X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fwebsocket%2Fserver%2FWebSocketView.java;fp=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fwebsocket%2Fserver%2FWebSocketView.java;h=736631b101001da7edbd02abbe293525d94f600e;hb=60aa2e64061a09e938d9f6cba35ee3fd66a19828;hp=0000000000000000000000000000000000000000;hpb=bfb5eb067a6796c0ee2a575b1e2431220352513a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketView.java b/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketView.java
new file mode 100644
index 000000000..736631b10
--- /dev/null
+++ b/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketView.java
@@ -0,0 +1,60 @@
+package org.argeo.cms.websocket.server;
+
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.UUID;
+
+import javax.security.auth.Subject;
+import javax.security.auth.x500.X500Principal;
+
+import org.osgi.service.useradmin.Role;
+
+/**
+ * Abstraction of a single Frontend view, that is a web browser page. There can
+ * be multiple views within one single authenticated HTTP session.
+ */
+public class WebSocketView {
+	private final String uid;
+	private Subject subject;
+
+	public WebSocketView(Subject subject) {
+		this.uid = UUID.randomUUID().toString();
+		this.subject = subject;
+	}
+
+	public String getUid() {
+		return uid;
+	}
+
+	public Set<String> getRoles() {
+		return roles(subject);
+	}
+
+	public boolean isInRole(String role) {
+		return getRoles().contains(role);
+	}
+
+	public void checkRole(String role) {
+		checkRole(subject, role);
+	}
+
+	public final static Set<String> roles(Subject subject) {
+		Set<String> roles = new HashSet<String>();
+		X500Principal principal = subject.getPrincipals(X500Principal.class).iterator().next();
+		String username = principal.getName();
+		roles.add(username);
+		for (Principal group : subject.getPrincipals()) {
+			if (group instanceof Role)
+				roles.add(group.getName());
+		}
+		return roles;
+	}
+
+	public static void checkRole(Subject subject, String role) {
+		Set<String> roles = roles(subject);
+		if (!roles.contains(role))
+			throw new IllegalStateException("User is not in role " + role);
+	}
+
+}