001package org.apache.fulcrum.security.model.turbine; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021import java.util.Set; 022 023import org.apache.avalon.framework.service.ServiceException; 024import org.apache.fulcrum.security.GroupManager; 025import org.apache.fulcrum.security.ModelManager; 026import org.apache.fulcrum.security.RoleManager; 027import org.apache.fulcrum.security.acl.AccessControlList; 028import org.apache.fulcrum.security.entity.Group; 029import org.apache.fulcrum.security.entity.User; 030import org.apache.fulcrum.security.model.ACLFactory; 031import org.apache.fulcrum.security.model.turbine.entity.TurbineUser; 032import org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRole; 033import org.apache.fulcrum.security.spi.AbstractManager; 034import org.apache.fulcrum.security.util.DataBackendException; 035import org.apache.fulcrum.security.util.EntityExistsException; 036import org.apache.fulcrum.security.util.FulcrumSecurityException; 037import org.apache.fulcrum.security.util.UnknownEntityException; 038 039/** 040 * 041 * This factory creates instance of the TurbineAccessControlList 042 * 043 * @author <a href="mailto:tv@apache.org">Thomas Vandahl</a> 044 * @version $Id: DynamicACLFactory.java 1374616 2012-08-18 17:26:07Z tv $ 045 */ 046public class TurbineACLFactory extends AbstractManager implements ACLFactory 047{ 048 049 private TurbineModelManager modelManager; 050 051 /** 052 * @return A model manager 053 * @throws DataBackendException generic exception 054 */ 055 protected TurbineModelManager getTurbineModelManager() throws DataBackendException 056 { 057 if (modelManager == null) 058 { 059 try 060 { 061 modelManager = (TurbineModelManager) manager.lookup(ModelManager.ROLE); 062 063 } 064 catch (ServiceException ce) 065 { 066 throw new DataBackendException(ce.getMessage(), ce); 067 } 068 } 069 return modelManager; 070 } 071 072 /* (non-Javadoc) 073 * @see org.apache.fulcrum.security.model.ACLFactory#getAccessControlList(org.apache.fulcrum.security.entity.User) 074 */ 075 @Override 076 public <T extends AccessControlList> T getAccessControlList(User user) 077 { 078 try 079 { 080 TurbineUser tu = (TurbineUser)user; 081 Set<TurbineUserGroupRole> tugr = tu.getUserGroupRoleSet(); 082 083 @SuppressWarnings("unchecked") 084 T aclInstance = (T) getAclInstance(tugr); 085 return aclInstance; 086 } 087 catch (UnknownEntityException uue) 088 { 089 throw new RuntimeException(uue.getMessage(), uue); 090 } 091 catch ( DataBackendException e ) 092 { 093 throw new RuntimeException(e.getMessage(), e); 094 } 095 } 096 097 /** 098 * Construct a new ACL object. 099 * 100 * This constructs a new ACL object from the configured class and 101 * initializes it with the supplied roles and permissions. 102 * 103 * @param turbineUserGroupRoleSet 104 * The set of user/group/role relations that this acl is built from 105 * 106 * @return an object implementing ACL interface. 107 * @throws UnknownEntityException 108 * if the object could not be instantiated. 109 */ 110 private TurbineAccessControlList getAclInstance(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet) throws UnknownEntityException 111 { 112 GroupManager groupManager = null; 113 RoleManager roleManager = null; 114 TurbineModelManager modelManager = null; 115 116 try 117 { 118 roleManager = getRoleManager(); 119 groupManager = getGroupManager(); 120 modelManager = getTurbineModelManager(); 121 122 // make sure the global group exists 123 if (groupManager != null) 124 { 125 Group g = null; 126 try 127 { 128 g = groupManager.getGroupByName(modelManager.getGlobalGroupName()); 129 } 130 catch (UnknownEntityException uee) 131 { 132 g = groupManager.getGroupInstance(modelManager.getGlobalGroupName()); 133 try 134 { 135 groupManager.addGroup(g); 136 } 137 catch (EntityExistsException eee) 138 { 139 throw new DataBackendException(eee.getMessage(), eee); 140 } 141 } 142 } 143 } 144 catch (DataBackendException e) 145 { 146 // ignore 147 } 148 149 TurbineAccessControlList accessControlList; 150 try 151 { 152 accessControlList = 153 new TurbineAccessControlListImpl(turbineUserGroupRoleSet, 154 groupManager, roleManager, modelManager, getLogger()); 155 } 156 catch (FulcrumSecurityException e) 157 { 158 throw new UnknownEntityException("Failed to instantiate an ACL implementation object", e); 159 } 160 return accessControlList; 161 } 162 163}