001 package org.apache.turbine.services.security; 002 003 /* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022 023 import org.apache.turbine.om.security.Group; 024 import org.apache.turbine.om.security.Permission; 025 import org.apache.turbine.om.security.Role; 026 import org.apache.turbine.om.security.User; 027 import org.apache.turbine.services.TurbineServices; 028 import org.apache.turbine.util.security.AccessControlList; 029 import org.apache.turbine.util.security.DataBackendException; 030 import org.apache.turbine.util.security.EntityExistsException; 031 import org.apache.turbine.util.security.GroupSet; 032 import org.apache.turbine.util.security.PasswordMismatchException; 033 import org.apache.turbine.util.security.PermissionSet; 034 import org.apache.turbine.util.security.RoleSet; 035 import org.apache.turbine.util.security.TurbineSecurityException; 036 import org.apache.turbine.util.security.UnknownEntityException; 037 038 /** 039 * This is a Facade class for SecurityService. 040 * 041 * This class provides static methods that call related methods of the 042 * implementation of SecurityService used by the System, according to 043 * the settings in TurbineResources. 044 * <br> 045 * 046 * <a name="global"> 047 * <p> Certain Roles that the Users may have in the system may are not related 048 * to any specific resource nor entity. They are assigned within a special group 049 * named 'global' that can be referenced in the code as 050 * {@link org.apache.turbine.om.security.Group#GLOBAL_GROUP_NAME}. 051 * 052 * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a> 053 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> 054 * @version $Id: TurbineSecurity.java 1096130 2011-04-23 10:37:19Z ludwig $ 055 */ 056 public abstract class TurbineSecurity 057 { 058 /** 059 * Retrieves an implementation of SecurityService, base on the settings in 060 * TurbineResources. 061 * 062 * @return an implementation of SecurityService. 063 */ 064 public static SecurityService getService() 065 { 066 return (SecurityService) TurbineServices.getInstance(). 067 getService(SecurityService.SERVICE_NAME); 068 } 069 070 /*----------------------------------------------------------------------- 071 Management of User objects 072 -----------------------------------------------------------------------*/ 073 074 /** 075 * This method provides client-side encryption of passwords. 076 * 077 * This is an utility method that is used by other classes to maintain 078 * a consistent approach to encrypting password. The behavior of the 079 * method can be configured in service's properties. 080 * 081 * @param password the password to process 082 * @return processed password 083 */ 084 public static String encryptPassword(String password) 085 { 086 return getService().encryptPassword(password); 087 } 088 089 /** 090 * This method provides client-side encryption of passwords. 091 * 092 * This is an utility method that is used by other classes to maintain 093 * a consistent approach to encrypting password. The behavior of the 094 * method can be configured in service's properties. 095 * 096 * @param password the password to process 097 * @param salt the supplied salt to encrypt the password 098 * @return processed password 099 */ 100 public static String encryptPassword(String password, String salt) 101 { 102 return getService().encryptPassword(password, salt); 103 } 104 105 /** 106 * Checks if a supplied password matches the encrypted password 107 * 108 * @param checkpw The clear text password supplied by the user 109 * @param encpw The current, encrypted password 110 * 111 * @return true if the password matches, else false 112 * 113 */ 114 115 public static boolean checkPassword(String checkpw, String encpw) 116 { 117 return getService().checkPassword(checkpw, encpw); 118 } 119 120 /*----------------------------------------------------------------------- 121 Getting Object Classes 122 -----------------------------------------------------------------------*/ 123 124 /** 125 * Returns the Class object for the implementation of User interface 126 * used by the system. 127 * 128 * @return the implementation of User interface used by the system. 129 * @throws UnknownEntityException if the system's implementation of User 130 * interface could not be determined. 131 */ 132 public static Class getUserClass() 133 throws UnknownEntityException 134 { 135 return getService().getUserClass(); 136 } 137 138 /** 139 * Returns the Class object for the implementation of Group interface 140 * used by the system. 141 * 142 * @return the implementation of Group interface used by the system. 143 * @throws UnknownEntityException if the system's implementation of Group 144 * interface could not be determined. 145 */ 146 public static Class getGroupClass() 147 throws UnknownEntityException 148 { 149 return getService().getGroupClass(); 150 } 151 152 /** 153 * Returns the Class object for the implementation of Permission interface 154 * used by the system. 155 * 156 * @return the implementation of Permission interface used by the system. 157 * @throws UnknownEntityException if the system's implementation of Permission 158 * interface could not be determined. 159 */ 160 public static Class getPermissionClass() 161 throws UnknownEntityException 162 { 163 return getService().getPermissionClass(); 164 } 165 166 /** 167 * Returns the Class object for the implementation of Role interface 168 * used by the system. 169 * 170 * @return the implementation of Role interface used by the system. 171 * @throws UnknownEntityException if the system's implementation of Role 172 * interface could not be determined. 173 */ 174 public static Class getRoleClass() 175 throws UnknownEntityException 176 { 177 return getService().getRoleClass(); 178 } 179 180 /** 181 * Construct a blank User object. 182 * 183 * This method calls getUserClass, and then creates a new object using 184 * the default constructor. 185 * 186 * @return an object implementing User interface. 187 * @throws UnknownEntityException if the object could not be instantiated. 188 */ 189 public static User getUserInstance() 190 throws UnknownEntityException 191 { 192 return getService().getUserInstance(); 193 } 194 195 /** 196 * Returns the configured UserManager. 197 * 198 * @return An UserManager object 199 */ 200 public static UserManager getUserManager() 201 { 202 return getService().getUserManager(); 203 } 204 205 /** 206 * Configure a new user Manager. 207 * 208 * @param userManager An UserManager object 209 */ 210 public void setUserManager(UserManager userManager) 211 { 212 getService().setUserManager(userManager); 213 } 214 215 /** 216 * Check whether a specified user's account exists. 217 * 218 * The login name is used for looking up the account. 219 * 220 * @param user The user to be checked. 221 * @return true if the specified account exists 222 * @throws DataBackendException if there was an error accessing the data 223 * backend. 224 */ 225 public static boolean accountExists(User user) 226 throws DataBackendException 227 { 228 return getService().accountExists(user); 229 } 230 231 /** 232 * Check whether a specified user's account exists. 233 * 234 * The login name is used for looking up the account. 235 * 236 * @param userName The name of the user to be checked. 237 * @return true if the specified account exists 238 * @throws DataBackendException if there was an error accessing the data 239 * backend. 240 */ 241 public static boolean accountExists(String userName) 242 throws DataBackendException 243 { 244 return getService().accountExists(userName); 245 } 246 247 /** 248 * Authenticates an user, and constructs an User object to represent 249 * him/her. 250 * 251 * @param username The user name. 252 * @param password The user password. 253 * @return An authenticated Turbine User. 254 * @throws DataBackendException if there was an error accessing the data 255 * backend. 256 * @throws UnknownEntityException if user account is not present. 257 * @throws PasswordMismatchException if the supplied password was incorrect. 258 */ 259 public static User getAuthenticatedUser(String username, String password) 260 throws DataBackendException, UnknownEntityException, 261 PasswordMismatchException 262 { 263 return getService().getAuthenticatedUser(username, password); 264 } 265 266 /** 267 * Constructs an User object to represent a registered user of the 268 * application. 269 * 270 * @param username The user name. 271 * @return A Turbine User. 272 * @throws DataBackendException if there was an error accessing the data 273 * backend. 274 * @throws UnknownEntityException if user account is not present. 275 */ 276 public static User getUser(String username) 277 throws DataBackendException, UnknownEntityException 278 { 279 return getService().getUser(username); 280 } 281 282 /** 283 * Constructs an User object to represent an anonymous user of the 284 * application. 285 * 286 * @return An anonymous Turbine User. 287 * @throws UnknownEntityException if the anonymous User object couldn't be 288 * constructed. 289 */ 290 public static User getAnonymousUser() 291 throws UnknownEntityException 292 { 293 return getService().getAnonymousUser(); 294 } 295 296 /** 297 * Checks whether a passed user object matches the anonymous user pattern 298 * according to the configured service 299 * 300 * @param user A user object 301 * @return True if this is an anonymous user 302 */ 303 public static boolean isAnonymousUser(User user) 304 { 305 return getService().isAnonymousUser(user); 306 } 307 308 /** 309 * Saves User's data in the permanent storage. The user account is required 310 * to exist in the storage. 311 * 312 * @param user The User object to save. 313 * @throws UnknownEntityException if the user's account does not 314 * exist in the database. 315 * @throws DataBackendException if there is a problem accessing the 316 * storage. 317 */ 318 public static void saveUser(User user) 319 throws UnknownEntityException, DataBackendException 320 { 321 getService().saveUser(user); 322 } 323 324 /** 325 * Saves User data when the session is unbound. The user account is required 326 * to exist in the storage. 327 * 328 * LastLogin, AccessCounter, persistent pull tools, and any data stored 329 * in the permData hashtable that is not mapped to a column will be saved. 330 * 331 * @exception UnknownEntityException if the user's account does not 332 * exist in the database. 333 * @exception DataBackendException if there is a problem accessing the 334 * storage. 335 */ 336 public static void saveOnSessionUnbind(User user) 337 throws UnknownEntityException, DataBackendException 338 { 339 getService().saveOnSessionUnbind(user); 340 } 341 342 /** 343 * Change the password for an User. 344 * 345 * @param user an User to change password for. 346 * @param oldPassword the current password supplied by the user. 347 * @param newPassword the current password requested by the user. 348 * @throws PasswordMismatchException if the supplied password was 349 * incorrect. 350 * @throws UnknownEntityException if the user's record does not 351 * exist in the database. 352 * @throws DataBackendException if there is a problem accessing the 353 * storage. 354 */ 355 public static void changePassword(User user, String oldPassword, 356 String newPassword) 357 throws PasswordMismatchException, UnknownEntityException, 358 DataBackendException 359 { 360 getService().changePassword(user, oldPassword, newPassword); 361 } 362 363 /** 364 * Forcibly sets new password for an User. 365 * 366 * This is supposed by the administrator to change the forgotten or 367 * compromised passwords. Certain implementatations of this feature 368 * would require administrative level access to the authenticating 369 * server / program. 370 * 371 * @param user an User to change password for. 372 * @param password the new password. 373 * @throws UnknownEntityException if the user's record does not 374 * exist in the database. 375 * @throws DataBackendException if there is a problem accessing the 376 * storage. 377 */ 378 public static void forcePassword(User user, String password) 379 throws UnknownEntityException, DataBackendException 380 { 381 getService().forcePassword(user, password); 382 } 383 384 /*----------------------------------------------------------------------- 385 Creation of AccessControlLists 386 -----------------------------------------------------------------------*/ 387 388 /** 389 * Constructs an AccessControlList for a specific user. 390 * 391 * @param user the user for whom the AccessControlList are to be retrieved 392 * @return The AccessControList object constructed from the user object. 393 * @throws DataBackendException if there was an error accessing the data 394 * backend. 395 * @throws UnknownEntityException if user account is not present. 396 */ 397 public static AccessControlList getACL(User user) 398 throws DataBackendException, UnknownEntityException 399 { 400 return getService().getACL(user); 401 } 402 403 /*----------------------------------------------------------------------- 404 Security management 405 -----------------------------------------------------------------------*/ 406 407 /** 408 * Grant an User a Role in a Group. 409 * 410 * @param user the user. 411 * @param group the group. 412 * @param role the role. 413 * @throws DataBackendException if there was an error accessing the data 414 * backend. 415 * @throws UnknownEntityException if user account, group or role is not 416 * present. 417 */ 418 public static void grant(User user, Group group, Role role) 419 throws DataBackendException, UnknownEntityException 420 { 421 getService().grant(user, group, role); 422 } 423 424 /** 425 * Revoke a Role in a Group from an User. 426 * 427 * @param user the user. 428 * @param group the group. 429 * @param role the role. 430 * @throws DataBackendException if there was an error accessing the data 431 * backend. 432 * @throws UnknownEntityException if user account, group or role is not 433 * present. 434 */ 435 public static void revoke(User user, Group group, Role role) 436 throws DataBackendException, UnknownEntityException 437 { 438 getService().revoke(user, group, role); 439 } 440 441 /** 442 * Revokes all roles from an User. 443 * 444 * This method is used when deleting an account. 445 * 446 * @param user the User. 447 * @throws DataBackendException if there was an error accessing the data 448 * backend. 449 * @throws UnknownEntityException if the account is not present. 450 */ 451 public static void revokeAll(User user) 452 throws DataBackendException, UnknownEntityException 453 { 454 getService().revokeAll(user); 455 } 456 457 /** 458 * Grants a Role a Permission 459 * 460 * @param role the Role. 461 * @param permission the Permission. 462 * @throws DataBackendException if there was an error accessing the data 463 * backend. 464 * @throws UnknownEntityException if role or permission is not present. 465 */ 466 public static void grant(Role role, Permission permission) 467 throws DataBackendException, UnknownEntityException 468 { 469 getService().grant(role, permission); 470 } 471 472 /** 473 * Revokes a Permission from a Role. 474 * 475 * @param role the Role. 476 * @param permission the Permission. 477 * @throws DataBackendException if there was an error accessing the data 478 * backend. 479 * @throws UnknownEntityException if role or permission is not present. 480 */ 481 public static void revoke(Role role, Permission permission) 482 throws DataBackendException, UnknownEntityException 483 { 484 getService().revoke(role, permission); 485 } 486 487 /** 488 * Revokes all permissions from a Role. 489 * 490 * This method is user when deleting a Role. 491 * 492 * @param role the Role 493 * @throws DataBackendException if there was an error accessing the data 494 * backend. 495 * @throws UnknownEntityException if the Role is not present. 496 */ 497 public static void revokeAll(Role role) 498 throws DataBackendException, UnknownEntityException 499 { 500 getService().revokeAll(role); 501 } 502 503 /*----------------------------------------------------------------------- 504 Account management 505 -----------------------------------------------------------------------*/ 506 507 /** 508 * Creates new user account with specified attributes. 509 * 510 * <strong>TODO</strong> throw more specific exception<br> 511 * 512 * @param user the object describing account to be created. 513 * @param password password for the new user 514 * @throws DataBackendException if there was an error accessing the data 515 * backend. 516 * @throws EntityExistsException if the user account already exists. 517 */ 518 public static void addUser(User user, String password) 519 throws DataBackendException, EntityExistsException 520 { 521 getService().addUser(user, password); 522 } 523 524 /** 525 * Removes an user account from the system. 526 * 527 * <strong>TODO</strong> throw more specific exception<br> 528 * 529 * @param user the object describing the account to be removed. 530 * @throws DataBackendException if there was an error accessing the data 531 * backend. 532 * @throws UnknownEntityException if the user account is not present. 533 */ 534 public static void removeUser(User user) 535 throws DataBackendException, UnknownEntityException 536 { 537 getService().removeUser(user); 538 } 539 540 /*----------------------------------------------------------------------- 541 Group/Role/Permission management 542 -----------------------------------------------------------------------*/ 543 /** 544 * Provides a reference to the Group object that represents the 545 * <a name="global">global group</a>. 546 * 547 * @return a Group object that represents the global group. 548 */ 549 public static Group getGlobalGroup() 550 { 551 return getService().getGlobalGroup(); 552 } 553 554 /** 555 * Creates a new Group in the system. This is a convenience 556 * method. 557 * 558 * @param name The name of the new Group. 559 * @return An object representing the new Group. 560 * @throws TurbineSecurityException if the Group could not be created. 561 */ 562 public static Group createGroup(String name) 563 throws TurbineSecurityException 564 { 565 return getService().addGroup(getGroupInstance(name)); 566 } 567 568 /** 569 * Creates a new Permission in the system. This is a convenience 570 * method. 571 * 572 * @param name The name of the new Permission. 573 * @return An object representing the new Permission. 574 * @throws TurbineSecurityException if the Permission could not be created. 575 */ 576 public static Permission createPermission(String name) 577 throws TurbineSecurityException 578 { 579 return getService().addPermission(getPermissionInstance(name)); 580 } 581 582 /** 583 * Creates a new Role in the system. This is a convenience 584 * method. 585 * 586 * @param name The name of the Role. 587 * 588 * @return An object representing the new Role. 589 * 590 * @throws TurbineSecurityException if the Role could not be created. 591 */ 592 public static Role createRole(String name) 593 throws TurbineSecurityException 594 { 595 return getService().addRole(getRoleInstance(name)); 596 } 597 598 /** 599 * Retrieve a Group object with specified name. 600 * 601 * @param groupName The name of the Group to be retrieved. 602 * @return an object representing the Group with specified name. 603 * @throws DataBackendException if there was an error accessing the data 604 * backend. 605 * @throws UnknownEntityException if the Group is not present. 606 */ 607 public static Group getGroupByName(String groupName) 608 throws DataBackendException, UnknownEntityException 609 { 610 return getService().getGroupByName(groupName); 611 } 612 613 /** 614 * Retrieve a Group object with specified Id. 615 * 616 * @param name the name of the Group. 617 * 618 * @return an object representing the Group with specified name. 619 * 620 * @exception UnknownEntityException if the permission does not 621 * exist in the database. 622 * @exception DataBackendException if there is a problem accessing the 623 * storage. 624 */ 625 public static Group getGroupById(int groupId) 626 throws DataBackendException, 627 UnknownEntityException 628 { 629 return getService().getGroupById(groupId); 630 } 631 632 /** 633 * Construct a blank Group object. 634 * 635 * This method calls getGroupClass, and then creates a new object using 636 * the default constructor. 637 * 638 * @param groupName The name of the Group 639 * 640 * @return an object implementing Group interface. 641 * 642 * @throws UnknownEntityException if the object could not be instantiated. 643 */ 644 public static Group getGroupInstance(String groupName) 645 throws UnknownEntityException 646 { 647 return getService().getGroupInstance(groupName); 648 } 649 650 /** 651 * Construct a blank Role object. 652 * 653 * This method calls getRoleClass, and then creates a new object using 654 * the default constructor. 655 * 656 * @param roleName The name of the role. 657 * 658 * @return an object implementing Role interface. 659 * 660 * @throws UnknownEntityException if the object could not be instantiated. 661 */ 662 public static Role getRoleInstance(String roleName) 663 throws UnknownEntityException 664 { 665 return getService().getRoleInstance(roleName); 666 } 667 668 /** 669 * Construct a blank Permission object. 670 * 671 * This method calls getPermissionClass, and then creates a new object using 672 * the default constructor. 673 * 674 * @param permName The name of the permission. 675 * 676 * @return an object implementing Permission interface. 677 * @throws UnknownEntityException if the object could not be instantiated. 678 */ 679 public static Permission getPermissionInstance(String permName) 680 throws UnknownEntityException 681 { 682 return getService().getPermissionInstance(permName); 683 } 684 685 /** 686 * Retrieve a Role object with specified name. 687 * 688 * @param roleName The name of the Role to be retrieved. 689 * @return an object representing the Role with specified name. 690 * @throws DataBackendException if there was an error accessing the data 691 * backend. 692 * @throws UnknownEntityException if the Role is not present. 693 */ 694 public static Role getRoleByName(String roleName) 695 throws DataBackendException, UnknownEntityException 696 { 697 return getService().getRoleByName(roleName); 698 } 699 700 /** 701 * Retrieve a Role object with specified Id. 702 * 703 * @param name the name of the Role. 704 * 705 * @return an object representing the Role with specified name. 706 * 707 * @exception UnknownEntityException if the permission does not 708 * exist in the database. 709 * @exception DataBackendException if there is a problem accessing the 710 * storage. 711 */ 712 public static Role getRoleById(int roleId) 713 throws DataBackendException, 714 UnknownEntityException 715 { 716 return getService().getRoleById(roleId); 717 } 718 719 /** 720 * Retrieve a Permission object with specified name. 721 * 722 * @param permissionName The name of the Permission to be retrieved. 723 * @return an object representing the Permission with specified name. 724 * @throws DataBackendException if there was an error accessing the data 725 * backend. 726 * @throws UnknownEntityException if the Permission is not present. 727 */ 728 public static Permission getPermissionByName(String permissionName) 729 throws DataBackendException, UnknownEntityException 730 { 731 return getService().getPermissionByName(permissionName); 732 } 733 734 /** 735 * Retrieve a Permission object with specified Id. 736 * 737 * @param name the name of the Permission. 738 * 739 * @return an object representing the Permission with specified name. 740 * 741 * @exception UnknownEntityException if the permission does not 742 * exist in the database. 743 * @exception DataBackendException if there is a problem accessing the 744 * storage. 745 */ 746 public static Permission getPermissionById(int permissionId) 747 throws DataBackendException, 748 UnknownEntityException 749 { 750 return getService().getPermissionById(permissionId); 751 } 752 753 /** 754 * Retrieve a set of Groups that meet the specified Criteria. 755 * 756 * @param criteria A Criteria of Group selection. 757 * @return a set of Groups that meet the specified Criteria. 758 * @throws DataBackendException if there was an error accessing the data 759 * backend. 760 */ 761 public static GroupSet getGroups(Object criteria) 762 throws DataBackendException 763 { 764 return getService().getGroups(criteria); 765 } 766 767 /** 768 * Retrieve a set of Roles that meet the specified Criteria. 769 * 770 * @param criteria a Criteria of Roles selection. 771 * @return a set of Roles that meet the specified Criteria. 772 * @throws DataBackendException if there was an error accessing the data 773 * backend. 774 */ 775 public static RoleSet getRoles(Object criteria) 776 throws DataBackendException 777 { 778 return getService().getRoles(criteria); 779 } 780 781 /** 782 * Retrieve a set of Permissions that meet the specified Criteria. 783 * 784 * @param criteria a Criteria of Permissions selection. 785 * @return a set of Permissions that meet the specified Criteria. 786 * @throws DataBackendException if there was an error accessing the data 787 * backend. 788 */ 789 public static PermissionSet getPermissions(Object criteria) 790 throws DataBackendException 791 { 792 return getService().getPermissions(criteria); 793 } 794 795 /** 796 * Retrieves all groups defined in the system. 797 * 798 * @return the names of all groups defined in the system. 799 * @throws DataBackendException if there was an error accessing the data 800 * backend. 801 */ 802 public static GroupSet getAllGroups() 803 throws DataBackendException 804 { 805 return getService().getAllGroups(); 806 } 807 808 /** 809 * Retrieves all roles defined in the system. 810 * 811 * @return the names of all roles defined in the system. 812 * @throws DataBackendException if there was an error accessing the data 813 * backend. 814 */ 815 public static RoleSet getAllRoles() 816 throws DataBackendException 817 { 818 return getService().getAllRoles(); 819 } 820 821 /** 822 * Retrieves all permissions defined in the system. 823 * 824 * @return the names of all roles defined in the system. 825 * @throws DataBackendException if there was an error accessing the data 826 * backend. 827 */ 828 public static PermissionSet getAllPermissions() 829 throws DataBackendException 830 { 831 return getService().getAllPermissions(); 832 } 833 834 /** 835 * Retrieves all permissions associated with a role. 836 * 837 * @param role the role name, for which the permissions are to be retrieved. 838 * @return the Permissions for the specified role 839 * @throws DataBackendException if there was an error accessing the data 840 * backend. 841 * @throws UnknownEntityException if the role is not present. 842 */ 843 public static PermissionSet getPermissions(Role role) 844 throws DataBackendException, UnknownEntityException 845 { 846 return getService().getPermissions(role); 847 } 848 849 /** 850 * Stores Group's attributes. The Groups is required to exist in the system. 851 * 852 * @param group The Group to be stored. 853 * @throws DataBackendException if there was an error accessing the data 854 * backend. 855 * @throws UnknownEntityException if the group does not exist. 856 */ 857 public static void saveGroup(Group group) 858 throws DataBackendException, UnknownEntityException 859 { 860 getService().saveGroup(group); 861 } 862 863 /** 864 * Stores Role's attributes. The Roles is required to exist in the system. 865 * 866 * @param role The Role to be stored. 867 * @throws DataBackendException if there was an error accessing the data 868 * backend. 869 * @throws UnknownEntityException if the role does not exist. 870 */ 871 public static void saveRole(Role role) 872 throws DataBackendException, UnknownEntityException 873 { 874 getService().saveRole(role); 875 } 876 877 /** 878 * Stores Permission's attributes. The Permissions is required to exist in 879 * the system. 880 * 881 * @param permission The Permission to be stored. 882 * @throws DataBackendException if there was an error accessing the data 883 * backend. 884 * @throws UnknownEntityException if the permission does not exist. 885 */ 886 public static void savePermission(Permission permission) 887 throws DataBackendException, UnknownEntityException 888 { 889 getService().savePermission(permission); 890 } 891 892 /** 893 * Creates a new group with specified attributes. 894 * 895 * @param group the object describing the group to be created. 896 * @throws DataBackendException if there was an error accessing the data 897 * backend. 898 * @throws EntityExistsException if the group already exists. 899 */ 900 public static void addGroup(Group group) 901 throws DataBackendException, EntityExistsException 902 { 903 getService().addGroup(group); 904 } 905 906 /** 907 * Creates a new role with specified attributes. 908 * 909 * @param role the objects describing the role to be created. 910 * @throws DataBackendException if there was an error accessing the data 911 * backend. 912 * @throws EntityExistsException if the role already exists. 913 */ 914 public static void addRole(Role role) 915 throws DataBackendException, EntityExistsException 916 { 917 getService().addRole(role); 918 } 919 920 /** 921 * Creates a new permission with specified attributes. 922 * 923 * @param permission the objects describing the permission to be created. 924 * @throws DataBackendException if there was an error accessing the data 925 * backend. 926 * @throws EntityExistsException if the permission already exists. 927 */ 928 public static void addPermission(Permission permission) 929 throws DataBackendException, EntityExistsException 930 { 931 getService().addPermission(permission); 932 } 933 934 /** 935 * Removes a Group from the system. 936 * 937 * @param group the object describing group to be removed. 938 * @throws DataBackendException if there was an error accessing the data 939 * backend. 940 * @throws UnknownEntityException if the group does not exist. 941 */ 942 public static void removeGroup(Group group) 943 throws DataBackendException, UnknownEntityException 944 { 945 getService().removeGroup(group); 946 } 947 948 /** 949 * Removes a Role from the system. 950 * 951 * @param role The object describing the role to be removed. 952 * @throws DataBackendException if there was an error accessing the data backend. 953 * @throws UnknownEntityException if the role does not exist. 954 */ 955 public static void removeRole(Role role) 956 throws DataBackendException, UnknownEntityException 957 { 958 getService().removeRole(role); 959 } 960 961 /** 962 * Removes a Permission from the system. 963 * 964 * @param permission The object describing the permission to be removed. 965 * @throws DataBackendException if there was an error accessing the data 966 * backend. 967 * @throws UnknownEntityException if the permission does not exist. 968 */ 969 public static void removePermission(Permission permission) 970 throws DataBackendException, UnknownEntityException 971 { 972 getService().removePermission(permission); 973 } 974 975 /** 976 * Renames an existing Group. 977 * 978 * @param group The object describing the group to be renamed. 979 * @param name the new name for the group. 980 * @throws DataBackendException if there was an error accessing the data 981 * backend. 982 * @throws UnknownEntityException if the group does not exist. 983 */ 984 public static void renameGroup(Group group, String name) 985 throws DataBackendException, UnknownEntityException 986 { 987 getService().renameGroup(group, name); 988 } 989 990 /** 991 * Renames an existing Role. 992 * 993 * @param role The object describing the role to be renamed. 994 * @param name the new name for the role. 995 * @throws DataBackendException if there was an error accessing the data 996 * backend. 997 * @throws UnknownEntityException if the role does not exist. 998 */ 999 public static void renameRole(Role role, String name) 1000 throws DataBackendException, UnknownEntityException 1001 { 1002 getService().renameRole(role, name); 1003 } 1004 1005 /** 1006 * Renames an existing Permission. 1007 * 1008 * @param permission The object describing the permission to be renamed. 1009 * @param name the new name for the permission. 1010 * @throws DataBackendException if there was an error accessing the data 1011 * backend. 1012 * @throws UnknownEntityException if the permission does not exist. 1013 */ 1014 public static void renamePermission(Permission permission, String name) 1015 throws DataBackendException, UnknownEntityException 1016 { 1017 getService().renamePermission(permission, name); 1018 } 1019 }