Source code

001/*
002 *  Copyright 2017 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.cms.remote;
017
018import java.util.Map;
019import java.util.Set;
020import java.util.regex.Pattern;
021
022import org.apache.avalon.framework.parameters.Parameters;
023import org.apache.avalon.framework.service.ServiceException;
024import org.apache.avalon.framework.service.ServiceManager;
025import org.apache.cocoon.acting.ServiceableAction;
026import org.apache.cocoon.environment.Redirector;
027import org.apache.cocoon.environment.SourceResolver;
028
029import org.ametys.runtime.authentication.AccessDeniedException;
030
031/**
032 * This action checks if requested url is a URL allowed
033 *
034 */
035public class IsRemoteUrlAction extends ServiceableAction
036{
037    private RemoteUrlExtensionPoint _wsCallableUrlEP;
038
039    @Override
040    public void service(ServiceManager smanager) throws ServiceException
041    {
042        super.service(smanager);
043        _wsCallableUrlEP = (RemoteUrlExtensionPoint) smanager.lookup(RemoteUrlExtensionPoint.ROLE);
044    }
045    
046    @Override
047    public Map act(Redirector redirector, SourceResolver resolver, Map objectModel, String source, Parameters parameters) throws Exception
048    {
049        Set<String> ids = _wsCallableUrlEP.getExtensionsIds();
050        for (String id : ids)
051        {
052            RemoteUrl wsCallableUrl = _wsCallableUrlEP.getExtension(id);
053            
054            for (Pattern pattern : wsCallableUrl.getAllowedUrls())
055            {
056                if (pattern.matcher(source).matches())
057                {
058                    return EMPTY_MAP;
059                }
060            }
061        }
062        
063        throw new AccessDeniedException("The url " + source + " is not allowed to be called from external");
064    }
065
066}