1 package org.apache.turbine.services.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import java.util.List;
23
24 import org.apache.torque.util.Criteria;
25
26 import org.apache.turbine.om.security.Group;
27 import org.apache.turbine.om.security.Permission;
28 import org.apache.turbine.om.security.Role;
29 import org.apache.turbine.om.security.User;
30 import org.apache.turbine.services.TurbineServices;
31 import org.apache.turbine.util.security.AccessControlList;
32 import org.apache.turbine.util.security.DataBackendException;
33 import org.apache.turbine.util.security.EntityExistsException;
34 import org.apache.turbine.util.security.GroupSet;
35 import org.apache.turbine.util.security.PasswordMismatchException;
36 import org.apache.turbine.util.security.PermissionSet;
37 import org.apache.turbine.util.security.RoleSet;
38 import org.apache.turbine.util.security.TurbineSecurityException;
39 import org.apache.turbine.util.security.UnknownEntityException;
40
41 /***
42 * This is a Facade class for SecurityService.
43 *
44 * This class provides static methods that call related methods of the
45 * implementation of SecurityService used by the System, according to
46 * the settings in TurbineResources.
47 * <br>
48 *
49 * <a name="global">
50 * <p> Certain Roles that the Users may have in the system may are not related
51 * to any specific resource nor entity. They are assigned within a special group
52 * named 'global' that can be referenced in the code as
53 * {@link org.apache.turbine.om.security.Group#GLOBAL_GROUP_NAME}.
54 *
55 * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
56 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
57 * @version $Id: TurbineSecurity.java 571795 2007-09-01 13:09:35Z tv $
58 */
59 public abstract class TurbineSecurity
60 {
61 /***
62 * Retrieves an implementation of SecurityService, base on the settings in
63 * TurbineResources.
64 *
65 * @return an implementation of SecurityService.
66 */
67 public static SecurityService getService()
68 {
69 return (SecurityService) TurbineServices.getInstance().
70 getService(SecurityService.SERVICE_NAME);
71 }
72
73
74
75
76
77 /***
78 * This method provides client-side encryption of passwords.
79 *
80 * This is an utility method that is used by other classes to maintain
81 * a consistent approach to encrypting password. The behavior of the
82 * method can be configured in service's properties.
83 *
84 * @param password the password to process
85 * @return processed password
86 */
87 public static String encryptPassword(String password)
88 {
89 return getService().encryptPassword(password);
90 }
91
92 /***
93 * This method provides client-side encryption of passwords.
94 *
95 * This is an utility method that is used by other classes to maintain
96 * a consistent approach to encrypting password. The behavior of the
97 * method can be configured in service's properties.
98 *
99 * @param password the password to process
100 * @param salt the supplied salt to encrypt the password
101 * @return processed password
102 */
103 public static String encryptPassword(String password, String salt)
104 {
105 return getService().encryptPassword(password, salt);
106 }
107
108 /***
109 * Checks if a supplied password matches the encrypted password
110 *
111 * @param checkpw The clear text password supplied by the user
112 * @param encpw The current, encrypted password
113 *
114 * @return true if the password matches, else false
115 *
116 */
117
118 public static boolean checkPassword(String checkpw, String encpw)
119 {
120 return getService().checkPassword(checkpw, encpw);
121 }
122
123
124
125
126
127 /***
128 * Returns the Class object for the implementation of User interface
129 * used by the system.
130 *
131 * @return the implementation of User interface used by the system.
132 * @throws UnknownEntityException if the system's implementation of User
133 * interface could not be determined.
134 */
135 public static Class getUserClass()
136 throws UnknownEntityException
137 {
138 return getService().getUserClass();
139 }
140
141 /***
142 * Returns the Class object for the implementation of Group interface
143 * used by the system.
144 *
145 * @return the implementation of Group interface used by the system.
146 * @throws UnknownEntityException if the system's implementation of Group
147 * interface could not be determined.
148 */
149 public static Class getGroupClass()
150 throws UnknownEntityException
151 {
152 return getService().getGroupClass();
153 }
154
155 /***
156 * Returns the Class object for the implementation of Permission interface
157 * used by the system.
158 *
159 * @return the implementation of Permission interface used by the system.
160 * @throws UnknownEntityException if the system's implementation of Permission
161 * interface could not be determined.
162 */
163 public static Class getPermissionClass()
164 throws UnknownEntityException
165 {
166 return getService().getPermissionClass();
167 }
168
169 /***
170 * Returns the Class object for the implementation of Role interface
171 * used by the system.
172 *
173 * @return the implementation of Role interface used by the system.
174 * @throws UnknownEntityException if the system's implementation of Role
175 * interface could not be determined.
176 */
177 public static Class getRoleClass()
178 throws UnknownEntityException
179 {
180 return getService().getRoleClass();
181 }
182
183 /***
184 * Construct a blank User object.
185 *
186 * This method calls getUserClass, and then creates a new object using
187 * the default constructor.
188 *
189 * @return an object implementing User interface.
190 * @throws UnknownEntityException if the object could not be instantiated.
191 */
192 public static User getUserInstance()
193 throws UnknownEntityException
194 {
195 return getService().getUserInstance();
196 }
197
198 /***
199 * Returns the configured UserManager.
200 *
201 * @return An UserManager object
202 */
203 public static UserManager getUserManager()
204 {
205 return getService().getUserManager();
206 }
207
208 /***
209 * Configure a new user Manager.
210 *
211 * @param userManager An UserManager object
212 */
213 public void setUserManager(UserManager userManager)
214 {
215 getService().setUserManager(userManager);
216 }
217
218 /***
219 * Check whether a specified user's account exists.
220 *
221 * The login name is used for looking up the account.
222 *
223 * @param user The user to be checked.
224 * @return true if the specified account exists
225 * @throws DataBackendException if there was an error accessing the data
226 * backend.
227 */
228 public static boolean accountExists(User user)
229 throws DataBackendException
230 {
231 return getService().accountExists(user);
232 }
233
234 /***
235 * Check whether a specified user's account exists.
236 *
237 * The login name is used for looking up the account.
238 *
239 * @param userName The name of the user to be checked.
240 * @return true if the specified account exists
241 * @throws DataBackendException if there was an error accessing the data
242 * backend.
243 */
244 public static boolean accountExists(String userName)
245 throws DataBackendException
246 {
247 return getService().accountExists(userName);
248 }
249
250 /***
251 * Authenticates an user, and constructs an User object to represent
252 * him/her.
253 *
254 * @param username The user name.
255 * @param password The user password.
256 * @return An authenticated Turbine User.
257 * @throws DataBackendException if there was an error accessing the data
258 * backend.
259 * @throws UnknownEntityException if user account is not present.
260 * @throws PasswordMismatchException if the supplied password was incorrect.
261 */
262 public static User getAuthenticatedUser(String username, String password)
263 throws DataBackendException, UnknownEntityException,
264 PasswordMismatchException
265 {
266 return getService().getAuthenticatedUser(username, password);
267 }
268
269 /***
270 * Constructs an User object to represent a registered user of the
271 * application.
272 *
273 * @param username The user name.
274 * @return A Turbine User.
275 * @throws DataBackendException if there was an error accessing the data
276 * backend.
277 * @throws UnknownEntityException if user account is not present.
278 */
279 public static User getUser(String username)
280 throws DataBackendException, UnknownEntityException
281 {
282 return getService().getUser(username);
283 }
284
285 /***
286 * Retrieve a set of users that meet the specified criteria.
287 *
288 * As the keys for the criteria, you should use the constants that
289 * are defined in {@link User} interface, plus the names
290 * of the custom attributes you added to your user representation
291 * in the data storage. Use verbatim names of the attributes -
292 * without table name prefix in case of DB implementation.
293 *
294 * @param criteria The criteria of selection.
295 * @return a List of users meeting the criteria.
296 * @throws DataBackendException if there is a problem accessing the
297 * storage.
298 * @deprecated use getUserList() instead
299 */
300 public static User[] getUsers(Criteria criteria)
301 throws DataBackendException
302 {
303 return (User[])getService().getUserList(criteria).toArray();
304 }
305
306 /***
307 * Retrieve a set of users that meet the specified criteria.
308 *
309 * As the keys for the criteria, you should use the constants that
310 * are defined in {@link User} interface, plus the names
311 * of the custom attributes you added to your user representation
312 * in the data storage. Use verbatim names of the attributes -
313 * without table name prefix in case of DB implementation.
314 *
315 * @param criteria The criteria of selection.
316 * @return a List of users meeting the criteria.
317 * @throws DataBackendException if there is a problem accessing the
318 * storage.
319 */
320 public static List getUserList(Criteria criteria)
321 throws DataBackendException
322 {
323 return getService().getUserList(criteria);
324 }
325
326 /***
327 * Constructs an User object to represent an anonymous user of the
328 * application.
329 *
330 * @return An anonymous Turbine User.
331 * @throws UnknownEntityException if the anonymous User object couldn't be
332 * constructed.
333 */
334 public static User getAnonymousUser()
335 throws UnknownEntityException
336 {
337 return getService().getAnonymousUser();
338 }
339
340 /***
341 * Checks whether a passed user object matches the anonymous user pattern
342 * according to the configured service
343 *
344 * @param user A user object
345 * @return True if this is an anonymous user
346 */
347 public static boolean isAnonymousUser(User user)
348 {
349 return getService().isAnonymousUser(user);
350 }
351
352 /***
353 * Saves User's data in the permanent storage. The user account is required
354 * to exist in the storage.
355 *
356 * @param user The User object to save.
357 * @throws UnknownEntityException if the user's account does not
358 * exist in the database.
359 * @throws DataBackendException if there is a problem accessing the
360 * storage.
361 */
362 public static void saveUser(User user)
363 throws UnknownEntityException, DataBackendException
364 {
365 getService().saveUser(user);
366 }
367
368 /***
369 * Saves User data when the session is unbound. The user account is required
370 * to exist in the storage.
371 *
372 * LastLogin, AccessCounter, persistent pull tools, and any data stored
373 * in the permData hashtable that is not mapped to a column will be saved.
374 *
375 * @exception UnknownEntityException if the user's account does not
376 * exist in the database.
377 * @exception DataBackendException if there is a problem accessing the
378 * storage.
379 */
380 public static void saveOnSessionUnbind(User user)
381 throws UnknownEntityException, DataBackendException
382 {
383 getService().saveOnSessionUnbind(user);
384 }
385
386 /***
387 * Change the password for an User.
388 *
389 * @param user an User to change password for.
390 * @param oldPassword the current password supplied by the user.
391 * @param newPassword the current password requested by the user.
392 * @throws PasswordMismatchException if the supplied password was
393 * incorrect.
394 * @throws UnknownEntityException if the user's record does not
395 * exist in the database.
396 * @throws DataBackendException if there is a problem accessing the
397 * storage.
398 */
399 public static void changePassword(User user, String oldPassword,
400 String newPassword)
401 throws PasswordMismatchException, UnknownEntityException,
402 DataBackendException
403 {
404 getService().changePassword(user, oldPassword, newPassword);
405 }
406
407 /***
408 * Forcibly sets new password for an User.
409 *
410 * This is supposed by the administrator to change the forgotten or
411 * compromised passwords. Certain implementatations of this feature
412 * would require administrative level access to the authenticating
413 * server / program.
414 *
415 * @param user an User to change password for.
416 * @param password the new password.
417 * @throws UnknownEntityException if the user's record does not
418 * exist in the database.
419 * @throws DataBackendException if there is a problem accessing the
420 * storage.
421 */
422 public static void forcePassword(User user, String password)
423 throws UnknownEntityException, DataBackendException
424 {
425 getService().forcePassword(user, password);
426 }
427
428
429
430
431
432 /***
433 * Constructs an AccessControlList for a specific user.
434 *
435 * @param user the user for whom the AccessControlList are to be retrieved
436 * @return The AccessControList object constructed from the user object.
437 * @throws DataBackendException if there was an error accessing the data
438 * backend.
439 * @throws UnknownEntityException if user account is not present.
440 */
441 public static AccessControlList getACL(User user)
442 throws DataBackendException, UnknownEntityException
443 {
444 return getService().getACL(user);
445 }
446
447
448
449
450
451 /***
452 * Grant an User a Role in a Group.
453 *
454 * @param user the user.
455 * @param group the group.
456 * @param role the role.
457 * @throws DataBackendException if there was an error accessing the data
458 * backend.
459 * @throws UnknownEntityException if user account, group or role is not
460 * present.
461 */
462 public static void grant(User user, Group group, Role role)
463 throws DataBackendException, UnknownEntityException
464 {
465 getService().grant(user, group, role);
466 }
467
468 /***
469 * Revoke a Role in a Group from an User.
470 *
471 * @param user the user.
472 * @param group the group.
473 * @param role the role.
474 * @throws DataBackendException if there was an error accessing the data
475 * backend.
476 * @throws UnknownEntityException if user account, group or role is not
477 * present.
478 */
479 public static void revoke(User user, Group group, Role role)
480 throws DataBackendException, UnknownEntityException
481 {
482 getService().revoke(user, group, role);
483 }
484
485 /***
486 * Revokes all roles from an User.
487 *
488 * This method is used when deleting an account.
489 *
490 * @param user the User.
491 * @throws DataBackendException if there was an error accessing the data
492 * backend.
493 * @throws UnknownEntityException if the account is not present.
494 */
495 public static void revokeAll(User user)
496 throws DataBackendException, UnknownEntityException
497 {
498 getService().revokeAll(user);
499 }
500
501 /***
502 * Grants a Role a Permission
503 *
504 * @param role the Role.
505 * @param permission the Permission.
506 * @throws DataBackendException if there was an error accessing the data
507 * backend.
508 * @throws UnknownEntityException if role or permission is not present.
509 */
510 public static void grant(Role role, Permission permission)
511 throws DataBackendException, UnknownEntityException
512 {
513 getService().grant(role, permission);
514 }
515
516 /***
517 * Revokes a Permission from a Role.
518 *
519 * @param role the Role.
520 * @param permission the Permission.
521 * @throws DataBackendException if there was an error accessing the data
522 * backend.
523 * @throws UnknownEntityException if role or permission is not present.
524 */
525 public static void revoke(Role role, Permission permission)
526 throws DataBackendException, UnknownEntityException
527 {
528 getService().revoke(role, permission);
529 }
530
531 /***
532 * Revokes all permissions from a Role.
533 *
534 * This method is user when deleting a Role.
535 *
536 * @param role the Role
537 * @throws DataBackendException if there was an error accessing the data
538 * backend.
539 * @throws UnknownEntityException if the Role is not present.
540 */
541 public static void revokeAll(Role role)
542 throws DataBackendException, UnknownEntityException
543 {
544 getService().revokeAll(role);
545 }
546
547
548
549
550
551 /***
552 * Creates new user account with specified attributes.
553 *
554 * <strong>TODO</strong> throw more specific exception<br>
555 *
556 * @param user the object describing account to be created.
557 * @param password password for the new user
558 * @throws DataBackendException if there was an error accessing the data
559 * backend.
560 * @throws EntityExistsException if the user account already exists.
561 */
562 public static void addUser(User user, String password)
563 throws DataBackendException, EntityExistsException
564 {
565 getService().addUser(user, password);
566 }
567
568 /***
569 * Removes an user account from the system.
570 *
571 * <strong>TODO</strong> throw more specific exception<br>
572 *
573 * @param user the object describing the account to be removed.
574 * @throws DataBackendException if there was an error accessing the data
575 * backend.
576 * @throws UnknownEntityException if the user account is not present.
577 */
578 public static void removeUser(User user)
579 throws DataBackendException, UnknownEntityException
580 {
581 getService().removeUser(user);
582 }
583
584
585
586
587 /***
588 * Provides a reference to the Group object that represents the
589 * <a name="global">global group</a>.
590 *
591 * @return a Group object that represents the global group.
592 */
593 public static Group getGlobalGroup()
594 {
595 return getService().getGlobalGroup();
596 }
597
598 /***
599 * Creates a new Group in the system. This is a convenience
600 * method.
601 *
602 * @param name The name of the new Group.
603 * @return An object representing the new Group.
604 * @throws TurbineSecurityException if the Group could not be created.
605 */
606 public static Group createGroup(String name)
607 throws TurbineSecurityException
608 {
609 return getService().addGroup(getGroupInstance(name));
610 }
611
612 /***
613 * Creates a new Permission in the system. This is a convenience
614 * method.
615 *
616 * @param name The name of the new Permission.
617 * @return An object representing the new Permission.
618 * @throws TurbineSecurityException if the Permission could not be created.
619 */
620 public static Permission createPermission(String name)
621 throws TurbineSecurityException
622 {
623 return getService().addPermission(getPermissionInstance(name));
624 }
625
626 /***
627 * Creates a new Role in the system. This is a convenience
628 * method.
629 *
630 * @param name The name of the Role.
631 *
632 * @return An object representing the new Role.
633 *
634 * @throws TurbineSecurityException if the Role could not be created.
635 */
636 public static Role createRole(String name)
637 throws TurbineSecurityException
638 {
639 return getService().addRole(getRoleInstance(name));
640 }
641
642 /***
643 * Retrieve a Group object with specified name.
644 *
645 * @param groupName The name of the Group to be retrieved.
646 * @return an object representing the Group with specified name.
647 * @throws DataBackendException if there was an error accessing the data
648 * backend.
649 * @throws UnknownEntityException if the Group is not present.
650 * @deprecated Use <a href="#getGroupByName">getGroupByName</a> instead.
651 */
652 public static Group getGroup(String groupName)
653 throws DataBackendException, UnknownEntityException
654 {
655 return getService().getGroup(groupName);
656 }
657
658 /***
659 * Retrieve a Group object with specified name.
660 *
661 * @param groupName The name of the Group to be retrieved.
662 * @return an object representing the Group with specified name.
663 * @throws DataBackendException if there was an error accessing the data
664 * backend.
665 * @throws UnknownEntityException if the Group is not present.
666 */
667 public static Group getGroupByName(String groupName)
668 throws DataBackendException, UnknownEntityException
669 {
670 return getService().getGroupByName(groupName);
671 }
672
673 /***
674 * Retrieve a Group object with specified Id.
675 *
676 * @param name the name of the Group.
677 *
678 * @return an object representing the Group with specified name.
679 *
680 * @exception UnknownEntityException if the permission does not
681 * exist in the database.
682 * @exception DataBackendException if there is a problem accessing the
683 * storage.
684 */
685 public static Group getGroupById(int groupId)
686 throws DataBackendException,
687 UnknownEntityException
688 {
689 return getService().getGroupById(groupId);
690 }
691
692 /***
693 * Construct a blank Group object.
694 *
695 * This method calls getGroupClass, and then creates a new object using
696 * the default constructor.
697 *
698 * @param groupName The name of the Group
699 *
700 * @return an object implementing Group interface.
701 *
702 * @throws UnknownEntityException if the object could not be instantiated.
703 */
704 public static Group getGroupInstance(String groupName)
705 throws UnknownEntityException
706 {
707 return getService().getGroupInstance(groupName);
708 }
709
710 /***
711 * Retrieves a named Group. If the Group does not exist, it creates
712 * a new Group based on the Services Group implementation. It is ok
713 * to pass in null or "" here and then use Group.setName() at a later
714 * point.
715 *
716 * @param groupName The name of the Group to be retrieved.
717 * @return an object representing the Group with specified name.
718 * @throws DataBackendException if there was an error accessing the data
719 * backend.
720 * @deprecated Use getGroupInstance(String name) instead.
721 */
722 public static Group getNewGroup(String groupName)
723 throws DataBackendException
724 {
725 return getService().getNewGroup(groupName);
726 }
727
728 /***
729 * Construct a blank Role object.
730 *
731 * This method calls getRoleClass, and then creates a new object using
732 * the default constructor.
733 *
734 * @param roleName The name of the role.
735 *
736 * @return an object implementing Role interface.
737 *
738 * @throws UnknownEntityException if the object could not be instantiated.
739 */
740 public static Role getRoleInstance(String roleName)
741 throws UnknownEntityException
742 {
743 return getService().getRoleInstance(roleName);
744 }
745
746 /***
747 * Retrieves a named Role. If the Role does not exist, it creates a new Role
748 * based on the Services Role implementation.
749 * It is ok to pass in null or "" here and then use Role.setName() at
750 * a later point.
751 *
752 * @param roleName The name of the Role to be retrieved.
753 * @return an object representing the Role with specified name.
754 * @throws TurbineSecurityException if the Role could not be retrieved
755 * @deprecated Use getRoleInstance(String name) instead.
756 */
757 public static Role getNewRole(String roleName)
758 throws TurbineSecurityException
759 {
760 return getService().getNewRole(roleName);
761 }
762
763 /***
764 * Construct a blank Permission object.
765 *
766 * This method calls getPermissionClass, and then creates a new object using
767 * the default constructor.
768 *
769 * @param permName The name of the permission.
770 *
771 * @return an object implementing Permission interface.
772 * @throws UnknownEntityException if the object could not be instantiated.
773 */
774 public static Permission getPermissionInstance(String permName)
775 throws UnknownEntityException
776 {
777 return getService().getPermissionInstance(permName);
778 }
779
780 /***
781 * Retrieves a named Permission. If the Permission does not exist, it
782 * creates a new Permission based on the Services Permission implementation.
783 * It is ok to pass in null or "" here and then use Permission.setName() at
784 * a later point.
785 *
786 * @param permissionName The name of the Permission to be retrieved.
787 * @return an object representing the Permission with specified name.
788 * @throws DataBackendException if there was an error accessing the data
789 * backend.
790 * @deprecated Use getPermissionInstance(String name) instead.
791 */
792 public static Permission getNewPermission(String permissionName)
793 throws DataBackendException
794 {
795 return getService().getNewPermission(permissionName);
796 }
797
798 /***
799 * Retrieve a Role object with specified name.
800 *
801 * @param roleName The name of the Role to be retrieved.
802 * @return an object representing the Role with specified name.
803 * @throws DataBackendException if there was an error accessing the data
804 * backend.
805 * @throws UnknownEntityException if the Role is not present.
806 * @deprecated Use <a href="#getRoleByName">getRoleByName</a> instead.
807 */
808 public static Role getRole(String roleName)
809 throws DataBackendException, UnknownEntityException
810 {
811 return getService().getRole(roleName);
812 }
813
814 /***
815 * Retrieve a Role object with specified name.
816 *
817 * @param roleName The name of the Role to be retrieved.
818 * @return an object representing the Role with specified name.
819 * @throws DataBackendException if there was an error accessing the data
820 * backend.
821 * @throws UnknownEntityException if the Role is not present.
822 */
823 public static Role getRoleByName(String roleName)
824 throws DataBackendException, UnknownEntityException
825 {
826 return getService().getRoleByName(roleName);
827 }
828
829 /***
830 * Retrieve a Role object with specified Id.
831 *
832 * @param name the name of the Role.
833 *
834 * @return an object representing the Role with specified name.
835 *
836 * @exception UnknownEntityException if the permission does not
837 * exist in the database.
838 * @exception DataBackendException if there is a problem accessing the
839 * storage.
840 */
841 public static Role getRoleById(int roleId)
842 throws DataBackendException,
843 UnknownEntityException
844 {
845 return getService().getRoleById(roleId);
846 }
847
848 /***
849 * Retrieve a Permission object with specified name.
850 *
851 * @param permissionName The name of the Permission to be retrieved.
852 * @return an object representing the Permission with specified name.
853 * @throws DataBackendException if there was an error accessing the data
854 * backend.
855 * @throws UnknownEntityException if the Permission is not present.
856 * @deprecated Use <a href="#getPermissionByName">getPermissionByName</a> instead.
857 */
858 public static Permission getPermission(String permissionName)
859 throws DataBackendException, UnknownEntityException
860 {
861 return getService().getPermission(permissionName);
862 }
863
864 /***
865 * Retrieve a Permission object with specified name.
866 *
867 * @param permissionName The name of the Permission to be retrieved.
868 * @return an object representing the Permission with specified name.
869 * @throws DataBackendException if there was an error accessing the data
870 * backend.
871 * @throws UnknownEntityException if the Permission is not present.
872 */
873 public static Permission getPermissionByName(String permissionName)
874 throws DataBackendException, UnknownEntityException
875 {
876 return getService().getPermissionByName(permissionName);
877 }
878
879 /***
880 * Retrieve a Permission object with specified Id.
881 *
882 * @param name the name of the Permission.
883 *
884 * @return an object representing the Permission with specified name.
885 *
886 * @exception UnknownEntityException if the permission does not
887 * exist in the database.
888 * @exception DataBackendException if there is a problem accessing the
889 * storage.
890 */
891 public static Permission getPermissionById(int permissionId)
892 throws DataBackendException,
893 UnknownEntityException
894 {
895 return getService().getPermissionById(permissionId);
896 }
897
898 /***
899 * Retrieve a set of Groups that meet the specified Criteria.
900 *
901 * @param criteria A Criteria of Group selection.
902 * @return a set of Groups that meet the specified Criteria.
903 * @throws DataBackendException if there was an error accessing the data
904 * backend.
905 */
906 public static GroupSet getGroups(Criteria criteria)
907 throws DataBackendException
908 {
909 return getService().getGroups(criteria);
910 }
911
912 /***
913 * Retrieve a set of Roles that meet the specified Criteria.
914 *
915 * @param criteria a Criteria of Roles selection.
916 * @return a set of Roles that meet the specified Criteria.
917 * @throws DataBackendException if there was an error accessing the data
918 * backend.
919 */
920 public static RoleSet getRoles(Criteria criteria)
921 throws DataBackendException
922 {
923 return getService().getRoles(criteria);
924 }
925
926 /***
927 * Retrieve a set of Permissions that meet the specified Criteria.
928 *
929 * @param criteria a Criteria of Permissions selection.
930 * @return a set of Permissions that meet the specified Criteria.
931 * @throws DataBackendException if there was an error accessing the data
932 * backend.
933 */
934 public static PermissionSet getPermissions(Criteria criteria)
935 throws DataBackendException
936 {
937 return getService().getPermissions(criteria);
938 }
939
940 /***
941 * Retrieves all groups defined in the system.
942 *
943 * @return the names of all groups defined in the system.
944 * @throws DataBackendException if there was an error accessing the data
945 * backend.
946 */
947 public static GroupSet getAllGroups()
948 throws DataBackendException
949 {
950 return getService().getAllGroups();
951 }
952
953 /***
954 * Retrieves all roles defined in the system.
955 *
956 * @return the names of all roles defined in the system.
957 * @throws DataBackendException if there was an error accessing the data
958 * backend.
959 */
960 public static RoleSet getAllRoles()
961 throws DataBackendException
962 {
963 return getService().getAllRoles();
964 }
965
966 /***
967 * Retrieves all permissions defined in the system.
968 *
969 * @return the names of all roles defined in the system.
970 * @throws DataBackendException if there was an error accessing the data
971 * backend.
972 */
973 public static PermissionSet getAllPermissions()
974 throws DataBackendException
975 {
976 return getService().getAllPermissions();
977 }
978
979 /***
980 * Retrieves all permissions associated with a role.
981 *
982 * @param role the role name, for which the permissions are to be retrieved.
983 * @return the Permissions for the specified role
984 * @throws DataBackendException if there was an error accessing the data
985 * backend.
986 * @throws UnknownEntityException if the role is not present.
987 */
988 public static PermissionSet getPermissions(Role role)
989 throws DataBackendException, UnknownEntityException
990 {
991 return getService().getPermissions(role);
992 }
993
994 /***
995 * Stores Group's attributes. The Groups is required to exist in the system.
996 *
997 * @param group The Group to be stored.
998 * @throws DataBackendException if there was an error accessing the data
999 * backend.
1000 * @throws UnknownEntityException if the group does not exist.
1001 */
1002 public static void saveGroup(Group group)
1003 throws DataBackendException, UnknownEntityException
1004 {
1005 getService().saveGroup(group);
1006 }
1007
1008 /***
1009 * Stores Role's attributes. The Roles is required to exist in the system.
1010 *
1011 * @param role The Role to be stored.
1012 * @throws DataBackendException if there was an error accessing the data
1013 * backend.
1014 * @throws UnknownEntityException if the role does not exist.
1015 */
1016 public static void saveRole(Role role)
1017 throws DataBackendException, UnknownEntityException
1018 {
1019 getService().saveRole(role);
1020 }
1021
1022 /***
1023 * Stores Permission's attributes. The Permissions is required to exist in
1024 * the system.
1025 *
1026 * @param permission The Permission to be stored.
1027 * @throws DataBackendException if there was an error accessing the data
1028 * backend.
1029 * @throws UnknownEntityException if the permission does not exist.
1030 */
1031 public static void savePermission(Permission permission)
1032 throws DataBackendException, UnknownEntityException
1033 {
1034 getService().savePermission(permission);
1035 }
1036
1037 /***
1038 * Creates a new group with specified attributes.
1039 *
1040 * @param group the object describing the group to be created.
1041 * @throws DataBackendException if there was an error accessing the data
1042 * backend.
1043 * @throws EntityExistsException if the group already exists.
1044 */
1045 public static void addGroup(Group group)
1046 throws DataBackendException, EntityExistsException
1047 {
1048 getService().addGroup(group);
1049 }
1050
1051 /***
1052 * Creates a new role with specified attributes.
1053 *
1054 * @param role the objects describing the role to be created.
1055 * @throws DataBackendException if there was an error accessing the data
1056 * backend.
1057 * @throws EntityExistsException if the role already exists.
1058 */
1059 public static void addRole(Role role)
1060 throws DataBackendException, EntityExistsException
1061 {
1062 getService().addRole(role);
1063 }
1064
1065 /***
1066 * Creates a new permission with specified attributes.
1067 *
1068 * @param permission the objects describing the permission to be created.
1069 * @throws DataBackendException if there was an error accessing the data
1070 * backend.
1071 * @throws EntityExistsException if the permission already exists.
1072 */
1073 public static void addPermission(Permission permission)
1074 throws DataBackendException, EntityExistsException
1075 {
1076 getService().addPermission(permission);
1077 }
1078
1079 /***
1080 * Removes a Group from the system.
1081 *
1082 * @param group the object describing group to be removed.
1083 * @throws DataBackendException if there was an error accessing the data
1084 * backend.
1085 * @throws UnknownEntityException if the group does not exist.
1086 */
1087 public static void removeGroup(Group group)
1088 throws DataBackendException, UnknownEntityException
1089 {
1090 getService().removeGroup(group);
1091 }
1092
1093 /***
1094 * Removes a Role from the system.
1095 *
1096 * @param role The object describing the role to be removed.
1097 * @throws DataBackendException if there was an error accessing the data backend.
1098 * @throws UnknownEntityException if the role does not exist.
1099 */
1100 public static void removeRole(Role role)
1101 throws DataBackendException, UnknownEntityException
1102 {
1103 getService().removeRole(role);
1104 }
1105
1106 /***
1107 * Removes a Permission from the system.
1108 *
1109 * @param permission The object describing the permission to be removed.
1110 * @throws DataBackendException if there was an error accessing the data
1111 * backend.
1112 * @throws UnknownEntityException if the permission does not exist.
1113 */
1114 public static void removePermission(Permission permission)
1115 throws DataBackendException, UnknownEntityException
1116 {
1117 getService().removePermission(permission);
1118 }
1119
1120 /***
1121 * Renames an existing Group.
1122 *
1123 * @param group The object describing the group to be renamed.
1124 * @param name the new name for the group.
1125 * @throws DataBackendException if there was an error accessing the data
1126 * backend.
1127 * @throws UnknownEntityException if the group does not exist.
1128 */
1129 public static void renameGroup(Group group, String name)
1130 throws DataBackendException, UnknownEntityException
1131 {
1132 getService().renameGroup(group, name);
1133 }
1134
1135 /***
1136 * Renames an existing Role.
1137 *
1138 * @param role The object describing the role to be renamed.
1139 * @param name the new name for the role.
1140 * @throws DataBackendException if there was an error accessing the data
1141 * backend.
1142 * @throws UnknownEntityException if the role does not exist.
1143 */
1144 public static void renameRole(Role role, String name)
1145 throws DataBackendException, UnknownEntityException
1146 {
1147 getService().renameRole(role, name);
1148 }
1149
1150 /***
1151 * Renames an existing Permission.
1152 *
1153 * @param permission The object describing the permission to be renamed.
1154 * @param name the new name for the permission.
1155 * @throws DataBackendException if there was an error accessing the data
1156 * backend.
1157 * @throws UnknownEntityException if the permission does not exist.
1158 */
1159 public static void renamePermission(Permission permission, String name)
1160 throws DataBackendException, UnknownEntityException
1161 {
1162 getService().renamePermission(permission, name);
1163 }
1164 }