001package org.apache.fulcrum.security.model.turbine; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.avalon.framework.configuration.Configurable; 023import org.apache.avalon.framework.configuration.Configuration; 024import org.apache.fulcrum.security.entity.Group; 025import org.apache.fulcrum.security.entity.Permission; 026import org.apache.fulcrum.security.entity.Role; 027import org.apache.fulcrum.security.entity.User; 028import org.apache.fulcrum.security.model.turbine.entity.TurbineGroup; 029import org.apache.fulcrum.security.model.turbine.entity.TurbineRole; 030import org.apache.fulcrum.security.model.turbine.entity.TurbineUser; 031import org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRole; 032import org.apache.fulcrum.security.spi.AbstractManager; 033import org.apache.fulcrum.security.util.DataBackendException; 034import org.apache.fulcrum.security.util.EntityExistsException; 035import org.apache.fulcrum.security.util.UnknownEntityException; 036 037/** 038 * Holds shared functionality between different implementations of 039 * TurbineModelManager's. 040 * 041 * @author <a href="mailto:epugh@upstate.com">Eric Pugh </a> 042 * @version $Id: AbstractDynamicModelManager.java,v 1.2 2004/07/07 18:18:09 043 * epugh Exp $ 044 */ 045public abstract class AbstractTurbineModelManager extends AbstractManager implements TurbineModelManager, Configurable 046{ 047 048 049 /** 050 * 051 */ 052 private static final long serialVersionUID = 1L; 053 054 private String globalGroupName; 055 056 //private boolean cascadeDelete; 057 // ---------------- Avalon Lifecycle Methods --------------------- 058 /** 059 * Avalon component lifecycle method 060 */ 061 @Override 062 public void configure(Configuration conf) 063 { 064 globalGroupName = conf.getAttribute( 065 TurbineModelManager.GLOBAL_GROUP_ATTR_NAME, 066 TurbineModelManager.GLOBAL_GROUP_NAME); 067 //cascadeDelete = conf.getAttributeAsBoolean( TurbineModelManager.CASCADE_DELETE_ATTR_NAME, false ); 068 } 069 070 /** 071 * Provides a reference to the Group object that represents the <a 072 * href="#global">global group </a>. 073 * 074 * @return A Group object that represents the global group. 075 */ 076 @Override 077 public Group getGlobalGroup() throws DataBackendException 078 { 079 Group g = null; 080 try 081 { 082 g = getGroupManager().getGroupByName(globalGroupName); 083 } 084 catch (UnknownEntityException uee) 085 { 086 g = getGroupManager().getGroupInstance(globalGroupName); 087 try 088 { 089 getGroupManager().addGroup(g); 090 } 091 catch (EntityExistsException eee) 092 { 093 throw new DataBackendException(eee.getMessage(), eee); 094 } 095 096 } 097 return g; 098 } 099 100 /** 101 * Revokes all permissions from a Role. 102 * 103 * This method is used when deleting a Role. 104 * 105 * @param role 106 * the Role 107 * @throws DataBackendException 108 * if there was an error accessing the data backend. 109 * @throws UnknownEntityException 110 * if the Role is not present. 111 */ 112 @Override 113 public synchronized void revokeAll(Role role) throws DataBackendException, UnknownEntityException 114 { 115 revokeAll( role, false ); 116 } 117 118 /** 119 * Revokes by default all permissions from a Role and if flag is set 120 * all groups and users for this role 121 * 122 * This method is used when deleting a Role. 123 * 124 * @param role 125 * the Role 126 * @param cascadeDelete 127 * if <code>true </code> removes all groups and user for this role. 128 * @throws DataBackendException 129 * if there was an error accessing the data backend. 130 * @throws UnknownEntityException 131 * if the Role is not present. 132 */ 133 @Override 134 public synchronized void revokeAll(Role role, boolean cascadeDelete) throws DataBackendException, UnknownEntityException 135 { 136 boolean roleExists = false; 137 roleExists = getRoleManager().checkExists(role); 138 if (roleExists) 139 { 140 141 Object permissions[] = ((TurbineRole) role).getPermissions().toArray(); 142 for (Object permission : permissions) 143 { 144 revoke(role, (Permission) permission); 145 } 146 if (cascadeDelete) { 147 Object userGroupRoles[] = ((TurbineRole) role).getUserGroupRoleSet().toArray(); 148 for (Object userGroupRole : userGroupRoles) 149 { 150 TurbineUserGroupRole ugr = (TurbineUserGroupRole) userGroupRole; 151 revoke(ugr.getUser(), ugr.getGroup(), role); 152 } 153 } 154 } 155 else 156 { 157 throw new UnknownEntityException("Unknown role '" + role.getName() + "'"); 158 } 159 160 } 161 162 /** 163 * Revokes all roles and groups from a User. 164 * 165 * This method is used when deleting a User. 166 * 167 * @param user 168 * the User 169 * @throws DataBackendException 170 * if there was an error accessing the data backend. 171 * @throws UnknownEntityException 172 * if the Role is not present. 173 */ 174 @Override 175 public synchronized void revokeAll(User user) throws DataBackendException, UnknownEntityException 176 { 177 boolean userExists = false; 178 userExists = getUserManager().checkExists(user); 179 if (userExists) 180 { 181 182 Object userGroupRoles[] = ((TurbineUser) user).getUserGroupRoleSet().toArray(); 183 for (Object userGroupRole : userGroupRoles) 184 { 185 TurbineUserGroupRole ugr = (TurbineUserGroupRole) userGroupRole; 186 revoke(user, ugr.getGroup(), ugr.getRole()); 187 } 188 } 189 else 190 { 191 throw new UnknownEntityException("Unknown user '" + user.getName() + "'"); 192 } 193 } 194 195 /** 196 * Revokes all roles and users from a Group. 197 * 198 * This method is used when deleting a User. 199 * 200 * @param group 201 * the Group 202 * @throws DataBackendException 203 * if there was an error accessing the data backend. 204 * @throws UnknownEntityException 205 * if the Group is not present. 206 */ 207 @Override 208 public synchronized void revokeAll(Group group) throws DataBackendException, UnknownEntityException 209 { 210 boolean groupExists = false; 211 groupExists = getGroupManager().checkExists(group); 212 if (groupExists) 213 { 214 215 Object userGroupRoles[] = ((TurbineGroup) group).getUserGroupRoleSet().toArray(); 216 for (Object userGroupRole : userGroupRoles) 217 { 218 TurbineUserGroupRole ugr = (TurbineUserGroupRole) userGroupRole; 219 revoke(ugr.getUser(), group, ugr.getRole()); 220 } 221 } 222 else 223 { 224 throw new UnknownEntityException("Unknown group '" + group.getName() + "'"); 225 } 226 } 227 228 @Override 229 public String getGlobalGroupName() { 230 return globalGroupName; 231 } 232}