1 | |
package org.apache.turbine.services.security.torque; |
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
|
17 | |
|
18 | |
|
19 | |
|
20 | |
|
21 | |
|
22 | |
import java.util.ArrayList; |
23 | |
import java.util.Hashtable; |
24 | |
import java.util.Iterator; |
25 | |
import java.util.List; |
26 | |
|
27 | |
import org.apache.commons.configuration.Configuration; |
28 | |
import org.apache.commons.lang.StringUtils; |
29 | |
import org.apache.commons.logging.Log; |
30 | |
import org.apache.commons.logging.LogFactory; |
31 | |
import org.apache.torque.TorqueException; |
32 | |
import org.apache.torque.om.NumberKey; |
33 | |
import org.apache.torque.om.Persistent; |
34 | |
import org.apache.torque.util.Criteria; |
35 | |
import org.apache.turbine.om.security.Group; |
36 | |
import org.apache.turbine.om.security.Permission; |
37 | |
import org.apache.turbine.om.security.Role; |
38 | |
import org.apache.turbine.om.security.User; |
39 | |
import org.apache.turbine.services.InitializationException; |
40 | |
import org.apache.turbine.services.security.BaseSecurityService; |
41 | |
import org.apache.turbine.services.security.TurbineSecurity; |
42 | |
import org.apache.turbine.services.security.torque.om.TurbineRolePermissionPeer; |
43 | |
import org.apache.turbine.services.security.torque.om.TurbineUserGroupRolePeer; |
44 | |
import org.apache.turbine.util.security.AccessControlList; |
45 | |
import org.apache.turbine.util.security.DataBackendException; |
46 | |
import org.apache.turbine.util.security.EntityExistsException; |
47 | |
import org.apache.turbine.util.security.GroupSet; |
48 | |
import org.apache.turbine.util.security.PermissionSet; |
49 | |
import org.apache.turbine.util.security.RoleSet; |
50 | |
import org.apache.turbine.util.security.UnknownEntityException; |
51 | |
|
52 | |
|
53 | |
|
54 | |
|
55 | |
|
56 | |
|
57 | |
|
58 | |
|
59 | |
|
60 | 0 | public class TorqueSecurityService |
61 | |
extends BaseSecurityService |
62 | |
{ |
63 | |
|
64 | 0 | private static Log log = LogFactory.getLog(TorqueSecurityService.class); |
65 | |
|
66 | |
|
67 | |
|
68 | |
|
69 | |
|
70 | |
|
71 | |
|
72 | |
|
73 | |
public void init() |
74 | |
throws InitializationException |
75 | |
{ |
76 | 0 | Configuration conf = getConfiguration(); |
77 | |
|
78 | 0 | GroupPeerManager.init(conf); |
79 | 0 | RolePeerManager.init(conf); |
80 | 0 | PermissionPeerManager.init(conf); |
81 | |
|
82 | |
|
83 | 0 | super.init(); |
84 | 0 | } |
85 | |
|
86 | |
|
87 | |
|
88 | |
|
89 | |
|
90 | |
|
91 | |
|
92 | |
|
93 | |
|
94 | |
|
95 | |
|
96 | |
|
97 | |
|
98 | |
|
99 | |
|
100 | |
|
101 | |
|
102 | |
|
103 | |
|
104 | |
public AccessControlList getACL(User user) |
105 | |
throws DataBackendException, UnknownEntityException |
106 | |
{ |
107 | 0 | if (!TurbineSecurity.accountExists(user)) |
108 | |
{ |
109 | 0 | throw new UnknownEntityException("The account '" |
110 | |
+ user.getName() + "' does not exist"); |
111 | |
} |
112 | |
try |
113 | |
{ |
114 | 0 | Hashtable roles = new Hashtable(); |
115 | 0 | Hashtable permissions = new Hashtable(); |
116 | |
|
117 | |
|
118 | 0 | lockShared(); |
119 | |
|
120 | |
|
121 | |
|
122 | |
|
123 | 0 | for (Iterator groupsIterator = getAllGroups().iterator(); |
124 | 0 | groupsIterator.hasNext();) |
125 | |
{ |
126 | 0 | Group group = (Group) groupsIterator.next(); |
127 | |
|
128 | 0 | RoleSet groupRoles = RolePeerManager.retrieveSet(user, group); |
129 | |
|
130 | 0 | roles.put(group, groupRoles); |
131 | |
|
132 | 0 | PermissionSet groupPermissions = new PermissionSet(); |
133 | |
|
134 | 0 | for (Iterator rolesIterator = groupRoles.iterator(); |
135 | 0 | rolesIterator.hasNext();) |
136 | |
{ |
137 | 0 | Role role = (Role) rolesIterator.next(); |
138 | |
|
139 | 0 | PermissionSet rolePermissions = |
140 | |
PermissionPeerManager.retrieveSet(role); |
141 | 0 | groupPermissions.add(rolePermissions); |
142 | 0 | } |
143 | |
|
144 | 0 | permissions.put(group, groupPermissions); |
145 | 0 | } |
146 | 0 | return getAclInstance(roles, permissions); |
147 | |
} |
148 | 0 | catch (Exception e) |
149 | |
{ |
150 | 0 | throw new DataBackendException("Failed to build ACL for user '" + |
151 | |
user.getName() + "'" , e); |
152 | |
} |
153 | |
finally |
154 | |
{ |
155 | |
|
156 | 0 | unlockShared(); |
157 | |
} |
158 | |
} |
159 | |
|
160 | |
|
161 | |
|
162 | |
|
163 | |
|
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
|
169 | |
|
170 | |
|
171 | |
|
172 | |
|
173 | |
|
174 | |
|
175 | |
public synchronized void grant(User user, Group group, Role role) |
176 | |
throws DataBackendException, UnknownEntityException |
177 | |
{ |
178 | 0 | boolean userExists = false; |
179 | 0 | boolean groupExists = false; |
180 | 0 | boolean roleExists = false; |
181 | |
try |
182 | |
{ |
183 | 0 | lockExclusive(); |
184 | 0 | userExists = TurbineSecurity.accountExists(user); |
185 | 0 | groupExists = checkExists(group); |
186 | 0 | roleExists = checkExists(role); |
187 | 0 | if (userExists && groupExists && roleExists) |
188 | |
{ |
189 | 0 | Criteria criteria = new Criteria(); |
190 | 0 | criteria.add(TurbineUserGroupRolePeer.USER_ID, |
191 | |
((Persistent) user).getPrimaryKey()); |
192 | 0 | criteria.add(TurbineUserGroupRolePeer.GROUP_ID, |
193 | |
((Persistent) group).getPrimaryKey()); |
194 | 0 | criteria.add(TurbineUserGroupRolePeer.ROLE_ID, |
195 | |
((Persistent) role).getPrimaryKey()); |
196 | 0 | TurbineUserGroupRolePeer.doInsert(criteria); |
197 | |
return; |
198 | |
} |
199 | |
} |
200 | 0 | catch (Exception e) |
201 | |
{ |
202 | 0 | throw new DataBackendException("grant(User,Group,Role) failed", e); |
203 | |
} |
204 | |
finally |
205 | |
{ |
206 | 0 | unlockExclusive(); |
207 | 0 | } |
208 | 0 | if (!userExists) |
209 | |
{ |
210 | 0 | throw new UnknownEntityException("Unknown user '" |
211 | |
+ user.getName() + "'"); |
212 | |
} |
213 | 0 | if (!groupExists) |
214 | |
{ |
215 | 0 | throw new UnknownEntityException("Unknown group '" |
216 | |
+ group.getName() + "'"); |
217 | |
} |
218 | 0 | if (!roleExists) |
219 | |
{ |
220 | 0 | throw new UnknownEntityException("Unknown role '" |
221 | |
+ role.getName() + "'"); |
222 | |
} |
223 | 0 | } |
224 | |
|
225 | |
|
226 | |
|
227 | |
|
228 | |
|
229 | |
|
230 | |
|
231 | |
|
232 | |
|
233 | |
|
234 | |
|
235 | |
|
236 | |
public synchronized void revoke(User user, Group group, Role role) |
237 | |
throws DataBackendException, UnknownEntityException |
238 | |
{ |
239 | 0 | boolean userExists = false; |
240 | 0 | boolean groupExists = false; |
241 | 0 | boolean roleExists = false; |
242 | |
try |
243 | |
{ |
244 | 0 | lockExclusive(); |
245 | 0 | userExists = TurbineSecurity.accountExists(user); |
246 | 0 | groupExists = checkExists(group); |
247 | 0 | roleExists = checkExists(role); |
248 | 0 | if (userExists && groupExists && roleExists) |
249 | |
{ |
250 | 0 | Criteria criteria = new Criteria(); |
251 | 0 | criteria.add(TurbineUserGroupRolePeer.USER_ID, |
252 | |
((Persistent) user).getPrimaryKey()); |
253 | 0 | criteria.add(TurbineUserGroupRolePeer.GROUP_ID, |
254 | |
((Persistent) group).getPrimaryKey()); |
255 | 0 | criteria.add(TurbineUserGroupRolePeer.ROLE_ID, |
256 | |
((Persistent) role).getPrimaryKey()); |
257 | 0 | TurbineUserGroupRolePeer.doDelete(criteria); |
258 | |
return; |
259 | |
} |
260 | |
} |
261 | 0 | catch (Exception e) |
262 | |
{ |
263 | 0 | throw new DataBackendException("revoke(User,Role,Group) failed", e); |
264 | |
} |
265 | |
finally |
266 | |
{ |
267 | 0 | unlockExclusive(); |
268 | 0 | } |
269 | 0 | if (!userExists) |
270 | |
{ |
271 | 0 | throw new UnknownEntityException("Unknown user '" |
272 | |
+ user.getName() + "'"); |
273 | |
} |
274 | 0 | if (!groupExists) |
275 | |
{ |
276 | 0 | throw new UnknownEntityException("Unknown group '" |
277 | |
+ group.getName() + "'"); |
278 | |
} |
279 | 0 | if (!roleExists) |
280 | |
{ |
281 | 0 | throw new UnknownEntityException("Unknown role '" |
282 | |
+ role.getName() + "'"); |
283 | |
} |
284 | 0 | } |
285 | |
|
286 | |
|
287 | |
|
288 | |
|
289 | |
|
290 | |
|
291 | |
|
292 | |
|
293 | |
|
294 | |
|
295 | |
|
296 | |
public synchronized void revokeAll(User user) |
297 | |
throws DataBackendException, UnknownEntityException |
298 | |
{ |
299 | 0 | boolean userExists = false; |
300 | |
try |
301 | |
{ |
302 | 0 | lockExclusive(); |
303 | 0 | userExists = TurbineSecurity.accountExists(user); |
304 | 0 | if (userExists) |
305 | |
{ |
306 | |
|
307 | |
|
308 | |
|
309 | |
|
310 | |
|
311 | |
|
312 | |
|
313 | |
|
314 | |
|
315 | 0 | int id = ((NumberKey) ((Persistent) user) |
316 | |
.getPrimaryKey()).intValue(); |
317 | 0 | TurbineUserGroupRolePeer.deleteAll( |
318 | |
TurbineUserGroupRolePeer.TABLE_NAME, |
319 | |
TurbineUserGroupRolePeer.USER_ID, id); |
320 | |
return; |
321 | |
} |
322 | |
} |
323 | 0 | catch (Exception e) |
324 | |
{ |
325 | 0 | throw new DataBackendException("revokeAll(User) failed", e); |
326 | |
} |
327 | |
finally |
328 | |
{ |
329 | 0 | unlockExclusive(); |
330 | 0 | } |
331 | 0 | throw new UnknownEntityException("Unknown user '" |
332 | |
+ user.getName() + "'"); |
333 | |
} |
334 | |
|
335 | |
|
336 | |
|
337 | |
|
338 | |
|
339 | |
|
340 | |
|
341 | |
|
342 | |
|
343 | |
|
344 | |
public synchronized void grant(Role role, Permission permission) |
345 | |
throws DataBackendException, UnknownEntityException |
346 | |
{ |
347 | 0 | boolean roleExists = false; |
348 | 0 | boolean permissionExists = false; |
349 | |
try |
350 | |
{ |
351 | 0 | lockExclusive(); |
352 | 0 | roleExists = checkExists(role); |
353 | 0 | permissionExists = checkExists(permission); |
354 | 0 | if (roleExists && permissionExists) |
355 | |
{ |
356 | 0 | Criteria criteria = new Criteria(); |
357 | 0 | criteria.add(TurbineRolePermissionPeer.ROLE_ID, |
358 | |
((Persistent) role).getPrimaryKey()); |
359 | 0 | criteria.add(TurbineRolePermissionPeer.PERMISSION_ID, |
360 | |
((Persistent) permission).getPrimaryKey()); |
361 | 0 | TurbineRolePermissionPeer.doInsert(criteria); |
362 | |
return; |
363 | |
} |
364 | |
} |
365 | 0 | catch (Exception e) |
366 | |
{ |
367 | 0 | throw new DataBackendException("grant(Role,Permission) failed", e); |
368 | |
} |
369 | |
finally |
370 | |
{ |
371 | 0 | unlockExclusive(); |
372 | 0 | } |
373 | 0 | if (!roleExists) |
374 | |
{ |
375 | 0 | throw new UnknownEntityException("Unknown role '" |
376 | |
+ role.getName() + "'"); |
377 | |
} |
378 | 0 | if (!permissionExists) |
379 | |
{ |
380 | 0 | throw new UnknownEntityException("Unknown permission '" |
381 | |
+ permission.getName() + "'"); |
382 | |
} |
383 | 0 | } |
384 | |
|
385 | |
|
386 | |
|
387 | |
|
388 | |
|
389 | |
|
390 | |
|
391 | |
|
392 | |
|
393 | |
|
394 | |
public synchronized void revoke(Role role, Permission permission) |
395 | |
throws DataBackendException, UnknownEntityException |
396 | |
{ |
397 | 0 | boolean roleExists = false; |
398 | 0 | boolean permissionExists = false; |
399 | |
try |
400 | |
{ |
401 | 0 | lockExclusive(); |
402 | 0 | roleExists = checkExists(role); |
403 | 0 | permissionExists = checkExists(permission); |
404 | 0 | if (roleExists && permissionExists) |
405 | |
{ |
406 | 0 | Criteria criteria = new Criteria(); |
407 | 0 | criteria.add(TurbineRolePermissionPeer.ROLE_ID, |
408 | |
((Persistent) role).getPrimaryKey()); |
409 | 0 | criteria.add(TurbineRolePermissionPeer.PERMISSION_ID, |
410 | |
((Persistent) permission).getPrimaryKey()); |
411 | 0 | TurbineRolePermissionPeer.doDelete(criteria); |
412 | |
return; |
413 | |
} |
414 | |
} |
415 | 0 | catch (Exception e) |
416 | |
{ |
417 | 0 | throw new DataBackendException("revoke(Role,Permission) failed", e); |
418 | |
} |
419 | |
finally |
420 | |
{ |
421 | 0 | unlockExclusive(); |
422 | 0 | } |
423 | 0 | if (!roleExists) |
424 | |
{ |
425 | 0 | throw new UnknownEntityException("Unknown role '" |
426 | |
+ role.getName() + "'"); |
427 | |
} |
428 | 0 | if (!permissionExists) |
429 | |
{ |
430 | 0 | throw new UnknownEntityException("Unknown permission '" |
431 | |
+ permission.getName() + "'"); |
432 | |
} |
433 | 0 | } |
434 | |
|
435 | |
|
436 | |
|
437 | |
|
438 | |
|
439 | |
|
440 | |
|
441 | |
|
442 | |
|
443 | |
|
444 | |
|
445 | |
public synchronized void revokeAll(Role role) |
446 | |
throws DataBackendException, UnknownEntityException |
447 | |
{ |
448 | 0 | boolean roleExists = false; |
449 | |
try |
450 | |
{ |
451 | 0 | lockExclusive(); |
452 | 0 | roleExists = checkExists(role); |
453 | 0 | if (roleExists) |
454 | |
{ |
455 | |
|
456 | |
|
457 | |
|
458 | |
|
459 | |
|
460 | |
|
461 | |
|
462 | |
|
463 | 0 | int id = ((NumberKey) ((Persistent) role) |
464 | |
.getPrimaryKey()).intValue(); |
465 | 0 | TurbineRolePermissionPeer.deleteAll( |
466 | |
TurbineRolePermissionPeer.TABLE_NAME, |
467 | |
TurbineRolePermissionPeer.ROLE_ID, id); |
468 | |
return; |
469 | |
} |
470 | |
} |
471 | 0 | catch (Exception e) |
472 | |
{ |
473 | 0 | throw new DataBackendException("revokeAll(Role) failed", e); |
474 | |
} |
475 | |
finally |
476 | |
{ |
477 | 0 | unlockExclusive(); |
478 | 0 | } |
479 | 0 | throw new UnknownEntityException("Unknown role '" |
480 | |
+ role.getName() + "'"); |
481 | |
} |
482 | |
|
483 | |
|
484 | |
|
485 | |
|
486 | |
|
487 | |
|
488 | |
|
489 | |
|
490 | |
|
491 | |
|
492 | |
|
493 | |
|
494 | |
|
495 | |
public GroupSet getGroups(Object criteria) |
496 | |
throws DataBackendException |
497 | |
{ |
498 | 0 | if (criteria instanceof Criteria) |
499 | |
{ |
500 | 0 | Criteria torqueCriteria = new Criteria(); |
501 | 0 | Criteria c = (Criteria)criteria; |
502 | 0 | Iterator keys = c.keySet().iterator(); |
503 | 0 | while (keys.hasNext()) |
504 | |
{ |
505 | 0 | String key = (String) keys.next(); |
506 | 0 | torqueCriteria.put(GroupPeerManager.getColumnName(key), |
507 | |
c.get(key)); |
508 | 0 | } |
509 | 0 | List groups = new ArrayList(0); |
510 | |
try |
511 | |
{ |
512 | 0 | groups = GroupPeerManager.doSelect(torqueCriteria); |
513 | |
} |
514 | 0 | catch (TorqueException e) |
515 | |
{ |
516 | 0 | throw new DataBackendException("getGroups(Object) failed", e); |
517 | 0 | } |
518 | |
|
519 | 0 | return new GroupSet(groups); |
520 | |
} |
521 | |
else |
522 | |
{ |
523 | 0 | throw new DataBackendException( |
524 | |
"getGroups(Object) failed with invalid criteria"); |
525 | |
} |
526 | |
} |
527 | |
|
528 | |
|
529 | |
|
530 | |
|
531 | |
|
532 | |
|
533 | |
|
534 | |
|
535 | |
|
536 | |
public RoleSet getRoles(Object criteria) |
537 | |
throws DataBackendException |
538 | |
{ |
539 | 0 | if (criteria instanceof Criteria) |
540 | |
{ |
541 | 0 | Criteria torqueCriteria = new Criteria(); |
542 | 0 | Criteria c = (Criteria)criteria; |
543 | 0 | Iterator keys = c.keySet().iterator(); |
544 | 0 | while (keys.hasNext()) |
545 | |
{ |
546 | 0 | String key = (String) keys.next(); |
547 | 0 | torqueCriteria.put(RolePeerManager.getColumnName(key), |
548 | |
c.get(key)); |
549 | 0 | } |
550 | 0 | List roles = new ArrayList(0); |
551 | |
try |
552 | |
{ |
553 | 0 | roles = RolePeerManager.doSelect(torqueCriteria); |
554 | |
} |
555 | 0 | catch (TorqueException e) |
556 | |
{ |
557 | 0 | throw new DataBackendException("getRoles(Criteria) failed", e); |
558 | 0 | } |
559 | 0 | return new RoleSet(roles); |
560 | |
} |
561 | |
else |
562 | |
{ |
563 | 0 | throw new DataBackendException( |
564 | |
"getRoles(Object) failed with invalid criteria"); |
565 | |
} |
566 | |
} |
567 | |
|
568 | |
|
569 | |
|
570 | |
|
571 | |
|
572 | |
|
573 | |
|
574 | |
|
575 | |
|
576 | |
public PermissionSet getPermissions(Object criteria) |
577 | |
throws DataBackendException |
578 | |
{ |
579 | 0 | if (criteria instanceof Criteria) |
580 | |
{ |
581 | 0 | Criteria torqueCriteria = new Criteria(); |
582 | 0 | Criteria c = (Criteria)criteria; |
583 | 0 | Iterator keys = c.keySet().iterator(); |
584 | 0 | while (keys.hasNext()) |
585 | |
{ |
586 | 0 | String key = (String) keys.next(); |
587 | 0 | torqueCriteria.put(PermissionPeerManager.getColumnName(key), |
588 | |
c.get(key)); |
589 | 0 | } |
590 | 0 | List permissions = new ArrayList(0); |
591 | |
try |
592 | |
{ |
593 | 0 | permissions = PermissionPeerManager.doSelect(torqueCriteria); |
594 | |
} |
595 | 0 | catch (TorqueException e) |
596 | |
{ |
597 | 0 | throw new DataBackendException( |
598 | |
"getPermissions(Object) failed", e); |
599 | 0 | } |
600 | |
|
601 | 0 | return new PermissionSet(permissions); |
602 | |
} |
603 | |
else |
604 | |
{ |
605 | 0 | throw new DataBackendException( |
606 | |
"getPermissions(Object) failed with invalid criteria"); |
607 | |
} |
608 | |
} |
609 | |
|
610 | |
|
611 | |
|
612 | |
|
613 | |
|
614 | |
|
615 | |
|
616 | |
|
617 | |
|
618 | |
|
619 | |
public PermissionSet getPermissions(Role role) |
620 | |
throws DataBackendException, UnknownEntityException |
621 | |
{ |
622 | 0 | boolean roleExists = false; |
623 | |
try |
624 | |
{ |
625 | 0 | lockShared(); |
626 | 0 | roleExists = checkExists(role); |
627 | 0 | if (roleExists) |
628 | |
{ |
629 | 0 | return PermissionPeerManager.retrieveSet(role); |
630 | |
} |
631 | |
} |
632 | 0 | catch (Exception e) |
633 | |
{ |
634 | 0 | throw new DataBackendException("getPermissions(Role) failed", e); |
635 | |
} |
636 | |
finally |
637 | |
{ |
638 | 0 | unlockShared(); |
639 | 0 | } |
640 | 0 | throw new UnknownEntityException("Unknown role '" |
641 | |
+ role.getName() + "'"); |
642 | |
} |
643 | |
|
644 | |
|
645 | |
|
646 | |
|
647 | |
|
648 | |
|
649 | |
|
650 | |
|
651 | |
|
652 | |
public void saveGroup(Group group) |
653 | |
throws DataBackendException, UnknownEntityException |
654 | |
{ |
655 | 0 | boolean groupExists = false; |
656 | |
try |
657 | |
{ |
658 | 0 | groupExists = checkExists(group); |
659 | 0 | if (groupExists) |
660 | |
{ |
661 | 0 | Criteria criteria = GroupPeerManager.buildCriteria(group); |
662 | 0 | GroupPeerManager.doUpdate(criteria); |
663 | 0 | return; |
664 | |
} |
665 | |
} |
666 | 0 | catch (Exception e) |
667 | |
{ |
668 | 0 | throw new DataBackendException("saveGroup(Group) failed", e); |
669 | 0 | } |
670 | 0 | throw new UnknownEntityException("Unknown group '" + group + "'"); |
671 | |
} |
672 | |
|
673 | |
|
674 | |
|
675 | |
|
676 | |
|
677 | |
|
678 | |
|
679 | |
|
680 | |
|
681 | |
public void saveRole(Role role) |
682 | |
throws DataBackendException, UnknownEntityException |
683 | |
{ |
684 | 0 | boolean roleExists = false; |
685 | |
try |
686 | |
{ |
687 | 0 | roleExists = checkExists(role); |
688 | 0 | if (roleExists) |
689 | |
{ |
690 | 0 | Criteria criteria = RolePeerManager.buildCriteria(role); |
691 | 0 | RolePeerManager.doUpdate(criteria); |
692 | 0 | return; |
693 | |
} |
694 | |
} |
695 | 0 | catch (Exception e) |
696 | |
{ |
697 | 0 | throw new DataBackendException("saveRole(Role) failed", e); |
698 | 0 | } |
699 | 0 | throw new UnknownEntityException("Unknown role '" + role + "'"); |
700 | |
} |
701 | |
|
702 | |
|
703 | |
|
704 | |
|
705 | |
|
706 | |
|
707 | |
|
708 | |
|
709 | |
|
710 | |
|
711 | |
public void savePermission(Permission permission) |
712 | |
throws DataBackendException, UnknownEntityException |
713 | |
{ |
714 | 0 | boolean permissionExists = false; |
715 | |
try |
716 | |
{ |
717 | 0 | permissionExists = checkExists(permission); |
718 | 0 | if (permissionExists) |
719 | |
{ |
720 | 0 | Criteria criteria = PermissionPeerManager.buildCriteria(permission); |
721 | 0 | PermissionPeerManager.doUpdate(criteria); |
722 | 0 | return; |
723 | |
} |
724 | |
} |
725 | 0 | catch (Exception e) |
726 | |
{ |
727 | 0 | throw new DataBackendException( |
728 | |
"savePermission(Permission) failed", e); |
729 | 0 | } |
730 | 0 | throw new UnknownEntityException("Unknown permission '" |
731 | |
+ permission + "'"); |
732 | |
} |
733 | |
|
734 | |
|
735 | |
|
736 | |
|
737 | |
|
738 | |
|
739 | |
|
740 | |
|
741 | |
|
742 | |
|
743 | |
public synchronized Group addGroup(Group group) |
744 | |
throws DataBackendException, |
745 | |
EntityExistsException |
746 | |
{ |
747 | 0 | boolean groupExists = false; |
748 | |
|
749 | 0 | if (StringUtils.isEmpty(group.getName())) |
750 | |
{ |
751 | 0 | throw new DataBackendException("Could not create " |
752 | |
+ "a group with empty name!"); |
753 | |
} |
754 | |
|
755 | |
try |
756 | |
{ |
757 | 0 | lockExclusive(); |
758 | 0 | groupExists = checkExists(group); |
759 | 0 | if (!groupExists) |
760 | |
{ |
761 | |
|
762 | 0 | Criteria criteria = GroupPeerManager.buildCriteria(group); |
763 | 0 | GroupPeerManager.doInsert(criteria); |
764 | |
|
765 | 0 | criteria = new Criteria(); |
766 | 0 | criteria.add(GroupPeerManager.getNameColumn(), |
767 | |
group.getName()); |
768 | 0 | List results = GroupPeerManager.doSelect(criteria); |
769 | 0 | if (results.size() != 1) |
770 | |
{ |
771 | 0 | throw new DataBackendException( |
772 | |
"Internal error - query returned " |
773 | |
+ results.size() + " rows"); |
774 | |
} |
775 | 0 | Group newGroup = (Group) results.get(0); |
776 | |
|
777 | 0 | getAllGroups().add(newGroup); |
778 | |
|
779 | 0 | return newGroup; |
780 | |
} |
781 | |
} |
782 | 0 | catch (Exception e) |
783 | |
{ |
784 | 0 | throw new DataBackendException("addGroup(Group) failed", e); |
785 | |
} |
786 | |
finally |
787 | |
{ |
788 | 0 | unlockExclusive(); |
789 | 0 | } |
790 | |
|
791 | |
|
792 | 0 | throw new EntityExistsException("Group '" + group + "' already exists"); |
793 | |
} |
794 | |
|
795 | |
|
796 | |
|
797 | |
|
798 | |
|
799 | |
|
800 | |
|
801 | |
|
802 | |
|
803 | |
|
804 | |
public synchronized Role addRole(Role role) |
805 | |
throws DataBackendException, EntityExistsException |
806 | |
{ |
807 | 0 | boolean roleExists = false; |
808 | |
|
809 | 0 | if (StringUtils.isEmpty(role.getName())) |
810 | |
{ |
811 | 0 | throw new DataBackendException("Could not create " |
812 | |
+ "a role with empty name!"); |
813 | |
} |
814 | |
|
815 | |
try |
816 | |
{ |
817 | 0 | lockExclusive(); |
818 | 0 | roleExists = checkExists(role); |
819 | 0 | if (!roleExists) |
820 | |
{ |
821 | |
|
822 | 0 | Criteria criteria = RolePeerManager.buildCriteria(role); |
823 | 0 | RolePeerManager.doInsert(criteria); |
824 | |
|
825 | 0 | criteria = new Criteria(); |
826 | 0 | criteria.add(RolePeerManager.getNameColumn(), role.getName()); |
827 | 0 | List results = RolePeerManager.doSelect(criteria); |
828 | 0 | if (results.size() != 1) |
829 | |
{ |
830 | 0 | throw new DataBackendException( |
831 | |
"Internal error - query returned " |
832 | |
+ results.size() + " rows"); |
833 | |
} |
834 | 0 | Role newRole = (Role) results.get(0); |
835 | |
|
836 | 0 | getAllRoles().add(newRole); |
837 | |
|
838 | 0 | return newRole; |
839 | |
} |
840 | |
} |
841 | 0 | catch (Exception e) |
842 | |
{ |
843 | 0 | throw new DataBackendException("addRole(Role) failed", e); |
844 | |
} |
845 | |
finally |
846 | |
{ |
847 | 0 | unlockExclusive(); |
848 | 0 | } |
849 | |
|
850 | |
|
851 | 0 | throw new EntityExistsException("Role '" + role + "' already exists"); |
852 | |
} |
853 | |
|
854 | |
|
855 | |
|
856 | |
|
857 | |
|
858 | |
|
859 | |
|
860 | |
|
861 | |
|
862 | |
|
863 | |
public synchronized Permission addPermission(Permission permission) |
864 | |
throws DataBackendException, EntityExistsException |
865 | |
{ |
866 | 0 | boolean permissionExists = false; |
867 | |
|
868 | 0 | if (StringUtils.isEmpty(permission.getName())) |
869 | |
{ |
870 | 0 | throw new DataBackendException("Could not create " |
871 | |
+ "a permission with empty name!"); |
872 | |
} |
873 | |
|
874 | |
try |
875 | |
{ |
876 | 0 | lockExclusive(); |
877 | 0 | permissionExists = checkExists(permission); |
878 | 0 | if (!permissionExists) |
879 | |
{ |
880 | |
|
881 | 0 | Criteria criteria = PermissionPeerManager.buildCriteria(permission); |
882 | 0 | PermissionPeerManager.doInsert(criteria); |
883 | |
|
884 | 0 | criteria = new Criteria(); |
885 | 0 | criteria.add(PermissionPeerManager.getNameColumn(), |
886 | |
permission.getName()); |
887 | 0 | List results = PermissionPeerManager.doSelect(criteria); |
888 | 0 | if (results.size() != 1) |
889 | |
{ |
890 | 0 | throw new DataBackendException( |
891 | |
"Internal error - query returned " |
892 | |
+ results.size() + " rows"); |
893 | |
} |
894 | 0 | Permission newPermission = (Permission) results.get(0); |
895 | |
|
896 | 0 | getAllPermissions().add(newPermission); |
897 | |
|
898 | 0 | return newPermission; |
899 | |
} |
900 | |
} |
901 | 0 | catch (Exception e) |
902 | |
{ |
903 | 0 | throw new DataBackendException( |
904 | |
"addPermission(Permission) failed", e); |
905 | |
} |
906 | |
finally |
907 | |
{ |
908 | 0 | unlockExclusive(); |
909 | 0 | } |
910 | |
|
911 | |
|
912 | 0 | throw new EntityExistsException("Permission '" + permission |
913 | |
+ "' already exists"); |
914 | |
} |
915 | |
|
916 | |
|
917 | |
|
918 | |
|
919 | |
|
920 | |
|
921 | |
|
922 | |
|
923 | |
|
924 | |
public synchronized void removeGroup(Group group) |
925 | |
throws DataBackendException, UnknownEntityException |
926 | |
{ |
927 | 0 | boolean groupExists = false; |
928 | |
try |
929 | |
{ |
930 | 0 | lockExclusive(); |
931 | 0 | groupExists = checkExists(group); |
932 | 0 | if (groupExists) |
933 | |
{ |
934 | 0 | Criteria criteria = GroupPeerManager.buildCriteria(group); |
935 | 0 | GroupPeerManager.doDelete(criteria); |
936 | 0 | getAllGroups().remove(group); |
937 | |
return; |
938 | |
} |
939 | |
} |
940 | 0 | catch (Exception e) |
941 | |
{ |
942 | 0 | log.error("Failed to delete a Group"); |
943 | 0 | log.error(e); |
944 | 0 | throw new DataBackendException("removeGroup(Group) failed", e); |
945 | |
} |
946 | |
finally |
947 | |
{ |
948 | 0 | unlockExclusive(); |
949 | 0 | } |
950 | 0 | throw new UnknownEntityException("Unknown group '" + group + "'"); |
951 | |
} |
952 | |
|
953 | |
|
954 | |
|
955 | |
|
956 | |
|
957 | |
|
958 | |
|
959 | |
|
960 | |
|
961 | |
public synchronized void removeRole(Role role) |
962 | |
throws DataBackendException, UnknownEntityException |
963 | |
{ |
964 | 0 | boolean roleExists = false; |
965 | |
try |
966 | |
{ |
967 | 0 | lockExclusive(); |
968 | 0 | roleExists = checkExists(role); |
969 | 0 | if (roleExists) |
970 | |
{ |
971 | |
|
972 | 0 | revokeAll(role); |
973 | 0 | Criteria criteria = RolePeerManager.buildCriteria(role); |
974 | 0 | RolePeerManager.doDelete(criteria); |
975 | 0 | getAllRoles().remove(role); |
976 | |
return; |
977 | |
} |
978 | |
} |
979 | 0 | catch (Exception e) |
980 | |
{ |
981 | 0 | throw new DataBackendException("removeRole(Role)", e); |
982 | |
} |
983 | |
finally |
984 | |
{ |
985 | 0 | unlockExclusive(); |
986 | 0 | } |
987 | 0 | throw new UnknownEntityException("Unknown role '" + role + "'"); |
988 | |
} |
989 | |
|
990 | |
|
991 | |
|
992 | |
|
993 | |
|
994 | |
|
995 | |
|
996 | |
|
997 | |
|
998 | |
public synchronized void removePermission(Permission permission) |
999 | |
throws DataBackendException, UnknownEntityException |
1000 | |
{ |
1001 | 0 | boolean permissionExists = false; |
1002 | |
try |
1003 | |
{ |
1004 | 0 | lockExclusive(); |
1005 | 0 | permissionExists = checkExists(permission); |
1006 | 0 | if (permissionExists) |
1007 | |
{ |
1008 | 0 | Criteria criteria = PermissionPeerManager.buildCriteria(permission); |
1009 | 0 | PermissionPeerManager.doDelete(criteria); |
1010 | 0 | getAllPermissions().remove(permission); |
1011 | |
return; |
1012 | |
} |
1013 | |
} |
1014 | 0 | catch (Exception e) |
1015 | |
{ |
1016 | 0 | throw new DataBackendException("removePermission(Permission)", e); |
1017 | |
} |
1018 | |
finally |
1019 | |
{ |
1020 | 0 | unlockExclusive(); |
1021 | 0 | } |
1022 | 0 | throw new UnknownEntityException("Unknown permission '" |
1023 | |
+ permission + "'"); |
1024 | |
} |
1025 | |
|
1026 | |
|
1027 | |
|
1028 | |
|
1029 | |
|
1030 | |
|
1031 | |
|
1032 | |
|
1033 | |
|
1034 | |
|
1035 | |
public synchronized void renameGroup(Group group, String name) |
1036 | |
throws DataBackendException, UnknownEntityException |
1037 | |
{ |
1038 | 0 | boolean groupExists = false; |
1039 | |
try |
1040 | |
{ |
1041 | 0 | lockExclusive(); |
1042 | 0 | groupExists = checkExists(group); |
1043 | 0 | if (groupExists) |
1044 | |
{ |
1045 | 0 | group.setName(name); |
1046 | 0 | Criteria criteria = GroupPeerManager.buildCriteria(group); |
1047 | 0 | GroupPeerManager.doUpdate(criteria); |
1048 | |
return; |
1049 | |
} |
1050 | |
} |
1051 | 0 | catch (Exception e) |
1052 | |
{ |
1053 | 0 | throw new DataBackendException("renameGroup(Group,String)", e); |
1054 | |
} |
1055 | |
finally |
1056 | |
{ |
1057 | 0 | unlockExclusive(); |
1058 | 0 | } |
1059 | 0 | throw new UnknownEntityException("Unknown group '" + group + "'"); |
1060 | |
} |
1061 | |
|
1062 | |
|
1063 | |
|
1064 | |
|
1065 | |
|
1066 | |
|
1067 | |
|
1068 | |
|
1069 | |
|
1070 | |
|
1071 | |
public synchronized void renameRole(Role role, String name) |
1072 | |
throws DataBackendException, UnknownEntityException |
1073 | |
{ |
1074 | 0 | boolean roleExists = false; |
1075 | |
try |
1076 | |
{ |
1077 | 0 | lockExclusive(); |
1078 | 0 | roleExists = checkExists(role); |
1079 | 0 | if (roleExists) |
1080 | |
{ |
1081 | 0 | role.setName(name); |
1082 | 0 | Criteria criteria = RolePeerManager.buildCriteria(role); |
1083 | 0 | RolePeerManager.doUpdate(criteria); |
1084 | |
return; |
1085 | |
} |
1086 | |
} |
1087 | 0 | catch (Exception e) |
1088 | |
{ |
1089 | 0 | throw new DataBackendException("renameRole(Role,String)", e); |
1090 | |
} |
1091 | |
finally |
1092 | |
{ |
1093 | 0 | unlockExclusive(); |
1094 | 0 | } |
1095 | 0 | throw new UnknownEntityException("Unknown role '" + role + "'"); |
1096 | |
} |
1097 | |
|
1098 | |
|
1099 | |
|
1100 | |
|
1101 | |
|
1102 | |
|
1103 | |
|
1104 | |
|
1105 | |
|
1106 | |
|
1107 | |
public synchronized void renamePermission(Permission permission, |
1108 | |
String name) |
1109 | |
throws DataBackendException, UnknownEntityException |
1110 | |
{ |
1111 | 0 | boolean permissionExists = false; |
1112 | |
try |
1113 | |
{ |
1114 | 0 | lockExclusive(); |
1115 | 0 | permissionExists = checkExists(permission); |
1116 | 0 | if (permissionExists) |
1117 | |
{ |
1118 | 0 | permission.setName(name); |
1119 | 0 | Criteria criteria = PermissionPeerManager.buildCriteria(permission); |
1120 | 0 | PermissionPeerManager.doUpdate(criteria); |
1121 | |
return; |
1122 | |
} |
1123 | |
} |
1124 | 0 | catch (Exception e) |
1125 | |
{ |
1126 | 0 | throw new DataBackendException( |
1127 | |
"renamePermission(Permission,name)", e); |
1128 | |
} |
1129 | |
finally |
1130 | |
{ |
1131 | 0 | unlockExclusive(); |
1132 | 0 | } |
1133 | 0 | throw new UnknownEntityException("Unknown permission '" |
1134 | |
+ permission + "'"); |
1135 | |
} |
1136 | |
|
1137 | |
|
1138 | |
|
1139 | |
|
1140 | |
|
1141 | |
|
1142 | |
|
1143 | |
|
1144 | |
|
1145 | |
|
1146 | |
|
1147 | |
|
1148 | |
protected boolean checkExists(Group group) |
1149 | |
throws DataBackendException, Exception |
1150 | |
{ |
1151 | 0 | return GroupPeerManager.checkExists(group); |
1152 | |
} |
1153 | |
|
1154 | |
|
1155 | |
|
1156 | |
|
1157 | |
|
1158 | |
|
1159 | |
|
1160 | |
|
1161 | |
|
1162 | |
|
1163 | |
protected boolean checkExists(Role role) |
1164 | |
throws DataBackendException, Exception |
1165 | |
{ |
1166 | 0 | return RolePeerManager.checkExists(role); |
1167 | |
} |
1168 | |
|
1169 | |
|
1170 | |
|
1171 | |
|
1172 | |
|
1173 | |
|
1174 | |
|
1175 | |
|
1176 | |
|
1177 | |
|
1178 | |
protected boolean checkExists(Permission permission) |
1179 | |
throws DataBackendException, Exception |
1180 | |
{ |
1181 | 0 | return PermissionPeerManager.checkExists(permission); |
1182 | |
} |
1183 | |
|
1184 | |
|
1185 | |
|
1186 | |
|
1187 | |
|
1188 | |
|
1189 | |
|
1190 | |
|
1191 | |
|
1192 | |
public GroupSet getAllGroups() throws DataBackendException |
1193 | |
{ |
1194 | 0 | return getGroups(new Criteria()); |
1195 | |
} |
1196 | |
|
1197 | |
|
1198 | |
|
1199 | |
|
1200 | |
|
1201 | |
|
1202 | |
|
1203 | |
|
1204 | |
|
1205 | |
public PermissionSet getAllPermissions() throws DataBackendException |
1206 | |
{ |
1207 | 0 | return getPermissions(new Criteria()); |
1208 | |
} |
1209 | |
|
1210 | |
|
1211 | |
|
1212 | |
|
1213 | |
|
1214 | |
|
1215 | |
|
1216 | |
|
1217 | |
|
1218 | |
public RoleSet getAllRoles() throws DataBackendException |
1219 | |
{ |
1220 | 0 | return getRoles(new Criteria()); |
1221 | |
} |
1222 | |
|
1223 | |
|
1224 | |
|
1225 | |
|
1226 | |
|
1227 | |
|
1228 | |
|
1229 | |
|
1230 | |
|
1231 | |
|
1232 | |
|
1233 | |
|
1234 | |
|
1235 | |
|
1236 | |
|
1237 | |
|
1238 | |
public List getUserList(Object criteria) throws DataBackendException |
1239 | |
{ |
1240 | 0 | return getUserManager().retrieveList(criteria); |
1241 | |
} |
1242 | |
|
1243 | |
} |