informationmemory.java

一套JAVA的CA证书签发系统.

/*************************************************************************
 *                                                                       *
 *  EJBCA: The OpenSource Certificate Authority                          *
 *                                                                       *
 *  This software is free software; you can redistribute it and/or       *
 *  modify it under the terms of the GNU Lesser General Public           *
 *  License as published by the Free Software Foundation; either         *
 *  version 2.1 of the License, or any later version.                    *
 *                                                                       *
 *  See terms of license at gnu.org.                                     *
 *                                                                       *
 *************************************************************************/
 
/*
 * InformationMemory.java
 *
 * Created on den 14 juli 2003, 14:05
 */

package se.anatom.ejbca.webdist.webconfiguration;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.TreeMap;

import se.anatom.ejbca.SecConst;
import se.anatom.ejbca.authorization.AdminGroup;
import se.anatom.ejbca.authorization.IAuthorizationSessionLocal;
import se.anatom.ejbca.ca.caadmin.ICAAdminSessionLocal;
import se.anatom.ejbca.ca.publisher.IPublisherSessionLocal;
import se.anatom.ejbca.ca.sign.ISignSessionLocal;
import se.anatom.ejbca.ca.store.ICertificateStoreSessionLocal;
import se.anatom.ejbca.ca.store.certificateprofiles.CertificateProfile;
import se.anatom.ejbca.hardtoken.IHardTokenSessionLocal;
import se.anatom.ejbca.log.Admin;
import se.anatom.ejbca.ra.RAAuthorization;
import se.anatom.ejbca.ra.raadmin.EndEntityProfile;
import se.anatom.ejbca.ra.raadmin.GlobalConfiguration;
import se.anatom.ejbca.ra.raadmin.IRaAdminSessionLocal;
import se.anatom.ejbca.webdist.cainterface.CAAuthorization;
import se.anatom.ejbca.webdist.cainterface.CertificateProfileNameProxy;
import se.anatom.ejbca.webdist.hardtokeninterface.HardTokenAuthorization;
import se.anatom.ejbca.webdist.loginterface.LogAuthorization;
import se.anatom.ejbca.webdist.rainterface.EndEntityProfileNameProxy;


/**
 * A class used to improve performance by proxying authorization information about the administrator.
 * It should be used in all jsp interface bean classes. 
 * @author  TomSelleck
 */
public class InformationMemory {
    
    /** Creates a new instance of ProfileNameProxy */
    public InformationMemory(Admin administrator,
                             ICAAdminSessionLocal  caadminsession,
                             IRaAdminSessionLocal raadminsession, 
                             IAuthorizationSessionLocal authorizationsession,
                             ISignSessionLocal signsession,
                             ICertificateStoreSessionLocal certificatestoresession,
                             IHardTokenSessionLocal hardtokensession,
							 IPublisherSessionLocal publishersession,
                             GlobalConfiguration globalconfiguration){
      this.caadminsession = caadminsession;                           
      this.administrator = administrator;
      this.raadminsession = raadminsession;
      this.authorizationsession = authorizationsession;
      this.signsession = signsession;
      this.certificatestoresession = certificatestoresession;
      this.publishersession = publishersession;
      this.globalconfiguration = globalconfiguration;
      
      this.raauthorization = new RAAuthorization(administrator, raadminsession, authorizationsession);
      this.caauthorization = new CAAuthorization(administrator, caadminsession, certificatestoresession, authorizationsession);
      this.logauthorization = new LogAuthorization(administrator, authorizationsession);
      this.hardtokenauthorization = new HardTokenAuthorization(administrator, hardtokensession, authorizationsession);
    }
    
    
    /**
     * Returns a Map of end entity profile id (Integer) -> end entity profile name (String).
     */
    public HashMap getEndEntityProfileIdToNameMap(){
      if(endentityprofileidtonamemap == null){
        endentityprofileidtonamemap = raadminsession.getEndEntityProfileIdToNameMap(administrator);  
      }
      
      return endentityprofileidtonamemap;
    }
    

    /**
     * Returns a Map of certificate profile id (Integer) -> certificate name (String).
     */
    public HashMap getCertificateProfileIdToNameMap(){
      if(certificateprofileidtonamemap == null){
        certificateprofileidtonamemap = this.certificatestoresession.getCertificateProfileIdToNameMap(administrator); 
      }
      
      return certificateprofileidtonamemap;
    }    

    /**
     * Returns a Map of CA id (Integer) -> CA name (String).
     */
    public HashMap getCAIdToNameMap(){
      if(caidtonamemap == null){
        caidtonamemap = caadminsession.getCAIdToNameMap(administrator);
      }
      
      return caidtonamemap;
    }
    
	/**
	 * Returns a Map of hard token profile id (Integer) -> hard token profile name (String).
	 */
	public HashMap getHardTokenProfileIdToNameMap(){      
	  return this.hardtokenauthorization.getHardTokenProfileIdToNameMap();
	}            
    
    /**
     * Returns authorized end entity profile names as a treemap of name (String) -> id (Integer)
     */
    public TreeMap getAuthorizedEndEntityProfileNames(){
      return this.raauthorization.getAuthorizedEndEntityProfileNames();   
    }
    
	/**
	 * Returns end entity profile names with create rights as a treemap of name (String) -> id (Integer)
	 */    
    public TreeMap getCreateAuthorizedEndEntityProfileNames(){
		if(globalconfiguration.getEnableEndEntityProfileLimitations())
		  return this.raauthorization.getCreateAuthorizedEndEntityProfileNames();
		  
		return this.raauthorization.getAuthorizedEndEntityProfileNames(); 
    }

	/**
	 * Returns end entity profile names with view rights as a treemap of name (String) -> id (Integer)
	 */    
	public TreeMap getViewAuthorizedEndEntityProfileNames(){
		if(globalconfiguration.getEnableEndEntityProfileLimitations())
		  return this.raauthorization.getViewAuthorizedEndEntityProfileNames();
		  
		return this.raauthorization.getAuthorizedEndEntityProfileNames();   
	}

    
    /**
     * Returns authorized end entity certificate profile names as a treemap of name (String) -> id (Integer)
     */
    public TreeMap getAuthorizedEndEntityCertificateProfileNames(){
      return this.caauthorization.getAuthorizedEndEntityCertificateProfileNames(getGlobalConfiguration().getIssueHardwareTokens());   
    }    

    /**
     * Returns authorized sub CA certificate profile names as a treemap of name (String) -> id (Integer)
     */
    public TreeMap getAuthorizedSubCACertificateProfileNames(){
      return this.caauthorization.getAuthorizedSubCACertificateProfileNames();   
    } 
    
    /**
     * Returns authorized root CA certificate profile names as a treemap of name (String) -> id (Integer)
     */
    public TreeMap getAuthorizedRootCACertificateProfileNames(){
      return this.caauthorization.getAuthorizedRootCACertificateProfileNames();   
    } 
    
    /**
     * Returns all authorized certificate profile names as a treemap of name (String) -> id (Integer)
     */
    public TreeMap getEditCertificateProfileNames(){
      return this.caauthorization.getEditCertificateProfileNames(getGlobalConfiguration().getIssueHardwareTokens());   
    }     
    
    /**
     * Returns a CA names as a treemap of name (String) -> id (Integer).
     * Doesn't include external CAs.
     */
    public TreeMap getCANames(){
      return this.caauthorization.getCANames();   
    }     
 
	/**
	 * Returns a CA names as a treemap of name (String) -> id (Integer).
	 * Also includes external CAs
	 */
	public TreeMap getAllCANames(){
	  return this.caauthorization.getAllCANames();   
	}     


    /**
     * Returns string used in view log queries.
     */
    public String getViewLogQueryString(){
      return this.logauthorization.getViewLogRights();
    }

    /**
     * Returns string used in view log queries.
     */
    public String getViewLogCAIdString(){
      return this.logauthorization.getCARights();
    }
    
    /**
     *  Returns a collection of module ids the administrator is authorized to view log of.
     */
    public Collection getAuthorizedModules(){
        return this.logauthorization.getAuthorizedModules();       	
    }
    
    /**
     * Returns CA authorization string used in userdata queries.
     */
    public String getUserDataQueryCAAuthoorizationString(){
      return this.raauthorization.getCAAuthorizationString();   
    }

    /**
     * Returns CA authorization string used in userdata queries.
     */
    public String getUserDataQueryEndEntityProfileAuthorizationString(){
      return this.raauthorization.getEndEntityProfileAuthorizationString();   
    }
    
    
    /**
     * Returns a Collection of Integer containing authorized CA ids.
     */    
    public Collection getAuthorizedCAIds(){
      return caauthorization.getAuthorizedCAIds();  
    } 
    
    /**
     * Returns the system configuration (GlobalConfiguration).
     */    
    public GlobalConfiguration getGlobalConfiguration(){      
      return globalconfiguration;  
    }
    
    /**
     * Returns the end entity profile name proxy
     */      
    public EndEntityProfileNameProxy getEndEntityProfileNameProxy(){
      if(endentityprofilenameproxy == null)
        endentityprofilenameproxy = new EndEntityProfileNameProxy(administrator, raadminsession);  
        
      return endentityprofilenameproxy;
    }
    
    /**
     * Returns the end entity profile name proxy
     */      
    public CertificateProfileNameProxy getCertificateProfileNameProxy(){
      if(certificateprofilenameproxy == null)
        certificateprofilenameproxy = new CertificateProfileNameProxy(administrator, certificatestoresession);  
        
      return certificateprofilenameproxy;
    }
    
    /**
     *  Method returning the all available publishers id to name.
     * 
     * @return the publisheridtonamemap (HashMap)
     */
    public HashMap getPublisherIdToNameMap(){
    	if(publisheridtonamemap == null)
    	   publisheridtonamemap = publishersession.getPublisherIdToNameMap(administrator);
    	   
    	 return publisheridtonamemap;   	
    }
    
    /**
     * Returns all authorized publishers names as a treemap of name (String) -> id (Integer).
     */