1 package org.apache.fulcrum.security.model.dynamic;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 import java.util.HashMap;
22 import java.util.HashSet;
23 import java.util.Map;
24 import java.util.Set;
25
26 import org.apache.fulcrum.security.acl.AccessControlList;
27 import org.apache.fulcrum.security.entity.Group;
28 import org.apache.fulcrum.security.entity.Role;
29 import org.apache.fulcrum.security.entity.User;
30 import org.apache.fulcrum.security.model.ACLFactory;
31 import org.apache.fulcrum.security.model.dynamic.entity.DynamicGroup;
32 import org.apache.fulcrum.security.model.dynamic.entity.DynamicRole;
33 import org.apache.fulcrum.security.model.dynamic.entity.DynamicUser;
34 import org.apache.fulcrum.security.spi.AbstractManager;
35 import org.apache.fulcrum.security.util.PermissionSet;
36 import org.apache.fulcrum.security.util.RoleSet;
37 import org.apache.fulcrum.security.util.UnknownEntityException;
38
39
40
41
42
43
44
45
46
47 public class DynamicACLFactory extends AbstractManager implements ACLFactory
48 {
49
50
51
52 public <T extends AccessControlList> T getAccessControlList(User user)
53 {
54 Map<Group, RoleSet> roleSets = new HashMap<Group, RoleSet>();
55 Map<Role, PermissionSet> permissionSets = new HashMap<Role, PermissionSet>();
56
57 Set<DynamicUser> users = new HashSet<DynamicUser>();
58
59
60 users.add((DynamicUser) user);
61 addDelegators((DynamicUser) user, users);
62
63 for (DynamicUser aUser : users)
64 {
65 addRolesAndPermissions(aUser, roleSets, permissionSets);
66 }
67
68 try
69 {
70 @SuppressWarnings("unchecked")
71 T aclInstance = (T) getAclInstance(roleSets, permissionSets);
72 return aclInstance;
73 }
74 catch (UnknownEntityException uue)
75 {
76 throw new RuntimeException(uue.getMessage(), uue);
77 }
78 }
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95 private DynamicAccessControlList getAclInstance(Map<? extends Group, ? extends RoleSet> roles,
96 Map<? extends Role, ? extends PermissionSet> permissions) throws UnknownEntityException
97 {
98 DynamicAccessControlList accessControlList;
99 try
100 {
101 accessControlList = new DynamicAccessControlListImpl(roles, permissions);
102 }
103 catch (Exception e)
104 {
105 throw new UnknownEntityException("Failed to instantiate an ACL implementation object", e);
106 }
107 return accessControlList;
108 }
109
110
111
112
113
114
115
116
117
118 public <T extends DynamicUser> void addDelegators(DynamicUser user, Set<T> users)
119 {
120 for (User u : user.getDelegators())
121 {
122 @SuppressWarnings("unchecked")
123 T delegatorUser = (T) u;
124
125 if (users.add(delegatorUser))
126 {
127
128 addDelegators(delegatorUser, users);
129 }
130 }
131 }
132
133
134
135
136
137
138
139
140
141
142 private void addRolesAndPermissions(User user, Map<Group, RoleSet> roleSets, Map<Role, PermissionSet> permissionSets)
143 {
144 for (Group group : ((DynamicUser) user).getGroups())
145 {
146 RoleSet roleSet = ((DynamicGroup) group).getRoles();
147 roleSets.put(group, roleSet);
148 for (Role r : roleSet)
149 {
150 DynamicRole../../../../../org/apache/fulcrum/security/model/dynamic/entity/DynamicRole.html#DynamicRole">DynamicRole role = (DynamicRole) r;
151 permissionSets.put(role, role.getPermissions());
152 }
153 }
154 }
155 }