1   package com.atlassian.seraph.auth;
2   
3   import com.atlassian.seraph.config.SecurityConfig;
4   import com.atlassian.seraph.util.GroupCache;
5   
6   import java.security.Principal;
7   import java.util.Collection;
8   import java.util.Map;
9   
10  import javax.servlet.http.HttpServletRequest;
11  
12  /**
13   * A simple RoleMapper which maps directly between group names and role names.
14   *
15   * If a user is a member of someGroup, the are in the 'someGroup' role.  Users can log in if they exist.
16   */
17  public class GroupRoleMapper implements RoleMapper
18  {
19      public void init(final Map<String, String> params, final SecurityConfig config)
20      {}
21  
22      /**
23       * Assume that roles == groups.
24       */
25      public boolean hasRole(final Principal user, final HttpServletRequest request, final String role)
26      {
27          final Collection<String> groups = GroupCache.getGroups(request);
28  
29          if ((groups == null) && (role == null))
30          {
31              return true;
32          }
33          else if (groups == null)
34          {
35              return false;
36          }
37          else
38          {
39              return groups.contains(role);
40          }
41      }
42  
43      /**
44       * Users can login if they exist.
45  
46       */
47      public boolean canLogin(final Principal user, final HttpServletRequest request)
48      {
49          return user != null;
50      }
51  }