001package org.apache.fulcrum.security.model.dynamic; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.fulcrum.security.entity.Group; 023import org.apache.fulcrum.security.entity.Permission; 024import org.apache.fulcrum.security.entity.Role; 025import org.apache.fulcrum.security.entity.User; 026import org.apache.fulcrum.security.model.dynamic.entity.DynamicGroup; 027import org.apache.fulcrum.security.model.dynamic.entity.DynamicPermission; 028import org.apache.fulcrum.security.model.dynamic.entity.DynamicRole; 029import org.apache.fulcrum.security.model.dynamic.entity.DynamicUser; 030import org.apache.fulcrum.security.spi.AbstractManager; 031import org.apache.fulcrum.security.util.DataBackendException; 032import org.apache.fulcrum.security.util.UnknownEntityException; 033 034/** 035 * Holds shared functionality between different implementations of 036 * DyanamicModelManager's. 037 * 038 * @author <a href="mailto:epugh@upstate.com">Eric Pugh </a> 039 * @author <a href="mailto:ben@gidley.co.uk">Ben Gidley</a> 040 * @version $Id: AbstractDynamicModelManager.java,v 1.2 2004/07/07 18:18:09 041 * epugh Exp $ 042 */ 043public abstract class AbstractDynamicModelManager extends AbstractManager implements DynamicModelManager 044{ 045 /** 046 * Revokes all roles from a permission 047 * 048 * This method is used when deleting a permission. 049 * 050 * @param permission 051 * the permission. 052 * @throws DataBackendException 053 * if there was an error accessing the data backend. 054 * @throws UnknownEntityException 055 * if the account is not present. 056 */ 057 public synchronized void revokeAll(Permission permission) throws DataBackendException, UnknownEntityException 058 { 059 boolean permissionExists = false; 060 permissionExists = getPermissionManager().checkExists(permission); 061 if (permissionExists) 062 { 063 Object roles[] = ((DynamicPermission) permission).getRoles().toArray(); 064 for (Object role2 : roles) 065 { 066 revoke((Role) role2, permission); 067 } 068 069 return; 070 } 071 else 072 { 073 throw new UnknownEntityException("Unknown permission '" + permission.getName() + "'"); 074 } 075 } 076 077 /** 078 * Revokes all users and roles from a group 079 * 080 * This method is used when deleting a group. 081 * 082 * @param group 083 * the Group. 084 * @throws DataBackendException 085 * if there was an error accessing the data backend. 086 * @throws UnknownEntityException 087 * if the account is not present. 088 */ 089 public synchronized void revokeAll(Group group) throws DataBackendException, UnknownEntityException 090 { 091 boolean groupExists = false; 092 groupExists = getGroupManager().checkExists(group); 093 if (groupExists) 094 { 095 Object users[] = ((DynamicGroup) group).getUsers().toArray(); 096 for (Object user : users) 097 { 098 revoke((User) user, group); 099 } 100 101 Object roles[] = ((DynamicGroup) group).getRoles().toArray(); 102 for (Object role2 : roles) 103 { 104 revoke(group, (Role) role2); 105 } 106 107 return; 108 } 109 else 110 { 111 throw new UnknownEntityException("Unknown group '" + group.getName() + "'"); 112 } 113 } 114 115 /** 116 * Revokes all groups from a user 117 * 118 * This method is used when deleting an account. 119 * 120 * @param user 121 * the User. 122 * @throws DataBackendException 123 * if there was an error accessing the data backend. 124 * @throws UnknownEntityException 125 * if the account is not present. 126 */ 127 public synchronized void revokeAll(User user) throws DataBackendException, UnknownEntityException 128 { 129 boolean userExists = false; 130 userExists = getUserManager().checkExists(user); 131 if (userExists) 132 { 133 Object groups[] = ((DynamicUser) user).getGroups().toArray(); 134 for (Object group : groups) 135 { 136 revoke(user, (Group) group); 137 } 138 139 return; 140 } 141 else 142 { 143 throw new UnknownEntityException("Unknown user '" + user.getName() + "'"); 144 } 145 } 146 147 /** 148 * Revokes all permissions and groups from a Role. 149 * 150 * This method is used when deleting a Role. 151 * 152 * @param role 153 * the Role 154 * @throws DataBackendException 155 * if there was an error accessing the data backend. 156 * @throws UnknownEntityException 157 * if the Role is not present. 158 */ 159 public synchronized void revokeAll(Role role) throws DataBackendException, UnknownEntityException 160 { 161 boolean roleExists = false; 162 roleExists = getRoleManager().checkExists(role); 163 if (roleExists) 164 { 165 Object groups[] = ((DynamicRole) role).getGroups().toArray(); 166 for (Object group : groups) 167 { 168 revoke((Group) group, role); 169 } 170 171 Object permissions[] = ((DynamicRole) role).getPermissions().toArray(); 172 for (Object permission : permissions) 173 { 174 revoke(role, (Permission) permission); 175 } 176 } 177 else 178 { 179 throw new UnknownEntityException("Unknown role '" + role.getName() + "'"); 180 } 181 182 } 183 184 /** 185 * It is expected the real implementation will overide this and save either 186 * side of the function. It is not abstract as a in memory implementation 187 * would not need to do anything. 188 */ 189 public void addDelegate(User delegator, User delegatee) throws DataBackendException, UnknownEntityException 190 { 191 DynamicUser dynamicDelegator = (DynamicUser) delegator; 192 DynamicUser dynamicDelegatee = (DynamicUser) delegatee; 193 194 // check it hasn't already been done 195 // It is NOT an error to call this twice 196 if (!(dynamicDelegator.getDelegatees().contains(delegatee) || dynamicDelegatee.getDelegators().contains(delegator))) 197 { 198 dynamicDelegator.getDelegatees().add(dynamicDelegatee); 199 dynamicDelegatee.getDelegators().add(dynamicDelegator); 200 } 201 } 202 203 /** 204 * Implementors should overide this to save and call super if they want the 205 * base class to do the work 206 */ 207 public void removeDelegate(User delegator, User delegatee) throws DataBackendException, UnknownEntityException 208 { 209 DynamicUser dynamicDelegator = (DynamicUser) delegator; 210 DynamicUser dynamicDelegatee = (DynamicUser) delegatee; 211 212 if (dynamicDelegator.getDelegatees().contains(dynamicDelegatee)) 213 { 214 dynamicDelegator.getDelegatees().remove(dynamicDelegatee); 215 dynamicDelegatee.getDelegators().remove(dynamicDelegator); 216 } 217 else 218 { 219 throw new UnknownEntityException("Tried to remove a delegate that does not exist"); 220 } 221 222 } 223}