SecurityRegistrarFactoryImpl


1   /*
2    * Created on 09.07.2004
3    *
4    */
5   package com.nightlabs.ipanema.security.registry;
6   
7   import javax.jdo.JDOObjectNotFoundException;
8   import javax.jdo.PersistenceManager;
9   
10  import com.nightlabs.ModuleException;
11  import com.nightlabs.ipanema.base.IpanemaBasePrincipal;
12  import com.nightlabs.ipanema.base.PersistenceManagerProvider;
13  import com.nightlabs.ipanema.security.Authority;
14  import com.nightlabs.ipanema.security.AuthorityNotFoundException;
15  import com.nightlabs.ipanema.security.SecurityException;
16  import com.nightlabs.ipanema.security.User;
17  import com.nightlabs.ipanema.security.UserRef;
18  import com.nightlabs.ipanema.security.id.AuthorityID;
19  
20  /**
21   * @author Niklas Schiffler <nick@nightlabs.de>
22   *
23   */
24  public class SecurityRegistrarFactoryImpl implements SecurityRegistrarFactory
25  {
26      private PersistenceManagerProvider pmp;
27      public SecurityRegistrarFactoryImpl(PersistenceManagerProvider pmp)
28      {
29          this.pmp = pmp;
30      }
31      
32      public SecurityRegistrar getSecurityRegistrar(IpanemaBasePrincipal principal)
33      {
34          return new SecurityRegistrarImpl(this, principal);
35      }
36      
37      public void linkAuthority(String   organisationID, String   objectID, String   authorityID) 
38          throws ModuleException
39      {
40          PersistenceManager pm = pmp.getPersistenceManager(organisationID);
41          try
42          {
43              pm.getExtent(AuthorityLink.class, true);
44              pm.getExtent(Authority.class, true);
45              AuthorityLink al;
46              Authority auth;
47              try
48              {
49                  al = (AuthorityLink)pm.getObjectById(AuthorityLinkID.create(objectID), true);
50                  throw new IllegalStateException  ("Remove authority link for object \""+objectID+"\" first.");
51              }
52              catch(JDOObjectNotFoundException e)
53              {
54                  try
55                  {
56                      auth = (Authority)pm.getObjectById(AuthorityID.create(authorityID), true);
57                  }
58                  catch(JDOObjectNotFoundException e2)
59                  {
60                      throw new AuthorityNotFoundException();
61                  }
62                  al = new AuthorityLink(objectID, auth);
63                  pm.makePersistent(al);
64              }
65          }
66          finally
67          {
68              pm.close();
69          }
70      }
71  
72      public void unlinkAuthority(String   organisationID, String   objectID, String   authorityID)
73          throws ModuleException
74      {
75              PersistenceManager pm = pmp.getPersistenceManager(organisationID);
76              try
77              {
78                  pm.getExtent(AuthorityLink.class, true);
79                  AuthorityLink al;
80                  try
81                  {
82                      al = (AuthorityLink)pm.getObjectById(AuthorityLinkID.create(objectID), true);
83                      pm.deletePersistent(al);
84                  }
85                  catch(JDOObjectNotFoundException e)
86                  {
87                      // already deleted, don't complain
88                  }
89              }
90              finally
91              {
92                  pm.close();
93              }
94      }
95  
96      public void assertAuthorised(String   organisationID, String   userID, String   objectID, String   roleID)
97          throws ModuleException
98      {
99          checkAuthorisation(organisationID, userID, objectID, roleID, true);
100     }
101     
102     public boolean isAuthorised(String   organisationID, String   userID, String   objectID, String   roleID)
103         throws ModuleException
104     {
105         return checkAuthorisation(organisationID, userID, objectID, roleID, false);
106     }
107     
108     protected boolean checkAuthorisation(String   organisationID, String   userID, String   objectID, String   roleID, boolean throwSecurityException)
109         throws ModuleException
110     {
111         boolean authorised = false;
112         PersistenceManager pm = pmp.getPersistenceManager(organisationID);
113         Authority authority = null;
114         try {
115             pm.getExtent(AuthorityLink.class, true);
116             AuthorityLink authorityLink = null;
117             try {
118                 authorityLink = (AuthorityLink)pm.getObjectById(AuthorityLinkID.create(objectID), true);
119             } catch(JDOObjectNotFoundException e) {
120                 // no authority linked to object => full access
121                 authorised = true;
122             }
123             if (authorityLink != null) {
124                 authority = authorityLink.getAuthority();
125                 UserRef userRef = authority.getUserRef(userID);
126                 if (userRef == null)
127                     userRef = authority.getUserRef(User.OTHER_USERID);
128                 if(userRef != null)
129                     authorised = userRef.containsRoleRef(roleID);
130             }
131         } finally   {
132             pm.close();
133         }
134 
135         if (throwSecurityException && !authorised) {
136             if (authority == null)
137                 throw new NullPointerException  ("authority should never be null here!");
138             throw new SecurityException  ("In the organisation \"" + organisationID + "\", the user \"" + userID + "\" does not have the necessary role \"" + roleID + "\" to access the object \"" + objectID + "\", which is assigned to the authority \"" + authority.getAuthorityID() + "\"!");
139         }
140 
141         return authorised;
142     }
143 }
144
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags