001    /*
002     * $Id: UserPermissions.java,v 1.3 2005/10/10 18:02:49 rbair Exp $
003     *
004     * Copyright 2004 Sun Microsystems, Inc., 4150 Network Circle,
005     * Santa Clara, California 95054, U.S.A. All rights reserved.
006     *
007     * This library is free software; you can redistribute it and/or
008     * modify it under the terms of the GNU Lesser General Public
009     * License as published by the Free Software Foundation; either
010     * version 2.1 of the License, or (at your option) any later version.
011     * 
012     * This library is distributed in the hope that it will be useful,
013     * but WITHOUT ANY WARRANTY; without even the implied warranty of
014     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
015     * Lesser General Public License for more details.
016     * 
017     * You should have received a copy of the GNU Lesser General Public
018     * License along with this library; if not, write to the Free Software
019     * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
020     */
021    package org.jdesktop.swingx.auth;
022    
023    import java.beans.PropertyChangeListener;
024    import java.beans.PropertyChangeSupport;
025    
026    /**
027     * This is a singleton that marks the set of permissions for a given logged in user.
028     * It is one of the optional results of a successful login operation.
029     * The purpose of this class is to provide a central location and client side bridge
030     * to the server side permissions and user roles (see J2EE role based authorization).
031     * This class is used by gui widgets and actions to determine visibility and enabled
032     * status and thus a UI can adapt itself to users with a lower set of privileges.
033     *
034     * This class is not meant as a secure barrier! It is only a thin layer to supplant the
035     * server side permissions. This class can be compromized by the user and thus its purpose
036     * is only to help UI flow and navigation and not to prevent attack against a client side
037     * UI. A server implementation must ALWAYS recheck permissions sent by the client regardless
038     * of the client.
039     *
040     * @author Shai Almog
041     */
042    public class UserPermissions {
043        private static final UserPermissions INSTANCE = new UserPermissions();
044        private PropertyChangeSupport propertyChange = new PropertyChangeSupport(this);
045        private String[] roles;
046        
047        /** Creates a new instance of UserPermissions */
048        private UserPermissions() {
049        }
050        
051        public void addPropertyChangeListener(PropertyChangeListener listener) {
052            propertyChange.addPropertyChangeListener(listener);
053        }
054    
055        public void addPropertyChangeListener(String name, PropertyChangeListener listener) {
056            propertyChange.addPropertyChangeListener(name, listener);
057        }
058        
059        public void removePropertyChangeListener(PropertyChangeListener listener) {
060            propertyChange.removePropertyChangeListener(listener);
061        }
062    
063        public void removePropertyChangeListener(String name, PropertyChangeListener listener) {
064            propertyChange.removePropertyChangeListener(name, listener);
065        }
066    
067        /**
068         * Returns the singleton instance of this class. A singleton is used to simplify access for
069         * the permissions from every point in the application.
070         */
071        public static UserPermissions getInstance() {
072            return INSTANCE;
073        }
074        
075        /**
076         * Returns the roles of the currently logged in user
077         */
078        public String[] getRoles() {
079            return roles;
080        }
081        
082        /**
083         * Returns true if the user is in the given role (case sensitive).
084         */
085        public boolean isUserInRole(String role) {
086            if(roles != null) {
087                for(int iter = 0 ; iter < roles.length ; iter++) {
088                    if(roles[iter].equals(role)) {
089                        return true;
090                    }
091                }
092            } 
093            return false;
094        }
095    
096        /**
097         * Returns true if the user is in one of the given roles (case sensitive).
098         */
099        public boolean isUserInARole(String[] roles) {
100            for(int iter = 0 ; iter < roles.length ; iter++) {
101                if(isUserInRole(roles[iter])) {
102                    return true;
103                }
104            }
105            return false;
106        }
107    
108        /**
109         * Returns true if the user is in all of the given roles (case sensitive).
110         */
111        public boolean isUserInRoles(String[] roles) {
112            for(int iter = 0 ; iter < roles.length ; iter++) {
113                if(!isUserInRole(roles[iter])) {
114                    return false;
115                }
116            }
117            return true;
118        }
119        
120        void setRoles(String[] roles) {
121            String[] oldValue = this.roles;
122            this.roles = roles;
123            propertyChange.firePropertyChange("roles", oldValue, roles);
124        }
125    }
126