/*
* NEMESIS-FORUM.
* Copyright (C) 2002 David Laurent(lithium2@free.fr). All rights reserved.
*
* Copyright (c) 2000 The Apache Software Foundation. All rights reserved.
*
* Copyright (C) 2001 Yasna.com. All rights reserved.
*
* Copyright (C) 2000 CoolServlets.com. All rights reserved.
*
* NEMESIS-FORUM. is free software; you can redistribute it and/or
* modify it under the terms of the Apache Software License, Version 1.1,
* or (at your option) any later version.
*
* NEMESIS-FORUM core framework, NEMESIS-FORUM backoffice, NEMESIS-FORUM frontoffice
* application are parts of NEMESIS-FORUM and are distributed under
* same terms of licence.
*
*
* NEMESIS-FORUM includes software developed by the Apache Software Foundation (http://www.apache.org/)
* and software developed by CoolServlets.com (http://www.coolservlets.com).
* and software developed by Yasna.com (http://www.yasna.com).
*
*/
package org.nemesis.forum.util;
import java.util.Iterator;
import org.nemesis.forum.Authorization;
import org.nemesis.forum.Forum;
import org.nemesis.forum.ForumFactory;
import org.nemesis.forum.ForumPermissions;
import org.nemesis.forum.Group;
import org.nemesis.forum.ProfileManager;
import org.nemesis.forum.config.Constants;
/**
* @author dlaurent
*
*/
public class SecurityTools {
/**
* Returns true if the user is a system administrator.
*
* @param authToken the authentication token of the user
* @return true if the user is a system administrator, false otherwise.
*/
public static boolean isSystemAdmin(Authorization authToken) {
ForumFactory forumFactory = ForumFactory.getInstance(authToken);
ForumPermissions permissions = forumFactory.getPermissions(authToken);
return permissions.get(Constants.SYSTEM_ADMIN);
}
/**
* Returns true if the user is a forum adminstrator of any forum in the
* system. For example, if there are 3 forums in the system and the user
* is an adminstrator of any one or more of them, this method will return
* true.<p>
*
* Use the method <code>isForumAdmin( Authorization, Forum)</code> to
* check an individual forum for administrator status.)
*
* @param authToken the authentication token of the user
* @return true if the user is a forum administrator of any forum in the system.
*/
public static boolean isForumAdmin(Authorization authToken) {
if(isSystemAdmin(authToken)) return true;
ForumFactory forumFactory = ForumFactory.getInstance(authToken);
Iterator forumIterator = forumFactory.forums();
if (!forumIterator.hasNext()) {
return false;
}
while (forumIterator.hasNext()) {
Forum forum = (Forum) forumIterator.next();
if (forum.hasPermission(Constants.FORUM_ADMIN)) {
return true;
}
}
return false;
}
/**
* Returns true if the user is a forum moderator of any forum in the
* system. For example, if there are 3 forums in the system and the user
* is a moderator of any one or more of them, this method will return
* true.<p>
*
* Use the method <code>isForumModerator( Authorization, Forum)</code> to
* check an individual forum for moderator status.)
*
* @param authToken the authentication token of the user
* @return true if the user is a forum moderator of any forum in the system.
*/
public static boolean isForumModerator(Authorization authToken) {
if(isSystemAdmin(authToken)) return true;
ForumFactory forumFactory = ForumFactory.getInstance(authToken);
Iterator forumIterator = forumFactory.forums();
if (!forumIterator.hasNext()) {
return false;
}
while (forumIterator.hasNext()) {
Forum forum = (Forum) forumIterator.next();
if (forum.hasPermission(Constants.MODERATOR)) {
return true;
}
}
return false;
}
/**
* Returns true if the user is a forum adminstrator of the given forum.
*
* @param authToken the authentication token of the user
* @param forum the forum to check administrator status on.
* @return true if the user is a forum administrator of the given forum.
*/
public static boolean isForumAdmin(Authorization authToken, Forum forum) {
if(isSystemAdmin(authToken)) return true;
return (forum.hasPermission(Constants.FORUM_ADMIN));
}
/**
* Returns true if the user is a forum moderator of the given forum.
*
* @param authToken the authentication token of the user
* @param forum the forum to check moderator status on.
* @return true if the user is a forum moderator of the given forum.
*/
public static boolean isForumModerator(Authorization authToken, Forum forum) {
if(isSystemAdmin(authToken)) return true;
return (forum.hasPermission(Constants.MODERATOR));
}
/**
* Returns true if the user is a group administrator of any group in the
* system. For example, if there are 3 groups in the system and the user
* is an adminstrator of any one or more of them, this method will return
* true.<p>
*
* Use the method <code>isGroupAdmin( Authorization, Group)</code> to check
* an individual group for administrator status.)
*
*/
public static boolean isGroupAdmin(Authorization authToken) {
if(isSystemAdmin(authToken)) return true;
ForumFactory forumFactory = ForumFactory.getInstance(authToken);
ProfileManager manager = forumFactory.getProfileManager();
Iterator groupIterator = manager.groups();
if (!groupIterator.hasNext()) {
return false;
}
while (groupIterator.hasNext()) {
Group group = (Group) groupIterator.next();
if (group.hasPermission(Constants.GROUP_ADMIN)) {
return true;
}
}
return false;
}
/**
* Returns true if the user is a group administrator of the given group.
*
* @param authToken the authentication token of the user
* @param group the group to check administrator status on.
* @return true if the user is a group administrator of the given group.
*/
public static boolean isGroupAdmin(Authorization authToken, Group group) {
if(isSystemAdmin(authToken)) return true;
return (group.hasPermission(Constants.GROUP_ADMIN));
}
}