001    /*
002     * 
003     * $Revision: 13085 $ $Date: 2008-02-06 18:27:24 +0100 (Mi, 06 Feb 2008) $
004     *
005     * This file is part of ***  M y C o R e  ***
006     * See http://www.mycore.de/ for details.
007     *
008     * This program is free software; you can use it, redistribute it
009     * and / or modify it under the terms of the GNU General Public License
010     * (GPL) as published by the Free Software Foundation; either version 2
011     * of the License or (at your option) any later version.
012     *
013     * This program is distributed in the hope that it will be useful, but
014     * WITHOUT ANY WARRANTY; without even the implied warranty of
015     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
016     * GNU General Public License for more details.
017     *
018     * You should have received a copy of the GNU General Public License
019     * along with this program, in a file called gpl.txt or license.txt.
020     * If not, write to the Free Software Foundation Inc.,
021     * 59 Temple Place - Suite 330, Boston, MA  02111-1307 USA
022     */
023    
024    package org.mycore.access.strategies;
025    
026    import static org.mycore.common.MCRConstants.XLINK_NAMESPACE;
027    
028    import org.apache.log4j.Logger;
029    import org.jdom.Document;
030    import org.jdom.Element;
031    import org.mycore.access.MCRAccessManager;
032    import org.mycore.datamodel.metadata.MCRObjectID;
033    import org.mycore.datamodel.common.MCRXMLTableManager;
034    
035    /**
036     * Use this class if you want to have a fallback to ancestor access rules.
037     * 
038     * First a check is done for the MCRObjectID. If no rule for the ID is specified
039     * it will be tried to check the permission agains the MCRObjectID of the parent
040     * object and so on.
041     * 
042     * @author Thomas Scheffler (yagee)
043     * 
044     * @version $Revision: 13085 $ $Date: 2008-02-06 18:27:24 +0100 (Mi, 06 Feb 2008) $
045     */
046    public class MCRParentRuleStrategy implements MCRAccessCheckStrategy {
047    
048        private static final Logger LOGGER = Logger.getLogger(MCRParentRuleStrategy.class);
049    
050        /*
051         * (non-Javadoc)
052         * 
053         * @see org.mycore.access.strategies.MCRAccessCheckStrategy#checkPermission(java.lang.String,
054         *      java.lang.String)
055         */
056        public boolean checkPermission(String id, String permission) {
057            String currentID;
058            for (currentID = id; currentID != null && !MCRAccessManager.getAccessImpl().hasRule(currentID, permission); currentID = getParentID(currentID)) {
059                LOGGER.debug("No access rule specified for: " + currentID + ". Trying to use parent ID.");
060            }
061            LOGGER.debug("Using access rule defined for: " + currentID);
062            return MCRAccessManager.getAccessImpl().checkPermission(currentID, permission);
063        }
064    
065        private static String getParentID(String objectID) {
066            Document parentDoc = MCRXMLTableManager.instance().readDocument(new MCRObjectID(objectID));
067            final Element parentElement = parentDoc.getRootElement().getChild("structure").getChild("parents");
068            if (parentElement != null) {
069                return parentElement.getChild("parent").getAttributeValue("href", XLINK_NAMESPACE);
070            }
071            return null;
072        }
073    
074    }