package org.apache.fulcrum.security.model.turbine;
   
   /*
    * Licensed to the Apache Software Foundation (ASF) under one
    * or more contributor license agreements.  See the NOTICE file
    * distributed with this work for additional information
    * regarding copyright ownership.  The ASF licenses this file
    * to you under the Apache License, Version 2.0 (the
    * "License"); you may not use this file except in compliance
   * with the License.  You may obtain a copy of the License at
   *
   *   http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing,
   * software distributed under the License is distributed on an
   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   * KIND, either express or implied.  See the License for the
   * specific language governing permissions and limitations
   * under the License.
   */
  import java.util.Set;
  
  import org.apache.avalon.framework.service.ServiceException;
  import org.apache.fulcrum.security.GroupManager;
  import org.apache.fulcrum.security.ModelManager;
  import org.apache.fulcrum.security.RoleManager;
  import org.apache.fulcrum.security.acl.AccessControlList;
  import org.apache.fulcrum.security.entity.Group;
  import org.apache.fulcrum.security.entity.User;
  import org.apache.fulcrum.security.model.ACLFactory;
  import org.apache.fulcrum.security.model.turbine.entity.TurbineUser;
  import org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRole;
  import org.apache.fulcrum.security.spi.AbstractManager;
  import org.apache.fulcrum.security.util.DataBackendException;
  import org.apache.fulcrum.security.util.EntityExistsException;
  import org.apache.fulcrum.security.util.FulcrumSecurityException;
  import org.apache.fulcrum.security.util.UnknownEntityException;
  
  /**
   *
   * This factory creates instance of the TurbineAccessControlList
   *
   * @author <a href="mailto:tv@apache.org">Thomas Vandahl</a>
   * @version $Id: DynamicACLFactory.java 1374616 2012-08-18 17:26:07Z tv $
   */
  public class TurbineACLFactory extends AbstractManager implements ACLFactory
  {
  	
      private TurbineModelManager modelManager;
      
      /**
       * @return A model manager
       * @throws DataBackendException generic exception
       */
      protected TurbineModelManager getTurbineModelManager() throws DataBackendException
      {
          if (modelManager == null)
          {
              try
              {
              	modelManager = (TurbineModelManager) manager.lookup(ModelManager.ROLE);
  
              }
              catch (ServiceException ce)
              {
                  throw new DataBackendException(ce.getMessage(), ce);
              }
          }
          return modelManager;
      }
  	
      /* (non-Javadoc)
       * @see org.apache.fulcrum.security.model.ACLFactory#getAccessControlList(org.apache.fulcrum.security.entity.User)
       */
      @Override
      public <T extends AccessControlList> T getAccessControlList(User user)
      {
          try
          {
              TurbineUser./../../../../../org/apache/fulcrum/security/model/turbine/entity/TurbineUser.html#TurbineUser">TurbineUser tu = (TurbineUser)user;
              Set<TurbineUserGroupRole> tugr = tu.getUserGroupRoleSet();
              
              @SuppressWarnings("unchecked")
  			T aclInstance = (T) getAclInstance(tugr);
  			return aclInstance;
          }
          catch (UnknownEntityException uue)
          {
              throw new RuntimeException(uue.getMessage(), uue);
          }
          catch ( DataBackendException e )
          {
              throw new RuntimeException(e.getMessage(), e);
          }
      }
  
      /**
       * Construct a new ACL object.
       *
      * This constructs a new ACL object from the configured class and
      * initializes it with the supplied roles and permissions.
      *
      * @param turbineUserGroupRoleSet
      *            The set of user/group/role relations that this acl is built from
      *
      * @return an object implementing ACL interface.
      * @throws UnknownEntityException
      *             if the object could not be instantiated.
      */
     private TurbineAccessControlList getAclInstance(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet) throws UnknownEntityException
     {
     	GroupManager groupManager = null;
         RoleManager roleManager = null;
         TurbineModelManager modelManager = null;
 
     	try
     	{
     	    roleManager = getRoleManager();
 			groupManager = getGroupManager();
 			modelManager = getTurbineModelManager();
 
 	        // make sure the global group exists
 	        if (groupManager != null)
 	        {
 	            Group g = null;
 	            try
 	            {
 	                g = groupManager.getGroupByName(modelManager.getGlobalGroupName());
 	            }
 	            catch (UnknownEntityException uee)
 	            {
 	                g = groupManager.getGroupInstance(modelManager.getGlobalGroupName());
 	                try
 	                {
 	                    groupManager.addGroup(g);
 	                }
 	                catch (EntityExistsException eee)
 	                {
 	                    throw new DataBackendException(eee.getMessage(), eee);
 	                }
 	            }
 	        }
     	}
     	catch (DataBackendException e)
     	{
     		// ignore
 		}
 
     	TurbineAccessControlList accessControlList;
         try
         {
             accessControlList =
                 new TurbineAccessControlListImpl(turbineUserGroupRoleSet,
                         groupManager, roleManager, modelManager, getLogger());
         }
         catch (FulcrumSecurityException e)
         {
             throw new UnknownEntityException("Failed to instantiate an ACL implementation object", e);
         }
         return accessControlList;
     }
     
 }