KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > tigris > scarab > tools > SecurityAdminTool


1 package org.tigris.scarab.tools;
2
3 /* ================================================================
4  * Copyright (c) 2000-2002 CollabNet. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions are
8  * met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  * notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  * notice, this list of conditions and the following disclaimer in the
15  * documentation and/or other materials provided with the distribution.
16  *
17  * 3. The end-user documentation included with the redistribution, if
18  * any, must include the following acknowlegement: "This product includes
19  * software developed by Collab.Net <http://www.Collab.Net/>."
20  * Alternately, this acknowlegement may appear in the software itself, if
21  * and wherever such third-party acknowlegements normally appear.
22  *
23  * 4. The hosted project names must not be used to endorse or promote
24  * products derived from this software without prior written
25  * permission. For written permission, please contact info@collab.net.
26  *
27  * 5. Products derived from this software may not use the "Tigris" or
28  * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without
29  * prior written permission of Collab.Net.
30  *
31  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
32  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
33  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
34  * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
35  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
37  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
38  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
39  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
40  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
41  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42  *
43  * ====================================================================
44  *
45  * This software consists of voluntary contributions made by many
46  * individuals on behalf of Collab.Net.
47  */
48
49 import java.util.ArrayList JavaDoc;
50 import java.util.List JavaDoc;
51 import java.util.LinkedList JavaDoc;
52 import java.util.Iterator JavaDoc;
53 import java.io.Serializable JavaDoc;
54
55 import org.apache.fulcrum.security.TurbineSecurity;
56 import org.apache.fulcrum.security.entity.Group;
57 import org.apache.fulcrum.security.entity.Permission;
58 import org.apache.fulcrum.security.util.RoleSet;
59 import org.apache.fulcrum.security.entity.Role;
60 import org.apache.fulcrum.security.util.AccessControlList;
61 import org.apache.fulcrum.security.util.DataBackendException;
62 import org.apache.fulcrum.security.util.UnknownEntityException;
63
64 import org.apache.torque.util.Criteria;
65 import org.apache.torque.TorqueException;
66
67 import org.apache.turbine.services.pull.ApplicationTool;
68
69 import org.tigris.scarab.om.ScarabUser;
70 import org.tigris.scarab.om.PendingGroupUserRolePeer;
71 import org.tigris.scarab.om.PendingGroupUserRole;
72 import org.tigris.scarab.om.Module;
73 import org.tigris.scarab.services.cache.ScarabCache;
74
75 /**
76  * This scope is an object that is made available as a global
77  * object within the system to allow access to methods dealing
78  * with security (users, roles, permissions, etc).
79  * This object must be thread safe as multiple
80  * requests may access it at the same time. The object is made
81  * available in the context as: $securityAdmin
82  * <p>
83  * The design goals of the Scarab*API is to enable a <a
84  * HREF="http://jakarta.apache.org/turbine/pullmodel.html">pull based
85  * methodology</a> to be implemented.
86  *
87  * @author <a HREF="mailto:dr@bitonic.com">Douglas B. Robertson</a>
88  * @version $Id: SecurityAdminTool.java 8291 2003-07-22 23:27:16Z dlr $
89  */
90 public class SecurityAdminTool
91     implements ApplicationTool, Serializable JavaDoc
92 {
93     private static final String JavaDoc HAS_REQUESTED_ROLE = "hasRequestedRole";
94
95     private static final String JavaDoc GET_PENDING = "getPendingGroupUserRoles";
96
97     public void init(Object JavaDoc data)
98     {
99     }
100     
101     public void refresh()
102     {
103     }
104     
105     /** Returns a User object retrieved by specifying the username.
106      *
107      * @param username the username of the user to retrieve
108      * @return the specified user, if found, or null otherwise
109      */
110     public ScarabUser getUserByUsername(String JavaDoc username) throws Exception JavaDoc
111     {
112         ScarabUser user = null;
113         
114         try
115         {
116             user = (ScarabUser)TurbineSecurity.getUser(username);
117         }
118         catch (UnknownEntityException uee)
119         {
120             // FIXME are we sure we want to do nothing with these excetpions?
121 //if so, state it explicitly
122 }
123         catch (DataBackendException dbe)
124         {
125         }
126         
127         return user;
128     }
129     
130     /** Returns a Permission object retrieved by specifying the name of the permission.
131      *
132      * @param name the name of the permission to retrieve
133      * @return the specified Permission, if found, or null otherwise
134      */
135     public Permission getPermissionByName(String JavaDoc name) throws Exception JavaDoc
136     {
137         Permission permission = null;
138         permission = TurbineSecurity.getPermission(name);
139         
140         return permission;
141     }
142     
143     /** Returns a Role object retrieved by specifying the name of the role.
144      *
145      * @param name the name of the role to retrieve
146      * @return the specified Role, if found, or null otherwise
147      */
148     public Role getRoleByName(String JavaDoc name) throws Exception JavaDoc
149     {
150         Role role = null;
151         role = TurbineSecurity.getRole(name);
152         
153         return role;
154     }
155     
156     /**
157      * Gets a list of all Groups
158      */
159     public Group[] getGroups() throws Exception JavaDoc
160     {
161         return TurbineSecurity.getAllGroups().getGroupsArray();
162     }
163
164     /**
165      * Gets a list of active Groups in which the user does not have a current
166      * role and has not already requested a role.
167      */
168     public List JavaDoc getNonMemberGroups(ScarabUser user) throws Exception JavaDoc
169     {
170         AccessControlList acl = getACL(user);
171         Group[] groups = TurbineSecurity.getAllGroups().getGroupsArray();
172         List JavaDoc nonmemberGroups = new LinkedList JavaDoc();
173         for (int i=0; i<groups.length; i++)
174         {
175             Module module = (Module)groups[i];
176             if (!module.isGlobalModule() && !module.getDeleted())
177             {
178                 RoleSet roleSet = acl.getRoles(groups[i]);
179                 if (roleSet == null || roleSet.size() == 0)
180                 {
181                     boolean hasRole = false;
182                     // need to check for already requested roles
183 Role[] roles =
184                         TurbineSecurity.getAllRoles().getRolesArray();
185                     for (int j=0; j<roles.length; j++)
186                     {
187                         if (hasRequestedRole(user, roles[j], groups[i]))
188                         {
189                             hasRole = true;
190                             break;
191                         }
192                     }
193                     if (!hasRole)
194                     {
195                         nonmemberGroups.add(groups[i]);
196                     }
197                 }
198             }
199         }
200         return nonmemberGroups;
201     }
202     
203     public boolean hasRequestedRole(ScarabUser user, Role role, Group group)
204         throws TorqueException
205     {
206         List JavaDoc result = null;
207         Object JavaDoc obj = ScarabCache.get(this, HAS_REQUESTED_ROLE, user);
208         if (obj == null)
209         {
210             Criteria crit = new Criteria();
211             crit.add(PendingGroupUserRolePeer.USER_ID, user.getUserId());
212             result = PendingGroupUserRolePeer.doSelect(crit);
213             ScarabCache.put(result, this, HAS_REQUESTED_ROLE);
214         }
215         else
216         {
217             result = (List JavaDoc)obj;
218         }
219         boolean b = false;
220         Iterator JavaDoc iter = result.iterator();
221         while (iter.hasNext())
222         {
223             PendingGroupUserRole pmur = (PendingGroupUserRole)iter.next();
224             if (pmur.getRoleName().equals(role.getName())
225                 && ((Module)group).getModuleId().equals(pmur.getGroupId()))
226             {
227                 b = true;
228                 break;
229             }
230         }
231         return b;
232     }
233
234     /**
235      * Gets a list of all Permissions
236      */
237     public Permission[] getPermissions() throws Exception JavaDoc
238     {
239         return (TurbineSecurity.getAllPermissions().getPermissionsArray());
240     }
241
242     /**
243      * Gets a list of all Permissions
244      */
245     public List JavaDoc getPermissionsAsStrings() throws Exception JavaDoc
246     {
247         Permission[] allPerms = this.getPermissions();
248         List JavaDoc list = new ArrayList JavaDoc(allPerms.length);
249         for (int i=0; i<allPerms.length;i++)
250         {
251             list.add(allPerms[i].getName());
252         }
253         return list;
254     }
255     
256     /**
257      * Gets a list of all Roles.
258      */
259     public Role[] getRoles() throws Exception JavaDoc
260     {
261         return TurbineSecurity.getAllRoles().getRolesArray();
262     }
263     
264     /**
265      * Gets a list of all Roles.
266      */
267     public List JavaDoc getNonRootRoles() throws Exception JavaDoc
268     {
269         List JavaDoc nonRootRoles = new LinkedList JavaDoc();
270         Role[] roles = TurbineSecurity.getAllRoles().getRolesArray();
271         for (int i=0; i<roles.length; i++)
272         {
273             Role role = roles[i];
274             if (!role.getName().equals("Root"))
275             {
276                 nonRootRoles.add(role);
277             }
278         }
279         return nonRootRoles;
280     }
281    
282     public List JavaDoc getPendingGroupUserRoles(Module module)
283         throws TorqueException
284     {
285         List JavaDoc result = null;
286         Object JavaDoc obj = ScarabCache.get(this, GET_PENDING, module);
287         if (obj == null)
288         {
289             Criteria crit = new Criteria();
290             crit.add(PendingGroupUserRolePeer.GROUP_ID, module.getModuleId());
291             result = PendingGroupUserRolePeer.doSelect(crit);
292             ScarabCache.put(result, this, GET_PENDING);
293         }
294         else
295         {
296             result = (List JavaDoc)obj;
297         }
298         return result;
299     }
300  
301     /**
302      * Gets an ACL object for a user
303      */
304     public AccessControlList getACL(ScarabUser user) throws Exception JavaDoc
305     {
306         return TurbineSecurity.getACL(user);
307     }
308 }
309
Popular Tags