abstractnetworkplacestore.java

这是linux下ssl vpn的实现程序

package com.sslexplorer.vfs.webdav;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.policyframework.NoPermissionException;
import com.sslexplorer.policyframework.OwnedResource;
import com.sslexplorer.policyframework.PolicyConstants;
import com.sslexplorer.policyframework.PolicyDatabase;
import com.sslexplorer.policyframework.ResourceType;
import com.sslexplorer.policyframework.ResourceUtil;
import com.sslexplorer.security.SessionInfo;
import com.sslexplorer.security.SystemDatabase;
import com.sslexplorer.vfs.NetworkPlace;


/**
 * An abstract implementation of a {@link DAVStore} that provides
 * mounts based upon a configured <i>Network Place</i>.
 * <p>
 * The mounts themselves are created from the <i>Network Place</i>
 * resources the user has access to that have a scheme supported by this
 * mount as part of the URI.

 * @author Brett Smith <a href="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
 * @version $Revision: 1.4 $
 */
public abstract class AbstractNetworkPlaceStore extends AbstractStore {

    // Protected instance variables
    protected Map mounts;
    protected DAVResource storeResource;
    protected boolean manageableOnly;

    /**
     * Constructor.
     *
     * @param name store name
     */
    public AbstractNetworkPlaceStore(String name, String charset) {
        super(name, charset);
        mounts = new HashMap();
    }
    
    


    /* (non-Javadoc)
     * @see com.sslexplorer.vfs.webdav.AbstractStore#getMountFromString(java.lang.String, com.sslexplorer.security.SessionInfo)
     */
    public DAVMount getMountFromString(String mountName, SessionInfo session) throws DAVException {
        try {
            NetworkPlace resource = (NetworkPlace)PolicyConstants.NETWORK_PLACE_RESOURCE_TYPE.getResourceByName(mountName);
            ResourceType resourceType = resource.getResourceType();
            if(resource == null) {
                throw new Exception("No network place resource named " + mountName);
            }
            boolean readOnly = false;
            try {
                if (!(resource instanceof OwnedResource)
                                || (resource instanceof OwnedResource && ((OwnedResource) resource).getOwnerUsername() == null)) {
                    try {
                        if (!CoreServlet.getServlet().getPolicyDatabase().isPrincipalAllowed(session.getUser(), resource, false)) {
                            throw new NoPermissionException("You may not access this network place resource here.", session.getUser(),
                                            resourceType);
                        }
                    } catch (NoPermissionException npe2) {
                        throw npe2;
                    } catch (Exception e) {
                        throw new NoPermissionException("Failed to determine if network place resource is accessable.", session.getUser(),
                                        resourceType);
                    }
                } else {
                    if (!(session.getUser().getPrincipalName().equals(((OwnedResource) resource).getOwnerUsername()))) {
                        throw new NoPermissionException("You do not have permission to access this network place resource.", session.getUser(),
                                        resourceType);
                    }
                }
            } catch (NoPermissionException npe) {
                if (!ResourceUtil.isManageableResource(resource, session.getUser(), null)) {
                    throw new NoPermissionException("You do not have permission to access this network place resource.", session.getUser(),
                                    resourceType);
                }
                readOnly = true;
            } catch (Exception e) {
                throw new Exception("Failed to determine if network place resource is accessable.");
            }
            if(!willHandle(resource.getScheme())) {
                throw new Exception("Network place has scheme " + resource.getScheme() + ", this store doesn't support it.");
            }
            AbstractNetworkPlaceMount mount = createMount(resource ,session);
            if(readOnly) {
                mount.setReadOnly(true);
            } 
            return mount;
        }
        catch(NoPermissionException npe) {
            throw new DAVException(DAVStatus.SC_FORBIDDEN, "Policy does not allow you access to this resource.", npe);
        }
        catch(Exception e) {
            throw new DAVException(DAVStatus.SC_INTERNAL_SERVER_ERROR, "Failed to create mount.", e);
        }
    }
    
    /**
     * Create the an appropriate mount instance given a network place. If the
     * user does not have access to the mount an exception should be thrown.
     *  
     * @param networkPlace network place resource
     * @param session session 
     * @return mount 
     * @throws Exception on any error
     */
    protected abstract AbstractNetworkPlaceMount createMount(NetworkPlace networkPlace, SessionInfo session) throws Exception;    

    /* (non-Javadoc)
     * @see com.sslexplorer.vfs.webdav.DAVStore#getMountIterator(com.sslexplorer.vfs.webdav.DAVTransaction)
     */
    public Iterator getMountIterator(DAVTransaction transaction) throws Exception {
        List l = new ArrayList();
        SystemDatabase sdb = CoreServlet.getServlet().getSystemDatabase();
        List granted = sdb.getNetworkPlaces();
        for (Iterator i = granted.iterator(); i.hasNext();) {
            NetworkPlace np = (NetworkPlace) i.next();
            try {
                if(willHandle(np.getScheme())) {
                    l.add(getMountFromString(np.getResourceName(), transaction.getSessionInfo()));
                }
            } catch (Exception e) {
            }
        }
        return l.iterator();
    }
    
    public String getGuestUsername(DAVTransaction transaction) {
        return null;
    }
    
    public char[] getGuestPassword(DAVTransaction transaction) {
        return null;
    }
}