aclfileimpl.java

一个实用工具类

/*
 * Copyright (C) butor.com. All rights reserved.
 *
 * This software is published under the terms of the GNU Library General
 * Public License (GNU LGPL), a copy of which has been included with this
 * distribution in the LICENSE.txt file. 
 */
package org.butor.acl.fileImpl;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileFilter;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;

import org.butor.acl.Acl;
import org.butor.acl.IAclService;
import org.butor.comparator.StringComparator;
import org.butor.config.Config;
import org.butor.config.lowlevel.IProperties;
import org.butor.fwService.FwServiceImpl;
import org.butor.helper.PropertiesHelper;
import org.butor.log.Log;

public class AclFileImpl extends FwServiceImpl implements IAclService {

	public static final String SYSTEM_PROPERTY_ACL_DIR = "butor_acl_dir";
	public static final String SYSTEM_PROPERTY_ACL_RESOURCE_MATCHING = "butor_acl_resource_matching";
	public static final String PROPERTY_FOLDER = "folder";
	public static final String PROPERTY_RESOURCE_MATCHING = "resource_matching";
	
	public static final String RESOURCE_MATCHING_SINGLE = "single"; 
	public static final String RESOURCE_MATCHING_LONGEST_START_WITH = "longest-start-with"; 
	
	public static final String ACL_FILE = "acl.txt";
	public static final String GROUP_POSTFIX = ".group";

	protected String f_aclFolderName = null;
	protected File f_aclFolder = null;
	
	protected String f_resourceMatching = null;
	
	protected Properties f_aclProperties = null;
	protected Map f_acls = new HashMap();
	protected File f_aclFile = null;
	protected Map f_groups = new HashMap();
	
	protected Map f_aclsLongestMatchCache = new HashMap();
	
	public AclFileImpl() {
		super();
	}

	public boolean isMember(String groupName, String member) {
		ArrayList group = (ArrayList) f_groups.get(groupName);
		if (group == null) {
			return false;
		}
		
		return group.contains(member);
	}
	
	public Acl getAcl(String resource) {
		return getAcl(resource, false);
	}
	
	public boolean setAcl(Acl acl) {
		synchronized (f_acls) {
			f_acls.put(acl.getResource(), acl);
			saveAcl();
			return true;
		}
	}
	public boolean removeAcl(String resource) {
		synchronized (f_acls) {
			if (f_acls.containsKey(resource)) {
				f_acls.remove(resource);
				saveAcl();
				return true;
			}
		}
		return false;
	}
	public boolean hasRole(String resource, String principal, String role) {
		if (f_resourceMatching.equals(RESOURCE_MATCHING_LONGEST_START_WITH)) {
			synchronized (f_acls) {
				Acl acl = (Acl)f_aclsLongestMatchCache.get(resource);
				if (acl == null) {
					String longestMatch = null;
					Iterator it = f_acls.keySet().iterator();
					while (it.hasNext()) {
						String key = (String) it.next();
						if (key.startsWith(resource)) {
							if (longestMatch == null || longestMatch.length() < key.length()) {
								longestMatch = key;
								acl = (Acl)f_acls.get(key);
							}
						}
					}
					
					if (longestMatch != null) {
						f_aclsLongestMatchCache.put(resource, acl);
					}
				}
				if (acl != null) {
					return acl.hasRole(principal, role);
				}
			}
			
		} else {
			Acl acl = (Acl)f_acls.get(resource);
			if (acl != null) {
				return acl.hasRole(principal, role);
			}
		}
		return false;
	}
	
	public boolean isGroup(String groupName) {
		return f_groups.containsKey(groupName);
	}
	
	public boolean addGroup(String groupName) {
		synchronized (f_groups) {
			if (f_groups.containsKey(groupName)) {
				String msg ="Group '" +groupName +"' already exists!";
				Log.logStr(this, Log.WARN, "addGroup()", msg);
				return false;
			}
			
			try {
				File group = new File(f_aclFolder, groupName +GROUP_POSTFIX);
				if (group.createNewFile()) {
					f_groups.put(groupName, new ArrayList());
					return true;
				}
			} catch (IOException ex) {
				Log.logException(this, Log.ERROR, "addGroup()", ex);
			}
			return false;
		}
	}

	public boolean removeGroup(String groupName) {
		synchronized (f_groups) {
			File group = new File(f_aclFolder, groupName +GROUP_POSTFIX);
			if (group.delete()) {
				f_groups.remove(groupName);
				return true;
			}
			return false;
		}
	}

	public boolean addMember(String groupName, String member) {
		synchronized (f_groups) {
			List group = (ArrayList) f_groups.get(groupName);
			if (group == null) {
				String msg = "Group '" +groupName +"' does not exists!";
				Log.logStr(this, Log.WARN, "addMember()", msg);
				return false;
			}
			if (group.contains(member)) {
				String msg = "Member '" +member+"' already exists!";
				Log.logStr(this, Log.WARN, "addMember()", msg);
				return false;
			}

			group.add(member);
			saveGroup(groupName);
			return true;
		}
	}

	public boolean removeMember(String groupName, String member) {
		synchronized (f_groups) {
			List group = (ArrayList) f_groups.get(groupName);
			if (group == null) {
				String msg = "Group [" +groupName +"] does not exists!";
				Log.logStr(this, Log.WARN, "removeMember()", msg);
				return false;
			}
			if (!group.contains(member)) {
				String msg = "Member [" +member+"] does not exists!";
				Log.logStr(this, Log.WARN, "removeMember()", msg);
				return false;
			}

			group.remove(member);
			return true;
		}
	}

	protected Acl getAcl(String resource, boolean create) {
		synchronized (f_acls) {
			//TODO
			Acl acl = (Acl) f_acls.get(resource);
			if (acl == null && create) {
				acl = new Acl(resource);
				f_acls.put(resource, acl);
				saveAcl();
			}
			return acl;
		}		
	}

	public boolean addRole(String resource, String principal, String role) {
		synchronized (f_acls) {
			Acl acl = getAcl(resource, true);
			if (acl == null) {
				return false;
			}
			acl.addRole(principal, role);
			saveAcl();
			return true;
		}		
	}

	public boolean removeRole(String resource, String principal, String role) {
		synchronized (f_acls) {
			Acl acl = getAcl(resource);
			if (acl == null) {
				return false;
			}
			List roles = acl.getRoles(principal);
			roles.remove(role);
			saveAcl();
			return true;
		}		
	}

	/**
	 * Shutdown the service and free resources.
	 */
	public void shutdown() {		
		unregisterFromService();
	}
	/**
	 * This method, called at the startup of the system, registers
	 * the object with the GenericLog class to indicate that it
	 * will perform the log services for the system and writes
	 * a message indicating the startup
	 */
	public synchronized void init() {
		Log.logStr(this, Log.LOG_TYPE_INFO, "init", "Started");

		String serviceName = FwServiceImpl.PROPERTY_PREFIX_SERVICE +getServiceName();
		// service config.
		IProperties serviceProps = Config.getPropertyList(serviceName);
		if (serviceProps == null) {
			Log.logStr(this, Log.LOG_TYPE_ERROR, "init()", 
				"Missing service property list [" +serviceName +"]!");
			return; 
		}
		
		f_aclFolderName = System.getProperty(SYSTEM_PROPERTY_ACL_DIR, 
				serviceProps.getProperty(PROPERTY_FOLDER, null)); 
		if (f_aclFolderName == null) {
			Log.logStr(this, Log.LOG_TYPE_ERROR, "init()", 
				"Missing acl folder property. Please define the system property [-D" +SYSTEM_PROPERTY_ACL_DIR +
				"] or the service property [" +PROPERTY_FOLDER +"]!");
			return; 
		}
		
		f_resourceMatching = System.getProperty(SYSTEM_PROPERTY_ACL_RESOURCE_MATCHING, 
				serviceProps.getProperty(PROPERTY_RESOURCE_MATCHING, RESOURCE_MATCHING_SINGLE));
		f_aclFolder = new File(f_aclFolderName);
		if (!f_aclFolder.exists()) {
			Log.logStr(this, Log.INFO, "init()", 
					"Acl folder does not exists [" +f_aclFolder +"]! Creating ...");
			try {
				// create folder
				f_aclFolder.mkdir();

			} catch (Exception e) {
				Log.logException(this, Log.LOG_TYPE_ERROR, "createNewFolder()", e);
				return;
			}
		}
 
		f_aclFile = new File(f_aclFolder, ACL_FILE);
		
		loadGroups();
		loadAcl();
	}
	
	protected final FileFilter f_groupFilter = new FileFilter() {
		public boolean accept(File file) {
			return file.isFile() && file.getName().endsWith(GROUP_POSTFIX);
		}
	};		

	protected void loadGroups() {
		File[] files = f_aclFolder.listFiles(f_groupFilter);
		f_groups.clear();
		if (files == null || files.length == 0) {
			return;
		}
	
		for (int i = 0; i < files.length; i++) {
			File file = files[i];
			String group = file.getName();
			int pos = group.indexOf(GROUP_POSTFIX);
			group = group.substring(0, pos);
			
			ArrayList users = new ArrayList(); 
			FileReader fr = null;
			try {
				//retrieve the file data
				fr = new FileReader(file);
				BufferedReader br = new BufferedReader(fr);
				String line = null;
				while (true) {
					line = br.readLine();
					if (line == null) {
						break;
					}
					
					if (line.startsWith("#")) {
						continue;
					}
					users.add(line);
				}
				
				f_groups.put(group, users);
				
			} catch (Exception e) {
				Log.logException(this, Log.LOG_TYPE_ERROR, "loadGroups()", e);
				
			} finally {
				if (fr != null) {
					try {
						fr.close();
					} catch (Exception e) {
						//OK
					}
				}
			}
		}
	}

	protected void saveAcl() {
		synchronized (f_acls) {
			f_aclsLongestMatchCache.clear();
			f_aclProperties.clear();
			Iterator it = f_acls.values().iterator();
			while (it.hasNext()) {
				Acl acl = (Acl)it.next();
				f_aclProperties.setProperty(acl.getResource(), acl.toString());
			}

			PropertiesHelper.saveProperties(f_aclProperties, f_aclFile);
		}
	}

	protected void saveGroup(String groupName) {
		synchronized (f_groups) {
			List group = (List) f_groups.get(groupName);
			if (group == null) {
				return;
			}
			
			StringBuffer buffer = new StringBuffer();
			Iterator it = group.iterator();
			while (it.hasNext()) {
				buffer.append((String)it.next());
				buffer.append("\n");
			}
			
			//TODO write file
			FileOutputStream fos = null;
			try {
				File groupF = new File(f_aclFolder, groupName +GROUP_POSTFIX);
				fos = new FileOutputStream(groupF);
				fos.write(buffer.toString().getBytes());				
				
			} catch (Exception e) {
				Log.logException(this, Log.LOG_TYPE_WARN, "saveAcl()", e);
			} finally {
				if (fos != null) {
					try {
						fos.close();
					} catch (Exception e2){
						Log.logException(this, Log.LOG_TYPE_WARN, "saveAcl()", e2);
					}
				}
			}
		}
	}

	protected boolean loadAcl() {
		f_acls.clear();
		f_aclProperties = PropertiesHelper.loadProperties(f_aclFile);
		if (f_aclProperties != null) {
			Iterator it = f_aclProperties.keySet().iterator();
			while (it.hasNext()) {
				String resource = (String) it.next();
				String aclStr = f_aclProperties.getProperty(resource);
				Acl acl = Acl.parseAcl(resource, aclStr);
				f_acls.put(resource, acl);
			}
			
		}	else {
			f_aclProperties = new Properties();
		}
		return true;
	}

	public String[] getGroupsList() {
		synchronized (f_groups) {
			String[] groups = new String[f_groups.size()];
			f_groups.keySet().toArray(groups);

			// sort alpha
			Arrays.sort(groups, new StringComparator());
			
			return groups;
		}
	}
	
	public String[] getGroupUsers(String groupName) {
		synchronized (f_groups) {
			List list = (ArrayList) f_groups.get(groupName);
			if (list == null) {
				return null;
			}
			String[] users = new String[list.size()];
			list.toArray(users);
			return users;
		}
	}
}