KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > fulcrum > security > impl > db > DBSecurityService


1 package org.apache.fulcrum.security.impl.db;
2
3 /* ====================================================================
4  * The Apache Software License, Version 1.1
5  *
6  * Copyright (c) 2001 The Apache Software Foundation. All rights
7  * reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  *
13  * 1. Redistributions of source code must retain the above copyright
14  * notice, this list of conditions and the following disclaimer.
15  *
16  * 2. Redistributions in binary form must reproduce the above copyright
17  * notice, this list of conditions and the following disclaimer in
18  * the documentation and/or other materials provided with the
19  * distribution.
20  *
21  * 3. The end-user documentation included with the redistribution,
22  * if any, must include the following acknowledgment:
23  * "This product includes software developed by the
24  * Apache Software Foundation (http://www.apache.org/)."
25  * Alternately, this acknowledgment may appear in the software itself,
26  * if and wherever such third-party acknowledgments normally appear.
27  *
28  * 4. The names "Apache" and "Apache Software Foundation" and
29  * "Apache Turbine" must not be used to endorse or promote products
30  * derived from this software without prior written permission. For
31  * written permission, please contact apache@apache.org.
32  *
33  * 5. Products derived from this software may not be called "Apache",
34  * "Apache Turbine", nor may "Apache" appear in their name, without
35  * prior written permission of the Apache Software Foundation.
36  *
37  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40  * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48  * SUCH DAMAGE.
49  * ====================================================================
50  *
51  * This software consists of voluntary contributions made by many
52  * individuals on behalf of the Apache Software Foundation. For more
53  * information on the Apache Software Foundation, please see
54  * <http://www.apache.org/>.
55  */
56
57 import java.math.BigDecimal JavaDoc;
58 import java.util.ArrayList JavaDoc;
59 import java.util.Hashtable JavaDoc;
60 import java.util.Iterator JavaDoc;
61 import java.util.List JavaDoc;
62
63 import org.apache.fulcrum.security.BaseSecurityService;
64 import org.apache.fulcrum.security.TurbineSecurity;
65 import org.apache.fulcrum.security.entity.Group;
66 import org.apache.fulcrum.security.entity.Permission;
67 import org.apache.fulcrum.security.entity.Role;
68 import org.apache.fulcrum.security.entity.SecurityEntity;
69 import org.apache.fulcrum.security.entity.User;
70 import org.apache.fulcrum.security.impl.db.entity.TurbineGroup;
71 import org.apache.fulcrum.security.impl.db.entity.TurbineGroupPeer;
72 import org.apache.fulcrum.security.impl.db.entity.TurbinePermission;
73 import org.apache.fulcrum.security.impl.db.entity.TurbinePermissionPeer;
74 import org.apache.fulcrum.security.impl.db.entity.TurbineRole;
75 import org.apache.fulcrum.security.impl.db.entity.TurbineRolePeer;
76 import org.apache.fulcrum.security.impl.db.entity.TurbineRolePermissionPeer;
77 import org.apache.fulcrum.security.impl.db.entity.TurbineUserGroupRolePeer;
78 import org.apache.fulcrum.security.impl.db.entity.UserPeer;
79 import org.apache.fulcrum.security.util.AccessControlList;
80 import org.apache.fulcrum.security.util.DataBackendException;
81 import org.apache.fulcrum.security.util.EntityExistsException;
82 import org.apache.fulcrum.security.util.GroupSet;
83 import org.apache.fulcrum.security.util.PermissionSet;
84 import org.apache.fulcrum.security.util.RoleSet;
85 import org.apache.fulcrum.security.util.UnknownEntityException;
86 import org.apache.log4j.Category;
87 import org.apache.torque.om.BaseObject;
88 import org.apache.torque.om.ObjectKey;
89 import org.apache.torque.util.Criteria;
90
91 /**
92  * An implementation of SecurityService that uses a database as backend.
93  *
94  * @author <a HREF="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
95  * @author <a HREF="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
96  * @author <a HREF="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
97  * @version $Id: DBSecurityService.java,v 1.1 2004/11/12 10:26:14 epugh Exp $
98  */
99 public class DBSecurityService
100     extends BaseSecurityService
101 {
102     /**
103      * The key within services's properties for user implementation
104      * classname (user.class) - Leandro
105      */
106     public static final String JavaDoc USER_PEER_CLASS_KEY = "userPeer.class";
107
108     /**
109      * The default implementation of User interface
110      * (org.apache.fulcrum.security.impl.db.entity.TurbineUserPeer)
111      */
112     public static final String JavaDoc USER_PEER_CLASS_DEFAULT =
113         "org.apache.fulcrum.security.impl.db.entity.TurbineUserPeer";
114
115     /**
116      * Log4j category
117      */
118     Category category = Category.getInstance(getClass().getName());
119
120     /*-----------------------------------------------------------------------
121       Creation of AccessControlLists
122       -----------------------------------------------------------------------*/
123
124     /**
125      * Constructs an AccessControlList for a specific user.
126      *
127      * This method creates a snapshot of the state of security information
128      * concerning this user, at the moment of invocation and stores it
129      * into an AccessControlList object.
130      *
131      * @param user the user for whom the AccessControlList are to be retrieved
132      * @throws DataBackendException if there was an error accessing the data
133      * backend.
134      * @throws UnknownEntityException if user account is not present.
135      */
136     public AccessControlList getACL( User user )
137         throws DataBackendException, UnknownEntityException
138     {
139         if (!TurbineSecurity.accountExists(user))
140         {
141             throw new UnknownEntityException("The account '" +
142                         user.getUserName() + "' does not exist");
143         }
144         try
145         {
146             Hashtable JavaDoc roles = new Hashtable JavaDoc();
147             Hashtable JavaDoc permissions = new Hashtable JavaDoc();
148             // notify the state modifiers (writers) that we want to create the
149 // snapshot.
150 lockShared();
151
152             // construct the snapshot:
153
154             // foreach group in the system
155 Iterator JavaDoc groupsIterator = getAllGroups().elements();
156             while(groupsIterator.hasNext())
157             {
158                 Group group = (Group)groupsIterator.next();
159                 // get roles of user in the group
160 RoleSet groupRoles = TurbineRolePeer.retrieveSet(user, group);
161                 // put the Set into roles(group)
162 roles.put(group, groupRoles);
163                 // collect all permissoins in this group
164 PermissionSet groupPermissions = new PermissionSet();
165                 // foreach role in Set
166 Iterator JavaDoc rolesIterator = groupRoles.elements();
167                 while(rolesIterator.hasNext())
168                 {
169                     Role role = (Role)rolesIterator.next();
170                     // get permissions of the role
171 PermissionSet rolePermissions =
172                             TurbinePermissionPeer.retrieveSet(role);
173                     groupPermissions.add(rolePermissions);
174                 }
175                 // put the Set into permissions(group)
176 permissions.put(group, groupPermissions);
177             }
178             return getAclInstance(roles, permissions);
179         }
180         catch(Exception JavaDoc e)
181         {
182             throw new DataBackendException("Failed to build ACL for user '" +
183                                     user.getUserName() + "'" , e);
184         }
185         finally
186         {
187             // notify the state modifiers that we are done creating the snapshot.
188 unlockShared();
189         }
190     }
191
192     /*-----------------------------------------------------------------------
193       Security management
194       -----------------------------------------------------------------------*/
195
196     /**
197      * Grant an User a Role in a Group.
198      *
199      * @param User the user.
200      * @param Group the group.
201      * @param Role the role.
202      * @throws DataBackendException if there was an error accessing the data
203      * backend.
204      * @throws UnknownEntityException if user account, group or role is not
205      * present.
206      */
207     public synchronized void grant( User user, Group group, Role role )
208         throws DataBackendException, UnknownEntityException
209     {
210         boolean userExists = false;
211         boolean groupExists = false;
212         boolean roleExists = false;
213         try
214         {
215             lockExclusive();
216             userExists=TurbineSecurity.accountExists(user);
217             groupExists=checkExists(group);
218             roleExists=checkExists(role);
219             if (userExists && groupExists && roleExists)
220             {
221                 Criteria criteria = new Criteria();
222                 criteria.add(TurbineUserGroupRolePeer.USER_ID,
223                         ((BaseObject)user).getPrimaryKey());
224                 criteria.add(TurbineUserGroupRolePeer.GROUP_ID,
225                         ((BaseObject)group).getPrimaryKey());
226                 criteria.add(TurbineUserGroupRolePeer.ROLE_ID,
227                         ((TurbineRole)role).getPrimaryKey());
228                 TurbineUserGroupRolePeer.doInsert(criteria);
229                 return;
230             }
231         }
232         catch(Exception JavaDoc e)
233         {
234             throw new DataBackendException("grant(User,Group,Role) failed", e);
235         }
236         finally
237         {
238             unlockExclusive();
239         }
240         if (!userExists)
241         {
242             throw new UnknownEntityException("Unknown user '" +
243                 user.getUserName() + "'");
244         }
245         if (!groupExists)
246         {
247             throw new UnknownEntityException("Unknown group '" +
248                 ((SecurityEntity)group).getName() + "'");
249         }
250         if (!roleExists)
251         {
252             throw new UnknownEntityException("Unknown role '" +
253                 role.getName() + "'");
254         }
255     }
256
257     /**
258      * Revoke a Role in a Group from an User.
259      *
260      * @param User the user.
261      * @param Group the group.
262      * @param Role the role.
263      * @throws DataBackendException if there was an error accessing the data
264      * backend.
265      * @throws UnknownEntityException if user account, group or role is not
266      * present.
267      */
268     public synchronized void revoke( User user, Group group, Role role )
269         throws DataBackendException, UnknownEntityException
270     {
271         boolean userExists = false;
272         boolean groupExists = false;
273         boolean roleExists = false;
274         try
275         {
276             lockExclusive();
277             userExists=TurbineSecurity.accountExists(user);
278             groupExists=checkExists(group);
279             roleExists=checkExists(role);
280             if (userExists && groupExists && roleExists)
281             {
282                 Criteria criteria = new Criteria();
283                 criteria.add(TurbineUserGroupRolePeer.USER_ID,
284                         ((BaseObject)user).getPrimaryKey());
285                 criteria.add(TurbineUserGroupRolePeer.GROUP_ID,
286                         ((BaseObject)group).getPrimaryKey());
287                 criteria.add(TurbineUserGroupRolePeer.ROLE_ID,
288                         ((TurbineRole)role).getPrimaryKey());
289                 TurbineUserGroupRolePeer.doDelete(criteria);
290                 return;
291             }
292         }
293         catch(Exception JavaDoc e)
294         {
295             throw new DataBackendException("revoke(User,Role,Group) failed", e);
296         }
297         finally
298         {
299             unlockExclusive();
300         }
301         if (!userExists)
302         {
303             throw new UnknownEntityException("Unknown user '" +
304                     user.getUserName() + "'");
305         }
306         if (!groupExists)
307         {
308             throw new UnknownEntityException("Unknown group '" +
309                     ((SecurityEntity)group).getName() + "'");
310         }
311         if (!roleExists)
312         {
313             throw new UnknownEntityException("Unknown role '" +
314                     role.getName() + "'");
315         }
316      }
317
318     /**
319      * Revokes all roles from an User.
320      *
321      * This method is used when deleting an account.
322      *
323      * @param user the User.
324      * @throws DataBackendException if there was an error accessing the data
325      * backend.
326      * @throws UnknownEntityException if the account is not present.
327      */
328     public synchronized void revokeAll( User user )
329         throws DataBackendException, UnknownEntityException
330     {
331         boolean userExists = false;
332         try
333         {
334             lockExclusive();
335             userExists=TurbineSecurity.accountExists(user);
336             if (userExists)
337             {
338                 // The following would not work, due to an annoying misfeature
339 // of Village.
340 // Village allows only a single row to be deleted at a time.
341 // I wish that it was possible to disable this behaviour!
342
343                 // Criteria criteria = new Criteria();
344 // criteria.add(UserGroupRolePeer.USER_ID,
345 // ((BaseObject)user).getPrimaryKey());
346 // UserGroupRolePeer.doDelete(criteria);
347 ObjectKey key = ((BaseObject) user).getPrimaryKey();
348                 TurbineUserGroupRolePeer.deleteAll(
349                     TurbineUserGroupRolePeer.TABLE_NAME,
350                     TurbineUserGroupRolePeer.USER_ID,
351                     ((BigDecimal JavaDoc) key.getValue()).intValue());
352                 return;
353             }
354         }
355         catch(Exception JavaDoc e)
356         {
357             throw new DataBackendException("revokeAll(User) failed", e);
358         }
359         finally
360         {
361             unlockExclusive();
362         }
363         throw new UnknownEntityException("Unknown user '" +
364                 user.getUserName() + '\'');
365     }
366
367     /**
368      * Grants a Role a Permission
369      *
370      * @param role the Role.
371      * @param permission the Permission.
372      * @throws DataBackendException if there was an error accessing the data
373      * backend.
374      * @throws UnknownEntityException if role or permission is not present.
375      */
376     public synchronized void grant( Role role, Permission permission )
377         throws DataBackendException, UnknownEntityException
378     {
379         boolean roleExists = false;
380         boolean permissionExists = false;
381         try
382         {
383             lockExclusive();
384             roleExists=checkExists(role);
385             permissionExists=checkExists(permission);
386             if (roleExists && permissionExists)
387             {
388                 Criteria criteria = new Criteria();
389                 criteria.add(TurbineRolePermissionPeer.ROLE_ID,
390                         ((TurbineRole)role).getPrimaryKey());
391                 criteria.add(TurbineRolePermissionPeer.PERMISSION_ID,
392                         ((BaseObject)permission).getPrimaryKey());
393                 TurbineUserGroupRolePeer.doInsert(criteria);
394                 return;
395             }
396         }
397         catch(Exception JavaDoc e)
398         {
399             throw new DataBackendException("grant(Role,Permission) failed", e);
400         }
401         finally
402         {
403             unlockExclusive();
404         }
405         if (!roleExists)
406         {
407             throw new UnknownEntityException("Unknown role '" +
408                 role.getName() + "'");
409         }
410         if (!permissionExists)
411         {
412             throw new UnknownEntityException("Unknown permission '" +
413                 ((SecurityEntity)permission).getName() + "'");
414         }
415     }
416
417     /**
418      * Revokes a Permission from a Role.
419      *
420      * @param role the Role.
421      * @param permission the Permission.
422      * @throws DataBackendException if there was an error accessing the data
423      * backend.
424      * @throws UnknownEntityException if role or permission is not present.
425      */
426     public synchronized void revoke( Role role, Permission permission )
427         throws DataBackendException, UnknownEntityException
428     {
429         boolean roleExists = false;
430         boolean permissionExists = false;
431         try
432         {
433             lockExclusive();
434             roleExists=checkExists(role);
435             permissionExists=checkExists(permission);
436             if (roleExists && permissionExists)
437             {
438                 Criteria criteria = new Criteria();
439                 criteria.add(TurbineRolePermissionPeer.ROLE_ID,
440                         ((TurbineRole)role).getPrimaryKey());
441                 criteria.add(TurbineRolePermissionPeer.PERMISSION_ID,
442                         ((BaseObject)permission).getPrimaryKey());
443                 TurbineRolePermissionPeer.doDelete(criteria);
444                 return;
445             }
446         }
447         catch(Exception JavaDoc e)
448         {
449             throw new DataBackendException("revoke(Role,Permission) failed", e);
450         }
451         finally
452         {
453             unlockExclusive();
454         }
455         if (!roleExists)
456         {
457             throw new UnknownEntityException("Unknown role '" +
458                 role.getName() + "'");
459         }
460         if (!permissionExists)
461         {
462             throw new UnknownEntityException("Unknown permission '" +
463                 ((SecurityEntity)permission).getName() + "'");
464         }
465     }
466
467     /**
468      * Revokes all permissions from a Role.
469      *
470      * This method is user when deleting a Role.
471      *
472      * @param role the Role
473      * @throws DataBackendException if there was an error accessing the data
474      * backend.
475      * @throws UnknownEntityException if the Role is not present.
476      */
477     public synchronized void revokeAll( Role role )
478         throws DataBackendException, UnknownEntityException
479     {
480         boolean roleExists = false;
481         try
482         {
483             lockExclusive();
484             roleExists=checkExists(role);
485             if (roleExists)
486             {
487                 // The following would not work, due to an annoying misfeature
488 // of Village.
489 // see revokeAll( user )
490
491                 // Criteria criteria = new Criteria();
492 // criteria.add(RolePermissionPeer.ROLE_ID, role.getPrimaryKey());
493 // RolePermissionPeer.doDelete(criteria);
494
495                 ObjectKey key = ((TurbineRole)role).getPrimaryKey();
496                 TurbineRolePermissionPeer.deleteAll(
497                         TurbineRolePermissionPeer.TABLE_NAME,
498                         TurbineRolePermissionPeer.ROLE_ID,
499                         ((BigDecimal JavaDoc) key.getValue()).intValue());
500                 return;
501             }
502         }
503         catch(Exception JavaDoc e)
504         {
505             throw new DataBackendException("revokeAll(Role) failed", e);
506         }
507         finally
508         {
509             unlockExclusive();
510         }
511         throw new UnknownEntityException("Unknown role '" +
512                 role.getName() + "'");
513      }
514
515     /*-----------------------------------------------------------------------
516       Group/Role/Permission management
517       -----------------------------------------------------------------------*/
518
519     /**
520      * Retrieve a set of Groups that meet the specified Criteria.
521      *
522      * @param a Criteria of Group selection.
523      * @return a set of Groups that meet the specified Criteria.
524      */
525     public GroupSet getGroups( Criteria criteria )
526         throws DataBackendException
527     {
528         Criteria dbCriteria = new Criteria();
529         Iterator JavaDoc keys = criteria.keySet().iterator();
530         while(keys.hasNext())
531         {
532             String JavaDoc key = (String JavaDoc)keys.next();
533             dbCriteria.put(TurbineGroupPeer.getColumnName(key),
534                     criteria.get(key));
535         }
536         List JavaDoc groups = new ArrayList JavaDoc(0);
537         try
538         {
539             groups = TurbineGroupPeer.doSelect(criteria);
540         }
541         catch(Exception JavaDoc e)
542         {
543             throw new DataBackendException("getGroups(Criteria) failed", e);
544         }
545         return new GroupSet(groups);
546     }
547
548     /**
549      * Retrieve a set of Roles that meet the specified Criteria.
550      *
551      * @param a Criteria of Roles selection.
552      * @return a set of Roles that meet the specified Criteria.
553      */
554     public RoleSet getRoles( Criteria criteria )
555         throws DataBackendException
556     {
557         Criteria dbCriteria = new Criteria();
558         Iterator JavaDoc keys = criteria.keySet().iterator();
559         while(keys.hasNext())
560         {
561             String JavaDoc key = (String JavaDoc)keys.next();
562             dbCriteria.put(TurbineRolePeer.getColumnName(key),
563                     criteria.get(key));
564         }
565         List JavaDoc roles = new ArrayList JavaDoc(0);
566         try
567         {
568             roles = TurbineRolePeer.doSelect(criteria);
569         }
570         catch(Exception JavaDoc e)
571         {
572             throw new DataBackendException("getRoles(Criteria) failed", e);
573         }
574         return new RoleSet(roles);
575     }
576
577     /**
578      * Retrieve a set of Permissions that meet the specified Criteria.
579      *
580      * @param a Criteria of Permissions selection.
581      * @return a set of Permissions that meet the specified Criteria.
582      */
583     public PermissionSet getPermissions( Criteria criteria )
584         throws DataBackendException
585     {
586         Criteria dbCriteria = new Criteria();
587         Iterator JavaDoc keys = criteria.keySet().iterator();
588         while(keys.hasNext())
589         {
590             String JavaDoc key = (String JavaDoc)keys.next();
591             dbCriteria.put(TurbinePermissionPeer.getColumnName(key),
592                     criteria.get(key));
593         }
594         List JavaDoc permissions = new ArrayList JavaDoc(0);
595         try
596         {
597             permissions = TurbinePermissionPeer.doSelect(criteria);
598         }
599         catch(Exception JavaDoc e)
600         {
601             throw new DataBackendException("getPermissions(Criteria) failed", e);
602         }
603         return new PermissionSet(permissions);
604     }
605
606     /**
607      * Retrieves all permissions associated with a role.
608      *
609      * @param role the role name, for which the permissions are to be retrieved.
610      * @throws DataBackendException if there was an error accessing the data
611      * backend.
612      * @throws UnknownEntityException if the role is not present.
613      */
614     public PermissionSet getPermissions( Role role )
615         throws DataBackendException, UnknownEntityException
616     {
617         boolean roleExists = false;
618         try
619         {
620             lockShared();
621             roleExists = checkExists(role);
622             if (roleExists)
623             {
624                 return TurbinePermissionPeer.retrieveSet(role);
625             }
626         }
627         catch(Exception JavaDoc e)
628         {
629             throw new DataBackendException("getPermissions(Role) failed", e);
630         }
631         finally
632         {
633             unlockShared();
634         }
635         throw new UnknownEntityException("Unknown role '" +
636             role.getName() + "'");
637     }
638
639     /**
640      * Stores Group's attributes. The Groups is required to exist in the system.
641      *
642      * @param group The Group to be stored.
643      * @throws DataBackendException if there was an error accessing the data
644      * backend.
645      * @throws UnknownEntityException if the group does not exist.
646      */
647     public void saveGroup( Group group )
648         throws DataBackendException, UnknownEntityException
649     {
650         boolean groupExists = false;
651         try
652         {
653             groupExists = checkExists(group);
654             if (groupExists)
655             {
656                 Criteria criteria = TurbineGroupPeer
657                     .buildCriteria((TurbineGroup)group);
658                 TurbineGroupPeer.doUpdate(criteria);
659                 return;
660             }
661         }
662         catch(Exception JavaDoc e)
663         {
664             throw new DataBackendException("saveGroup(Group) failed" ,e);
665         }
666         throw new UnknownEntityException("Unknown group '" + group + "'");
667     }
668
669     /**
670      * Stores Role's attributes. The Roles is required to exist in the system.
671      *
672      * @param role The Role to be stored.
673      * @throws DataBackendException if there was an error accessing the data
674      * backend.
675      * @throws UnknownEntityException if the role does not exist.
676      */
677     public void saveRole( Role role )
678         throws DataBackendException, UnknownEntityException
679     {
680         boolean roleExists = false;
681         try
682         {
683             roleExists = checkExists(role);
684             if (roleExists)
685             {
686                 Criteria criteria = TurbineRolePeer
687                     .buildCriteria((TurbineRole)role);
688                 TurbineRolePeer.doUpdate(criteria);
689                 return;
690             }
691         }
692         catch(Exception JavaDoc e)
693         {
694             throw new DataBackendException("saveRole(Role) failed", e);
695         }
696         throw new UnknownEntityException("Unknown role '" + role + "'");
697     }
698
699     /**
700      * Stores Permission's attributes. The Permissions is required to exist in
701      * the system.
702      *
703      * @param permission The Permission to be stored.
704      * @throws DataBackendException if there was an error accessing the data
705      * backend.
706      * @throws UnknownEntityException if the permission does not exist.
707      */
708     public void savePermission( Permission permission )
709         throws DataBackendException, UnknownEntityException
710     {
711         boolean permissionExists = false;
712         try
713         {
714             permissionExists = checkExists(permission);
715             if (permissionExists)
716             {
717                 Criteria criteria = TurbinePermissionPeer
718                     .buildCriteria((TurbinePermission)permission);
719                 TurbinePermissionPeer.doUpdate(criteria);
720                 return;
721             }
722         }
723         catch(Exception JavaDoc e)
724         {
725             throw new DataBackendException("savePermission(Permission) failed", e);
726         }
727         throw new UnknownEntityException("Unknown permission '" + permission + "'");
728     }
729
730     /**
731      * @deprecated Use getGroupInstance(String name) instead.
732      */
733     public Group getNewGroup( String JavaDoc groupName )
734     {
735         try
736         {
737             return getGroupInstance(groupName);
738         }
739         catch(UnknownEntityException uee)
740         {
741             return null;
742         }
743     }
744
745     /**
746      * @deprecated Use getRoleInstance(String name) instead.
747      */
748     public Role getNewRole( String JavaDoc roleName )
749     {
750         try
751         {
752             return getRoleInstance(roleName);
753         }
754         catch(UnknownEntityException uee)
755         {
756             return null;
757         }
758     }
759
760     /**
761      * @deprecated Use getPermissionInstance(String name) instead.
762      */
763     public Permission getNewPermission( String JavaDoc permissionName )
764     {
765         try
766         {
767             return getPermissionInstance(permissionName);
768         }
769         catch(UnknownEntityException uee)
770         {
771             return null;
772         }
773     }
774
775     /**
776      * Creates a new group with specified attributes.
777      *
778      * @param group the object describing the group to be created.
779      * @return a new Group object that has id set up properly.
780      * @throws DataBackendException if there was an error accessing the data
781      * backend.
782      * @throws EntityExistsException if the group already exists.
783      */
784     public synchronized Group addGroup( Group group )
785         throws DataBackendException, EntityExistsException
786     {
787         boolean groupExists = false;
788         try
789         {
790             lockExclusive();
791             groupExists = checkExists(group);
792             if (!groupExists)
793             {
794                 // add a row to the table
795 Criteria criteria = TurbineGroupPeer
796                     .buildCriteria((TurbineGroup)group);
797                 TurbineGroupPeer.doInsert(criteria);
798                 // try to get the object back using the name as key.
799 criteria = new Criteria();
800                 criteria.add(TurbineGroupPeer.NAME,
801                         ((SecurityEntity)group).getName());
802                 List JavaDoc results = TurbineGroupPeer.doSelect(criteria);
803                 if (results.size() != 1)
804                 {
805                     throw new DataBackendException(
806                         "Internal error - query returned " +
807                         results.size() + " rows");
808                 }
809                 Group newGroup = (Group)results.get(0);
810                 // add the group to system-wide cache
811 getAllGroups().add(newGroup);
812                 // return the object with correct id
813 return newGroup;
814             }
815         }
816         catch(Exception JavaDoc e)
817         {
818             throw new DataBackendException("addGroup(Group) failed", e);
819         }
820         finally
821         {
822             unlockExclusive();
823         }
824         // the only way we could get here without return/throw tirggered
825 // is that the groupExists was true.
826 throw new EntityExistsException("Group '" + group +
827             "' already exists");
828     }
829
830     /**
831      * Creates a new role with specified attributes.
832      *
833      * @param role the object describing the role to be created.
834      * @return a new Role object that has id set up properly.
835      * @throws DataBackendException if there was an error accessing the data
836      * backend.
837      * @throws EntityExistsException if the role already exists.
838      */
839     public synchronized Role addRole( Role role )
840         throws DataBackendException, EntityExistsException
841     {
842         boolean roleExists = false;
843         try
844         {
845             lockExclusive();
846             roleExists = checkExists(role);
847             if (!roleExists)
848             {
849                 // add a row to the table
850 Criteria criteria = TurbineRolePeer
851                     .buildCriteria((TurbineRole)role);
852                 TurbineRolePeer.doInsert(criteria);
853                 // try to get the object back using the name as key.
854 criteria = new Criteria();
855                 criteria.add(TurbineRolePeer.NAME, role.getName());
856                 List JavaDoc results = TurbineRolePeer.doSelect(criteria);
857                 if (results.size() != 1)
858                 {
859                     throw new DataBackendException(
860                         "Internal error - query returned " +
861                         results.size() + " rows");
862                 }
863                 Role newRole = (Role)results.get(0);
864                 // add the role to system-wide cache
865 getAllRoles().add(newRole);
866                 // return the object with correct id
867 return newRole;
868             }
869         }
870         catch(Exception JavaDoc e)
871         {
872             throw new DataBackendException("addRole(Role) failed", e);
873         }
874         finally
875         {
876             unlockExclusive();
877         }
878         // the only way we could get here without return/throw tirggered
879 // is that the roleExists was true.
880 throw new EntityExistsException("Role '" + role + "' already exists");
881     }
882
883     /**
884      * Creates a new permission with specified attributes.
885      *
886      * @param permission the object describing the permission to be created.
887      * @return a new Permission object that has id set up properly.
888      * @throws DataBackendException if there was an error accessing the data
889      * backend.
890      * @throws EntityExistsException if the permission already exists.
891      */
892     public synchronized Permission addPermission( Permission permission )
893         throws DataBackendException, EntityExistsException
894     {
895         boolean permissionExists = false;
896         try
897         {
898             lockExclusive();
899             permissionExists = checkExists(permission);
900             if (!permissionExists)
901             {
902                 // add a row to the table
903 Criteria criteria = TurbinePermissionPeer
904                     .buildCriteria((TurbinePermission)permission);
905                 TurbinePermissionPeer.doInsert(criteria);
906                 // try to get the object back using the name as key.
907 criteria = new Criteria();
908                 criteria.add(TurbinePermissionPeer.NAME,
909                     ((SecurityEntity)permission).getName());
910                 List JavaDoc results = TurbinePermissionPeer.doSelect(criteria);
911                 if (results.size() != 1)
912                 {
913                     throw new DataBackendException(
914                         "Internal error - query returned " +
915                         results.size() + " rows");
916                 }
917                 Permission newPermission = (Permission)results.get(0);
918                 // add the permission to system-wide cache
919 getAllPermissions().add(newPermission);
920                 // return the object with correct id
921 return newPermission;
922             }
923         }
924         catch(Exception JavaDoc e)
925         {
926             throw new DataBackendException("addPermission(Permission) failed", e);
927         }
928         finally
929         {
930             unlockExclusive();
931         }
932         // the only way we could get here without return/throw tirggered
933 // is that the permissionExists was true.
934 throw new EntityExistsException("Permission '" + permission +
935             "' already exists");
936     }
937
938     /**
939      * Removes a Group from the system.
940      *
941      * @param the object describing group to be removed.
942      * @throws DataBackendException if there was an error accessing the data
943      * backend.
944      * @throws UnknownEntityException if the group does not exist.
945      */
946     public synchronized void removeGroup( Group group )
947         throws DataBackendException, UnknownEntityException
948     {
949         boolean groupExists = false;
950         try
951         {
952             lockExclusive();
953             groupExists = checkExists(group);
954             if (groupExists)
955             {
956                 Criteria criteria = TurbineGroupPeer
957                     .buildCriteria((TurbineGroup)group);
958                 TurbineGroupPeer.doDelete(criteria);
959                 getAllGroups().remove(group);
960                 return;
961             }
962         }
963         catch(Exception JavaDoc e)
964         {
965             category.error("Failed to delete a Group");
966             category.error(e);
967             throw new DataBackendException("removeGroup(Group) failed", e);
968         }
969         finally
970         {
971             unlockExclusive();
972         }
973         throw new UnknownEntityException("Unknown group '" + group + "'");
974     }
975
976     /**
977      * Removes a Role from the system.
978      *
979      * @param the object describing role to be removed.
980      * @throws DataBackendException if there was an error accessing the data
981      * backend.
982      * @throws UnknownEntityException if the role does not exist.
983      */
984     public synchronized void removeRole( Role role )
985         throws DataBackendException, UnknownEntityException
986     {
987         boolean roleExists = false;
988         try
989         {
990             lockExclusive();
991             roleExists = checkExists(role);
992             if (roleExists)
993             {
994                 // revoke all permissions from the role to be deleted
995 revokeAll(role);
996                 Criteria criteria = TurbineRolePeer
997                     .buildCriteria((TurbineRole)role);
998                 TurbineRolePeer.doDelete(criteria);
999                 getAllRoles().remove(role);
1000                return;
1001            }
1002        }
1003        catch(Exception JavaDoc e)
1004        {
1005            throw new DataBackendException("removeRole(Role)" ,e);
1006        }
1007        finally
1008        {
1009            unlockExclusive();
1010        }
1011        throw new UnknownEntityException("Unknown role '" + role + "'");
1012    }
1013
1014    /**
1015     * Removes a Permission from the system.
1016     *
1017     * @param the object describing permission to be removed.
1018     * @throws DataBackendException if there was an error accessing the data
1019     * backend.
1020     * @throws UnknownEntityException if the permission does not exist.
1021     */
1022    public synchronized void removePermission( Permission permission )
1023        throws DataBackendException, UnknownEntityException
1024    {
1025        boolean permissionExists = false;
1026        try
1027        {
1028            lockExclusive();
1029            permissionExists = checkExists(permission);
1030            if (permissionExists)
1031            {
1032                Criteria criteria = TurbinePermissionPeer
1033                    .buildCriteria((TurbinePermission)permission);
1034                TurbinePermissionPeer.doDelete(criteria);
1035                getAllPermissions().remove(permission);
1036                return;
1037            }
1038        }
1039        catch(Exception JavaDoc e)
1040        {
1041            throw new DataBackendException("removePermission(Permission)" ,e);
1042        }
1043        finally
1044        {
1045            unlockExclusive();
1046        }
1047        throw new UnknownEntityException("Unknown permission '" +
1048            permission + "'");
1049    }
1050
1051    /**
1052     * Renames an existing Group.
1053     *
1054     * @param the object describing the group to be renamed.
1055     * @param name the new name for the group.
1056     * @throws DataBackendException if there was an error accessing the data
1057     * backend.
1058     * @throws UnknownEntityException if the group does not exist.
1059     */
1060    public synchronized void renameGroup( Group group, String JavaDoc name )
1061        throws DataBackendException, UnknownEntityException
1062    {
1063        boolean groupExists = false;
1064        try
1065        {
1066            lockExclusive();
1067            groupExists = checkExists(group);
1068            if (groupExists)
1069            {
1070                ((SecurityEntity)group).setName(name);
1071                Criteria criteria = TurbineGroupPeer
1072                    .buildCriteria((TurbineGroup)group);
1073                TurbineGroupPeer.doUpdate(criteria);
1074                return;
1075            }
1076        }
1077        catch(Exception JavaDoc e)
1078        {
1079            throw new DataBackendException("renameGroup(Group,String)" ,e);
1080        }
1081        finally
1082        {
1083            unlockExclusive();
1084        }
1085        throw new UnknownEntityException("Unknown group '" + group + "'");
1086    }
1087
1088    /**
1089     * Renames an existing Role.
1090     *
1091     * @param the object describing the role to be renamed.
1092     * @param name the new name for the role.
1093     * @throws DataBackendException if there was an error accessing the data
1094     * backend.
1095     * @throws UnknownEntityException if the role does not exist.
1096     */
1097    public synchronized void renameRole( Role role, String JavaDoc name )
1098        throws DataBackendException, UnknownEntityException
1099    {
1100        boolean roleExists = false;
1101        try
1102        {
1103            lockExclusive();
1104            roleExists = checkExists(role);
1105            if (roleExists)
1106            {
1107                role.setName(name);
1108                Criteria criteria = TurbineRolePeer
1109                    .buildCriteria((TurbineRole)role);
1110                TurbineRolePeer.doUpdate(criteria);
1111                return;
1112            }
1113        }
1114        catch(Exception JavaDoc e)
1115        {
1116            throw new DataBackendException("renameRole(Role,String)" ,e);
1117        }
1118        finally
1119        {
1120            unlockExclusive();
1121        }
1122        throw new UnknownEntityException("Unknown role '" + role + "'");
1123    }
1124
1125    /**
1126     * Renames an existing Permission.
1127     *
1128     * @param the object describing the permission to be renamed.
1129     * @param name the new name for the permission.
1130     * @throws DataBackendException if there was an error accessing the data
1131     * backend.
1132     * @throws UnknownEntityException if the permission does not exist.
1133     */
1134    public synchronized void renamePermission(Permission permission, String JavaDoc name)
1135        throws DataBackendException, UnknownEntityException
1136    {
1137        boolean permissionExists = false;
1138        try
1139        {
1140            lockExclusive();
1141            permissionExists = checkExists(permission);
1142            if (permissionExists)
1143            {
1144                ((SecurityEntity)permission).setName(name);
1145                Criteria criteria = TurbinePermissionPeer
1146                    .buildCriteria((TurbinePermission)permission);
1147                TurbinePermissionPeer.doUpdate(criteria);
1148                return;
1149            }
1150        }
1151        catch(Exception JavaDoc e)
1152        {
1153            throw new DataBackendException("renamePermission(Permission,name)", e);
1154        }
1155        finally
1156        {
1157            unlockExclusive();
1158        }
1159        throw new UnknownEntityException("Unknown permission '" +
1160            permission + "'");
1161    }
1162
1163    /** Service specific implementation methods */
1164
1165    /**
1166     * Returns the Class object for the implementation of UserPeer interface
1167     * used by the system (defined in TR.properties)
1168     *
1169     * @return the implementation of UserPeer interface used by the system.
1170     * @throws UnknownEntityException if the system's implementation of UserPeer
1171     * interface could not be determined.
1172     */
1173    public Class JavaDoc getUserPeerClass()
1174        throws UnknownEntityException
1175    {
1176        String JavaDoc userPeerClassName = getConfiguration().getString(
1177            USER_PEER_CLASS_KEY, USER_PEER_CLASS_DEFAULT);
1178
1179        try
1180        {
1181            return Class.forName(userPeerClassName);
1182        }
1183        catch(Exception JavaDoc e)
1184        {
1185            throw new UnknownEntityException(
1186                "Failed create a Class object for UserPeer implementation", e);
1187        }
1188    }
1189
1190    /**
1191     * Construct a UserPeer object.
1192     *
1193     * This method calls getUserPeerClass, and then creates a new object using
1194     * the default constructor.
1195     *
1196     * @return an object implementing UserPeer interface.
1197     * @throws UnknownEntityException if the object could not be instantiated.
1198     */
1199    public UserPeer getUserPeerInstance() throws UnknownEntityException
1200    {
1201        UserPeer up;
1202        try
1203        {
1204            up = (UserPeer)getUserPeerClass().newInstance();
1205        }
1206        catch(Exception JavaDoc e)
1207        {
1208            throw new UnknownEntityException(
1209                "Failed instantiate an UserPeer implementation object", e);
1210        }
1211        return up;
1212    }
1213
1214
1215    /**
1216     * Determines if the <code>Group</code> exists in the security system.
1217     *
1218     * @param group a <code>Group</code> value
1219     * @return true if the group exists in the system, false otherwise
1220     * @throws DataBackendException when more than one Group with
1221     * the same name exists.
1222     * @throws Exception, a generic exception.
1223     */
1224    protected boolean checkExists(Group group)
1225        throws DataBackendException, Exception JavaDoc
1226    {
1227        return TurbineGroupPeer.checkExists(group);
1228    }
1229
1230    /**
1231     * Determines if the <code>Role</code> exists in the security system.
1232     *
1233     * @param role a <code>Role</code> value
1234     * @return true if the role exists in the system, false otherwise
1235     * @throws DataBackendException when more than one Role with
1236     * the same name exists.
1237     * @throws Exception, a generic exception.
1238     */
1239    protected boolean checkExists(Role role)
1240        throws DataBackendException, Exception JavaDoc
1241    {
1242        return TurbineRolePeer.checkExists(role);
1243    }
1244
1245    /**
1246     * Determines if the <code>Permission</code> exists in the security system.
1247     *
1248     * @param permission a <code>Permission</code> value
1249     * @return true if the permission exists in the system, false otherwise
1250     * @throws DataBackendException when more than one Permission with
1251     * the same name exists.
1252     * @throws Exception, a generic exception.
1253     */
1254    protected boolean checkExists(Permission permission)
1255        throws DataBackendException, Exception JavaDoc
1256    {
1257        return TurbinePermissionPeer.checkExists(permission);
1258    }
1259
1260}
1261
Popular Tags