]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketView.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add content type to package servlet
[lgpl/argeo-commons.git] / org.argeo.cms.ee / src / org / argeo / cms / websocket / server / WebSocketView.java
1 package org.argeo.cms.websocket.server;
2
3 import java.security.Principal;
4 import java.util.HashSet;
5 import java.util.Set;
6 import java.util.UUID;
7
8 import javax.security.auth.Subject;
9 import javax.security.auth.x500.X500Principal;
10
11 import org.osgi.service.useradmin.Role;
12
13 /**
14 * Abstraction of a single Frontend view, that is a web browser page. There can
15 * be multiple views within one single authenticated HTTP session.
16 */
17 public class WebSocketView {
18 private final String uid;
19 private Subject subject;
20
21 public WebSocketView(Subject subject) {
22 this.uid = UUID.randomUUID().toString();
23 this.subject = subject;
24 }
25
26 public String getUid() {
27 return uid;
28 }
29
30 public Set<String> getRoles() {
31 return roles(subject);
32 }
33
34 public boolean isInRole(String role) {
35 return getRoles().contains(role);
36 }
37
38 public void checkRole(String role) {
39 checkRole(subject, role);
40 }
41
42 public final static Set<String> roles(Subject subject) {
43 Set<String> roles = new HashSet<String>();
44 X500Principal principal = subject.getPrincipals(X500Principal.class).iterator().next();
45 String username = principal.getName();
46 roles.add(username);
47 for (Principal group : subject.getPrincipals()) {
48 if (group instanceof Role)
49 roles.add(group.getName());
50 }
51 return roles;
52 }
53
54 public static void checkRole(Subject subject, String role) {
55 Set<String> roles = roles(subject);
56 if (!roles.contains(role))
57 throw new IllegalStateException("User is not in role " + role);
58 }
59
60 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi