/src/mpv5/usermanagement/MPSecurityManager.java
Java | 160 lines | 99 code | 16 blank | 45 comment | 13 complexity | 285ac33966043eadd1ae95d08a460ee9 MD5 | raw file
Possible License(s): LGPL-3.0, Apache-2.0, GPL-3.0, GPL-2.0, AGPL-3.0, JSON, BSD-3-Clause
- /*
- * This file is part of YaBS.
- *
- * YaBS is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * YaBS is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with YaBS. If not, see <http://www.gnu.org/licenses/>.
- */
- package mpv5.usermanagement;
- import mpv5.db.objects.User;
- import java.security.NoSuchAlgorithmException;
- import java.util.ArrayList;
- import javax.swing.ComboBoxModel;
- import javax.swing.DefaultComboBoxModel;
- import mpv5.db.common.Context;
- import mpv5.globals.Messages;
- import mpv5.logging.Log;
- import mpv5.ui.dialogs.Popup;
- import mpv5.ui.frames.MPView;
- import mpv5.utils.models.MPComboBoxModelItem;
- import mpv5.utils.text.MD5HashGenerator;
- /**
- *
- *
- */
- public class MPSecurityManager {
- public static final int SYSTEM_RIGHT = -1;
- public static final int RIGHT_TO_VIEW = 4;
- public static final int RIGHT_TO_EXPORT = 3;
- public static final int RIGHT_TO_EDIT = 2;
- public static final int RIGHT_TO_CREATE_OR_DELETE = 1;
- public static final int RIGHT_TO_ADMINISTRATE = 0;
- public static final int VIEW = 4;
- public static final int EXPORT = 3;
- public static final int EDIT = 2;
- public static final int CREATE_OR_DELETE = 1;
- public static final int ADMINISTRATE = 0;
- public static ArrayList<Context> securedContexts = Context.getSecuredContexts();
- private static String usern;
- private static Object[][] availableRights = new Object[][]{
- {RIGHT_TO_ADMINISTRATE, "Administrator"},
- {RIGHT_TO_CREATE_OR_DELETE, "User"},
- {RIGHT_TO_EDIT, "Editor"},
- {RIGHT_TO_EXPORT, "Exporter"},
- {RIGHT_TO_VIEW, "Viewer"}
- };
- /**
- * Checks whether the currently logged in user has to right to do this
- * action in the given context
- * @param context
- * @param action
- * @return True if the highest right of the user is equal or higher as
- * the right to do requested action
- */
- public static Boolean check(Context context, int action) {
- for (Context item : securedContexts) {
- if (item.getDbIdentity().equals(context.getDbIdentity())) {
- if (mpv5.db.objects.User.getCurrentUser().__getInthighestright() <= action) {
- return true;
- } else {
- return false;
- }
- }
- }
- return true;
- }
- /**
- * Checks whether the currently logged in user has to right to do admin tasks
- * @return
- */
- public static boolean checkAdminAccess() {
- if (mpv5.db.objects.User.getCurrentUser().__getInthighestright() <= RIGHT_TO_ADMINISTRATE) {
- return true;
- } else {
- Popup.notice(Messages.ADMIN_ACCESS);
- return false;
- }
- }
- /**
- * Checks the credentials for this user. Will return NULL if the user is <br/>
- * not existing, disabled or the wrong password is provided.
- * @param username
- * @param password
- * @return
- */
- public static User checkAuth(String username, String password) {
- User usern1 = new User();
-
- if (usern1.fetchDataOf(username)) {
- try {
- if (MD5HashGenerator.getInstance().hashData(password.getBytes()).equalsIgnoreCase(usern1.__getPassword())) {
- return usern1;
- } else {
- return null;
- }
- } catch (NoSuchAlgorithmException ex) {
- Log.Debug(MPSecurityManager.class, ex);
- return null;
- }
- } else {
- return null;
- }
- }
- /**
- * Checks the user credentials against the stored hash in cleartext, only for internal use!
- * @param user
- * @param passwordhash
- * @return
- */
- public static User checkAuthInternal(User user, String passwordhash)
- {
- if (passwordhash.equalsIgnoreCase(user.__getPassword())) {
- return user;
- } else {
- return null;
- }
- }
- public static String getActionName(int action) {
- switch (action) {
- case CREATE_OR_DELETE:
- return Messages.ACTION_CREATE.getValue();
- case EDIT:
- return Messages.ACTION_EDIT.getValue();
- case EXPORT:
- return Messages.ACTION_EXPORT.getValue();
- case VIEW:
- return Messages.ACTION_VIEW.getValue();
- }
- return null;
- }
- public static ComboBoxModel getRolesAsComboBoxModel() {
- Object[][] data = availableRights;
- MPComboBoxModelItem[] t = null;
- t = MPComboBoxModelItem.toItems(data);
- return new DefaultComboBoxModel(t);
- }
- }