54                      }
55                  }
56              }
57          }
58  
59          return isAllowed;
60      }
61  
62      public Properties getKmeProperties() {
63          return kmeProperties;
64      }
65  
66      public void setKmeProperties(Properties kmeProperties) {
67          this.kmeProperties = kmeProperties;
68      }
69  }