unit tests coverage

Coverage report

%line %branch

org.apache.jetspeed.security.impl.RoleManagerImpl
0%

0%

1
/*

2
* Licensed to the Apache Software Foundation (ASF) under one or more

3
* contributor license agreements. See the NOTICE file distributed with

4
* this work for additional information regarding copyright ownership.

5
* The ASF licenses this file to You under the Apache License, Version 2.0

6
* (the "License"); you may not use this file except in compliance with

7
* the License. You may obtain a copy of the License at

8
*

9
* http://www.apache.org/licenses/LICENSE-2.0

10
*

11
* Unless required by applicable law or agreed to in writing, software

12
* distributed under the License is distributed on an "AS IS" BASIS,

13
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

14
* See the License for the specific language governing permissions and

15
* limitations under the License.

16
*/

17
package org.apache.jetspeed.security.impl;

18

19
import java.security.Principal;

20
import java.util.ArrayList;

21
import java.util.Collection;

22
import java.util.Iterator;

23
import java.util.LinkedList;

24
import java.util.List;

25
import java.util.Set;

26
import java.util.prefs.BackingStoreException;

27
import java.util.prefs.Preferences;

28

29
import org.apache.commons.logging.Log;

30
import org.apache.commons.logging.LogFactory;

31
import org.apache.jetspeed.i18n.KeyedMessage;

32
import org.apache.jetspeed.security.AuthenticationProviderProxy;

33
import org.apache.jetspeed.security.Role;

34
import org.apache.jetspeed.security.RoleManager;

35
import org.apache.jetspeed.security.RolePrincipal;

36
import org.apache.jetspeed.security.SecurityException;

37
import org.apache.jetspeed.security.SecurityProvider;

38
import org.apache.jetspeed.security.spi.RoleSecurityHandler;

39
import org.apache.jetspeed.security.spi.SecurityMappingHandler;

40
import org.apache.jetspeed.util.ArgUtil;

41

42
/**

43
* 

44
* Implementation for managing roles.

45
* 

46
* 

47
* Role hierarchy elements are being returned as a {@link Role}collection. The

48
* backing implementation must appropriately map the role hierarchy to a

49
* preferences sub-tree.

50
* 

51
* 

52
* The convention {principal}.{subprincipal} has been chosen to name roles

53
* hierachies in order to support declarative security. Implementation follow

54
* the conventions enforced by the {@link Preferences}API.

55
* 

56
*

57
* @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>

58
* @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>

59
*/

60
public class RoleManagerImpl implements RoleManager

61
{

62
/** The logger. */

63 0
private static final Log log = LogFactory.getLog(RoleManagerImpl.class);

64

65
/** The authentication provider proxy. */

66 0
private AuthenticationProviderProxy atnProviderProxy = null;

67

68
/** The role security handler. */

69 0
private RoleSecurityHandler roleSecurityHandler = null;

70

71
/** The security mapping handler. */

72 0
private SecurityMappingHandler securityMappingHandler = null;

73

74
/**

75
* @param securityProvider The security provider.

76
*/

77
public RoleManagerImpl(SecurityProvider securityProvider)

78 0
{

79 0
this.atnProviderProxy = securityProvider.getAuthenticationProviderProxy();

80 0
this.roleSecurityHandler = securityProvider.getRoleSecurityHandler();

81 0
this.securityMappingHandler = securityProvider.getSecurityMappingHandler();

82 0
}

83

84
/**

85
* @see org.apache.jetspeed.security.RoleManager#addRole(java.lang.String)

86
*/

87
public void addRole(String roleFullPathName) throws SecurityException

88
{

89 0
ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },

90
"addRole(java.lang.String)");

91

92
// Check if role already exists.

93 0
if (roleExists(roleFullPathName))

94
{

95 0
throw new SecurityException(SecurityException.ROLE_ALREADY_EXISTS.create(roleFullPathName));

96
}

97

98 0
RolePrincipal rolePrincipal = new RolePrincipalImpl(roleFullPathName);

99 0
String fullPath = rolePrincipal.getFullPath();

100
// Add the preferences.

101 0
Preferences preferences = Preferences.userRoot().node(fullPath);

102 0
if (log.isDebugEnabled())

103
{

104 0
log.debug("Added role preferences node: " + fullPath);

105
}

106
try

107
{

108 0
if ((null != preferences) && preferences.absolutePath().equals(fullPath))

109
{

110
// Add role principal.

111 0
roleSecurityHandler.setRolePrincipal(rolePrincipal);

112 0
if (log.isDebugEnabled())

113
{

114 0
log.debug("Added role: " + fullPath);

115
}

116
}

117
}

118 0
catch (SecurityException se)

119
{

120 0
KeyedMessage msg =

121
SecurityException.UNEXPECTED.create("RoleManager.addRole",

122
"RoleSecurityHandler.setRolePrincipal("+rolePrincipal.getName()+")",

123
se.getMessage());

124 0
log.error(msg, se);

125

126
// Remove the preferences node.

127
try

128
{

129 0
preferences.removeNode();

130
}

131 0
catch (BackingStoreException bse)

132
{

133 0
bse.printStackTrace();

134 0
}

135 0
throw new SecurityException(msg, se);

136 0
}

137 0
}

138

139
/**

140
* @see org.apache.jetspeed.security.RoleManager#removeRole(java.lang.String)

141
*/

142
public void removeRole(String roleFullPathName) throws SecurityException

143
{

144 0
ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },

145
"removeRole(java.lang.String)");

146

147
// Resolve the role hierarchy.

148 0
Preferences prefs = Preferences.userRoot().node(

149
RolePrincipalImpl.getFullPathFromPrincipalName(roleFullPathName));

150 0
String[] roles = securityMappingHandler.getRoleHierarchyResolver().resolveChildren(prefs);

151 0
for (int i = 0; i < roles.length; i++)

152
{

153
try

154
{

155 0
roleSecurityHandler.removeRolePrincipal(new RolePrincipalImpl(RolePrincipalImpl

156
.getPrincipalNameFromFullPath(roles[i])));

157
}

158 0
catch (Exception e)

159
{

160 0
KeyedMessage msg =

161
SecurityException.UNEXPECTED.create("RoleManager.removeRole",

162
"RoleSecurityHandler.removeRolePrincipal("+RolePrincipalImpl.getPrincipalNameFromFullPath(roles[i])+")",

163
e.getMessage());

164 0
log.error(msg, e);

165 0
throw new SecurityException(msg, e);

166 0
}

167
// Remove preferences

168 0
Preferences rolePref = Preferences.userRoot().node(roles[i]);

169
try

170
{

171 0
rolePref.removeNode();

172
}

173 0
catch (BackingStoreException bse)

174
{

175 0
KeyedMessage msg =

176
SecurityException.UNEXPECTED.create("RoleManager.removeRole",

177
"Preferences.removeNode("+roles[i]+")",

178
bse.getMessage());

179 0
log.error(msg, bse);

180 0
throw new SecurityException(msg, bse);

181 0
}

182
}

183 0
}

184

185
/**

186
* @see org.apache.jetspeed.security.RoleManager#roleExists(java.lang.String)

187
*/

188
public boolean roleExists(String roleFullPathName)

189
{

190 0
ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },

191
"roleExists(java.lang.String)");

192

193 0
Principal principal = roleSecurityHandler.getRolePrincipal(roleFullPathName);

194 0
boolean roleExists = (null != principal);

195 0
if (log.isDebugEnabled())

196
{

197 0
log.debug("Role exists: " + roleExists);

198 0
log.debug("Role: " + roleFullPathName);

199
}

200 0
return roleExists;

201
}

202

203
/**

204
* @see org.apache.jetspeed.security.RoleManager#getRole(java.lang.String)

205
*/

206
public Role getRole(String roleFullPathName) throws SecurityException

207
{

208 0
ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },

209
"getRole(java.lang.String)");

210

211 0
String fullPath = RolePrincipalImpl.getFullPathFromPrincipalName(roleFullPathName);

212

213 0
Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);

214 0
if (null == rolePrincipal)

215
{

216 0
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));

217
}

218 0
Preferences preferences = Preferences.userRoot().node(fullPath);

219 0
Role role = new RoleImpl(rolePrincipal, preferences);

220 0
return role;

221
}

222

223
/**

224
* @see org.apache.jetspeed.security.RoleManager#getRolesForUser(java.lang.String)

225
*/

226
public Collection getRolesForUser(String username) throws SecurityException

227
{

228 0
ArgUtil.notNull(new Object[] { username }, class="keyword">new String[] { "username" }, "getRolesForUser(java.lang.String)");

229

230 0
Collection roles = new ArrayList();

231

232 0
Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);

233 0
Iterator rolePrincipalsIter = rolePrincipals.iterator();

234 0
while (rolePrincipalsIter.hasNext())

235
{

236 0
Principal rolePrincipal = (Principal) rolePrincipalsIter.next();

237 0
Preferences preferences = Preferences.userRoot().node(

238
RolePrincipalImpl.getFullPathFromPrincipalName(rolePrincipal.getName()));

239 0
roles.add(new RoleImpl(rolePrincipal, preferences));

240 0
}

241 0
return roles;

242
}

243

244
/**

245
* @see org.apache.jetspeed.security.RoleManager#getRolesInGroup(java.lang.String)

246
*/

247
public Collection getRolesInGroup(String groupFullPathName) throws SecurityException

248
{

249 0
ArgUtil.notNull(new Object[] { groupFullPathName }, class="keyword">new String[] { "groupFullPathName" },

250
"getRolesInGroup(java.lang.String)");

251

252 0
Collection roles = new ArrayList();

253

254 0
Set rolePrincipals = securityMappingHandler.getRolePrincipalsInGroup(groupFullPathName);

255 0
Iterator rolePrincipalsIter = rolePrincipals.iterator();

256 0
while (rolePrincipalsIter.hasNext())

257
{

258 0
Principal rolePrincipal = (Principal) rolePrincipalsIter.next();

259 0
Preferences preferences = Preferences.userRoot().node(

260
RolePrincipalImpl.getFullPathFromPrincipalName(rolePrincipal.getName()));

261 0
roles.add(new RoleImpl(rolePrincipal, preferences));

262 0
}

263 0
return roles;

264
}

265

266
/**

267
* @see org.apache.jetspeed.security.RoleManager#addRoleToUser(java.lang.String,

268
* java.lang.String)

269
*/

270
public void addRoleToUser(String username, String roleFullPathName) throws SecurityException

271
{

272 0
ArgUtil.notNull(new Object[] { username, roleFullPathName }, class="keyword">new String[] { "username", "roleFullPathName" },

273
"addUserToRole(java.lang.String, java.lang.String)");

274

275
// Get the role principal to add to user.

276 0
Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);

277 0
if (null == rolePrincipal)

278
{

279 0
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));

280
}

281
// Check that user exists.

282 0
Principal userPrincipal = atnProviderProxy.getUserPrincipal(username);

283 0
if (null == userPrincipal)

284
{

285 0
throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(username));

286
}

287
// Get the user roles.

288 0
Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);

289
// Add role to user.

290 0
if (!rolePrincipals.contains(rolePrincipal))

291
{

292 0
securityMappingHandler.setUserPrincipalInRole(username, roleFullPathName);

293
}

294 0
}

295

296
/**

297
* @see org.apache.jetspeed.security.RoleManager#removeRoleFromUser(java.lang.String,

298
* java.lang.String)

299
*/

300
public void removeRoleFromUser(String username, String roleFullPathName) throws SecurityException

301
{

302 0
ArgUtil.notNull(new Object[] { username, roleFullPathName }, class="keyword">new String[] { "username", "roleFullPathName" },

303
"removeRoleFromUser(java.lang.String, java.lang.String)");

304

305
// Check that user exists.

306 0
Principal userPrincipal = atnProviderProxy.getUserPrincipal(username);

307 0
if (null == userPrincipal)

308
{

309 0
throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(username));

310
}

311
// Get the role principal to remove.

312 0
Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);

313 0
if (null != rolePrincipal)

314
{

315 0
securityMappingHandler.removeUserPrincipalInRole(username, roleFullPathName);

316
}

317 0
}

318

319
/**

320
* @see org.apache.jetspeed.security.RoleManager#isUserInRole(java.lang.String,

321
* java.lang.String)

322
*/

323
public boolean isUserInRole(String username, String roleFullPathName) throws SecurityException

324
{

325 0
ArgUtil.notNull(new Object[] { username, roleFullPathName }, class="keyword">new String[] { "username", "roleFullPathName" },

326
"isUserInRole(java.lang.String, java.lang.String)");

327

328 0
boolean isUserInRole = false;

329

330 0
Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);

331 0
Principal rolePrincipal = new RolePrincipalImpl(roleFullPathName);

332 0
if (rolePrincipals.contains(rolePrincipal))

333
{

334 0
isUserInRole = true;

335
}

336 0
return isUserInRole;

337
}

338

339
/**

340
* @see org.apache.jetspeed.security.RoleManager#addRoleToGroup(java.lang.String,

341
* java.lang.String)

342
*/

343
public void addRoleToGroup(String roleFullPathName, String groupFullPathName) throws SecurityException

344
{

345 0
ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, class="keyword">new String[] { "roleFullPathName",

346
"groupFullPathName" }, "addRoleToGroup(java.lang.String, java.lang.String)");

347

348
// Get the role principal to add to group.

349 0
Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);

350 0
if (null == rolePrincipal)

351
{

352 0
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));

353
}

354 0
securityMappingHandler.setRolePrincipalInGroup(groupFullPathName, roleFullPathName);

355 0
}

356

357
/**

358
* @see org.apache.jetspeed.security.RoleManager#removeRoleFromGroup(java.lang.String,

359
* java.lang.String)

360
*/

361
public void removeRoleFromGroup(String roleFullPathName, String groupFullPathName) throws SecurityException

362
{

363 0
ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, class="keyword">new String[] { "roleFullPathName",

364
"groupFullPathName" }, "removeRoleFromGroup(java.lang.String, java.lang.String)");

365

366
// Get the role principal to remove.

367 0
Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);

368 0
if (null != rolePrincipal)

369
{

370 0
securityMappingHandler.removeRolePrincipalInGroup(groupFullPathName, roleFullPathName);

371
}

372 0
}

373

374
/**

375
* @see org.apache.jetspeed.security.RoleManager#isGroupInRole(java.lang.String,

376
* java.lang.String)

377
*/

378
public boolean isGroupInRole(String groupFullPathName, String roleFullPathName) throws SecurityException

379
{

380 0
ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, class="keyword">new String[] { "roleFullPathName",

381
"groupFullPathName" }, "isGroupInRole(java.lang.String, java.lang.String)");

382

383 0
boolean isGroupInRole = false;

384

385 0
Set rolePrincipals = securityMappingHandler.getRolePrincipalsInGroup(groupFullPathName);

386 0
Principal rolePrincipal = new RolePrincipalImpl(roleFullPathName);

387 0
if (rolePrincipals.contains(rolePrincipal))

388
{

389 0
isGroupInRole = true;

390
}

391

392 0
return isGroupInRole;

393
}

394

395
/**

396
* @see org.apache.jetspeed.security.RoleManager#getRoles(java.lang.String)

397
*/

398
public Iterator getRoles(String filter) throws SecurityException

399
{

400 0
List roles = new LinkedList();

401 0
Iterator rolePrincipals = roleSecurityHandler.getRolePrincipals(filter).iterator();

402 0
while (rolePrincipals.hasNext())

403
{

404 0
String roleName = ((Principal) rolePrincipals.next()).getName();

405 0
Role role = getRole(roleName);

406 0
roles.add(role);

407 0
}

408 0
return roles.iterator();

409
}

410

411
/**

412
* @see org.apache.jetspeed.security.RoleManager#setRoleEnabled(java.lang.String, boolean)

413
*/

414
public void setRoleEnabled(String roleFullPathName, boolean enabled) throws SecurityException

415
{

416 0
ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },

417
"setRoleEnabled(java.lang.String,boolean)");

418

419 0
RolePrincipalImpl rolePrincipal = (RolePrincipalImpl)roleSecurityHandler.getRolePrincipal(roleFullPathName);

420 0
if (null == rolePrincipal)

421
{

422 0
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));

423
}

424 0
if ( enabled != rolePrincipal.isEnabled() )

425
{

426 0
rolePrincipal.setEnabled(enabled);

427 0
roleSecurityHandler.setRolePrincipal(rolePrincipal);

428
}

429 0
}

430
}

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.

1		/*
2		* Licensed to the Apache Software Foundation (ASF) under one or more
3		* contributor license agreements. See the NOTICE file distributed with
4		* this work for additional information regarding copyright ownership.
5		* The ASF licenses this file to You under the Apache License, Version 2.0
6		* (the "License"); you may not use this file except in compliance with
7		* the License. You may obtain a copy of the License at
8		*
9		* http://www.apache.org/licenses/LICENSE-2.0
10		*
11		* Unless required by applicable law or agreed to in writing, software
12		* distributed under the License is distributed on an "AS IS" BASIS,
13		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14		* See the License for the specific language governing permissions and
15		* limitations under the License.
16		*/
17		package org.apache.jetspeed.security.impl;
18
19		import java.security.Principal;
20		import java.util.ArrayList;
21		import java.util.Collection;
22		import java.util.Iterator;
23		import java.util.LinkedList;
24		import java.util.List;
25		import java.util.Set;
26		import java.util.prefs.BackingStoreException;
27		import java.util.prefs.Preferences;
28
29		import org.apache.commons.logging.Log;
30		import org.apache.commons.logging.LogFactory;
31		import org.apache.jetspeed.i18n.KeyedMessage;
32		import org.apache.jetspeed.security.AuthenticationProviderProxy;
33		import org.apache.jetspeed.security.Role;
34		import org.apache.jetspeed.security.RoleManager;
35		import org.apache.jetspeed.security.RolePrincipal;
36		import org.apache.jetspeed.security.SecurityException;
37		import org.apache.jetspeed.security.SecurityProvider;
38		import org.apache.jetspeed.security.spi.RoleSecurityHandler;
39		import org.apache.jetspeed.security.spi.SecurityMappingHandler;
40		import org.apache.jetspeed.util.ArgUtil;
41
42		/**
43		* <p>
44		* Implementation for managing roles.
45		* </p>
46		* <p>
47		* Role hierarchy elements are being returned as a {@link Role}collection. The
48		* backing implementation must appropriately map the role hierarchy to a
49		* preferences sub-tree.
50		* </p>
51		* <p>
52		* The convention {principal}.{subprincipal} has been chosen to name roles
53		* hierachies in order to support declarative security. Implementation follow
54		* the conventions enforced by the {@link Preferences}API.
55		* </p>
56		*
57		* @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
58		* @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
59		*/
60		public class RoleManagerImpl implements RoleManager
61		{
62		/** The logger. */
63	0	private static final Log log = LogFactory.getLog(RoleManagerImpl.class);
64
65		/** The authentication provider proxy. */
66	0	private AuthenticationProviderProxy atnProviderProxy = null;
67
68		/** The role security handler. */
69	0	private RoleSecurityHandler roleSecurityHandler = null;
70
71		/** The security mapping handler. */
72	0	private SecurityMappingHandler securityMappingHandler = null;
73
74		/**
75		* @param securityProvider The security provider.
76		*/
77		public RoleManagerImpl(SecurityProvider securityProvider)
78	0	{
79	0	this.atnProviderProxy = securityProvider.getAuthenticationProviderProxy();
80	0	this.roleSecurityHandler = securityProvider.getRoleSecurityHandler();
81	0	this.securityMappingHandler = securityProvider.getSecurityMappingHandler();
82	0	}
83
84		/**
85		* @see org.apache.jetspeed.security.RoleManager#addRole(java.lang.String)
86		*/
87		public void addRole(String roleFullPathName) throws SecurityException
88		{
89	0	ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },
90		"addRole(java.lang.String)");
91
92		// Check if role already exists.
93	0	if (roleExists(roleFullPathName))
94		{
95	0	throw new SecurityException(SecurityException.ROLE_ALREADY_EXISTS.create(roleFullPathName));
96		}
97
98	0	RolePrincipal rolePrincipal = new RolePrincipalImpl(roleFullPathName);
99	0	String fullPath = rolePrincipal.getFullPath();
100		// Add the preferences.
101	0	Preferences preferences = Preferences.userRoot().node(fullPath);
102	0	if (log.isDebugEnabled())
103		{
104	0	log.debug("Added role preferences node: " + fullPath);
105		}
106		try
107		{
108	0	if ((null != preferences) && preferences.absolutePath().equals(fullPath))
109		{
110		// Add role principal.
111	0	roleSecurityHandler.setRolePrincipal(rolePrincipal);
112	0	if (log.isDebugEnabled())
113		{
114	0	log.debug("Added role: " + fullPath);
115		}
116		}
117		}
118	0	catch (SecurityException se)
119		{
120	0	KeyedMessage msg =
121		SecurityException.UNEXPECTED.create("RoleManager.addRole",
122		"RoleSecurityHandler.setRolePrincipal("+rolePrincipal.getName()+")",
123		se.getMessage());
124	0	log.error(msg, se);
125
126		// Remove the preferences node.
127		try
128		{
129	0	preferences.removeNode();
130		}
131	0	catch (BackingStoreException bse)
132		{
133	0	bse.printStackTrace();
134	0	}
135	0	throw new SecurityException(msg, se);
136	0	}
137	0	}
138
139		/**
140		* @see org.apache.jetspeed.security.RoleManager#removeRole(java.lang.String)
141		*/
142		public void removeRole(String roleFullPathName) throws SecurityException
143		{
144	0	ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },
145		"removeRole(java.lang.String)");
146
147		// Resolve the role hierarchy.
148	0	Preferences prefs = Preferences.userRoot().node(
149		RolePrincipalImpl.getFullPathFromPrincipalName(roleFullPathName));
150	0	String[] roles = securityMappingHandler.getRoleHierarchyResolver().resolveChildren(prefs);
151	0	for (int i = 0; i < roles.length; i++)
152		{
153		try
154		{
155	0	roleSecurityHandler.removeRolePrincipal(new RolePrincipalImpl(RolePrincipalImpl
156		.getPrincipalNameFromFullPath(roles[i])));
157		}
158	0	catch (Exception e)
159		{
160	0	KeyedMessage msg =
161		SecurityException.UNEXPECTED.create("RoleManager.removeRole",
162		"RoleSecurityHandler.removeRolePrincipal("+RolePrincipalImpl.getPrincipalNameFromFullPath(roles[i])+")",
163		e.getMessage());
164	0	log.error(msg, e);
165	0	throw new SecurityException(msg, e);
166	0	}
167		// Remove preferences
168	0	Preferences rolePref = Preferences.userRoot().node(roles[i]);
169		try
170		{
171	0	rolePref.removeNode();
172		}
173	0	catch (BackingStoreException bse)
174		{
175	0	KeyedMessage msg =
176		SecurityException.UNEXPECTED.create("RoleManager.removeRole",
177		"Preferences.removeNode("+roles[i]+")",
178		bse.getMessage());
179	0	log.error(msg, bse);
180	0	throw new SecurityException(msg, bse);
181	0	}
182		}
183	0	}
184
185		/**
186		* @see org.apache.jetspeed.security.RoleManager#roleExists(java.lang.String)
187		*/
188		public boolean roleExists(String roleFullPathName)
189		{
190	0	ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },
191		"roleExists(java.lang.String)");
192
193	0	Principal principal = roleSecurityHandler.getRolePrincipal(roleFullPathName);
194	0	boolean roleExists = (null != principal);
195	0	if (log.isDebugEnabled())
196		{
197	0	log.debug("Role exists: " + roleExists);
198	0	log.debug("Role: " + roleFullPathName);
199		}
200	0	return roleExists;
201		}
202
203		/**
204		* @see org.apache.jetspeed.security.RoleManager#getRole(java.lang.String)
205		*/
206		public Role getRole(String roleFullPathName) throws SecurityException
207		{
208	0	ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },
209		"getRole(java.lang.String)");
210
211	0	String fullPath = RolePrincipalImpl.getFullPathFromPrincipalName(roleFullPathName);
212
213	0	Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);
214	0	if (null == rolePrincipal)
215		{
216	0	throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));
217		}
218	0	Preferences preferences = Preferences.userRoot().node(fullPath);
219	0	Role role = new RoleImpl(rolePrincipal, preferences);
220	0	return role;
221		}
222
223		/**
224		* @see org.apache.jetspeed.security.RoleManager#getRolesForUser(java.lang.String)
225		*/
226		public Collection getRolesForUser(String username) throws SecurityException
227		{
228	0	ArgUtil.notNull(new Object[] { username }, class="keyword">new String[] { "username" }, "getRolesForUser(java.lang.String)");
229
230	0	Collection roles = new ArrayList();
231
232	0	Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);
233	0	Iterator rolePrincipalsIter = rolePrincipals.iterator();
234	0	while (rolePrincipalsIter.hasNext())
235		{
236	0	Principal rolePrincipal = (Principal) rolePrincipalsIter.next();
237	0	Preferences preferences = Preferences.userRoot().node(
238		RolePrincipalImpl.getFullPathFromPrincipalName(rolePrincipal.getName()));
239	0	roles.add(new RoleImpl(rolePrincipal, preferences));
240	0	}
241	0	return roles;
242		}
243
244		/**
245		* @see org.apache.jetspeed.security.RoleManager#getRolesInGroup(java.lang.String)
246		*/
247		public Collection getRolesInGroup(String groupFullPathName) throws SecurityException
248		{
249	0	ArgUtil.notNull(new Object[] { groupFullPathName }, class="keyword">new String[] { "groupFullPathName" },
250		"getRolesInGroup(java.lang.String)");
251
252	0	Collection roles = new ArrayList();
253
254	0	Set rolePrincipals = securityMappingHandler.getRolePrincipalsInGroup(groupFullPathName);
255	0	Iterator rolePrincipalsIter = rolePrincipals.iterator();
256	0	while (rolePrincipalsIter.hasNext())
257		{
258	0	Principal rolePrincipal = (Principal) rolePrincipalsIter.next();
259	0	Preferences preferences = Preferences.userRoot().node(
260		RolePrincipalImpl.getFullPathFromPrincipalName(rolePrincipal.getName()));
261	0	roles.add(new RoleImpl(rolePrincipal, preferences));
262	0	}
263	0	return roles;
264		}
265
266		/**
267		* @see org.apache.jetspeed.security.RoleManager#addRoleToUser(java.lang.String,
268		* java.lang.String)
269		*/
270		public void addRoleToUser(String username, String roleFullPathName) throws SecurityException
271		{
272	0	ArgUtil.notNull(new Object[] { username, roleFullPathName }, class="keyword">new String[] { "username", "roleFullPathName" },
273		"addUserToRole(java.lang.String, java.lang.String)");
274
275		// Get the role principal to add to user.
276	0	Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);
277	0	if (null == rolePrincipal)
278		{
279	0	throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));
280		}
281		// Check that user exists.
282	0	Principal userPrincipal = atnProviderProxy.getUserPrincipal(username);
283	0	if (null == userPrincipal)
284		{
285	0	throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(username));
286		}
287		// Get the user roles.
288	0	Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);
289		// Add role to user.
290	0	if (!rolePrincipals.contains(rolePrincipal))
291		{
292	0	securityMappingHandler.setUserPrincipalInRole(username, roleFullPathName);
293		}
294	0	}
295
296		/**
297		* @see org.apache.jetspeed.security.RoleManager#removeRoleFromUser(java.lang.String,
298		* java.lang.String)
299		*/
300		public void removeRoleFromUser(String username, String roleFullPathName) throws SecurityException
301		{
302	0	ArgUtil.notNull(new Object[] { username, roleFullPathName }, class="keyword">new String[] { "username", "roleFullPathName" },
303		"removeRoleFromUser(java.lang.String, java.lang.String)");
304
305		// Check that user exists.
306	0	Principal userPrincipal = atnProviderProxy.getUserPrincipal(username);
307	0	if (null == userPrincipal)
308		{
309	0	throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(username));
310		}
311		// Get the role principal to remove.
312	0	Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);
313	0	if (null != rolePrincipal)
314		{
315	0	securityMappingHandler.removeUserPrincipalInRole(username, roleFullPathName);
316		}
317	0	}
318
319		/**
320		* @see org.apache.jetspeed.security.RoleManager#isUserInRole(java.lang.String,
321		* java.lang.String)
322		*/
323		public boolean isUserInRole(String username, String roleFullPathName) throws SecurityException
324		{
325	0	ArgUtil.notNull(new Object[] { username, roleFullPathName }, class="keyword">new String[] { "username", "roleFullPathName" },
326		"isUserInRole(java.lang.String, java.lang.String)");
327
328	0	boolean isUserInRole = false;
329
330	0	Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);
331	0	Principal rolePrincipal = new RolePrincipalImpl(roleFullPathName);
332	0	if (rolePrincipals.contains(rolePrincipal))
333		{
334	0	isUserInRole = true;
335		}
336	0	return isUserInRole;
337		}
338
339		/**
340		* @see org.apache.jetspeed.security.RoleManager#addRoleToGroup(java.lang.String,
341		* java.lang.String)
342		*/
343		public void addRoleToGroup(String roleFullPathName, String groupFullPathName) throws SecurityException
344		{
345	0	ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, class="keyword">new String[] { "roleFullPathName",
346		"groupFullPathName" }, "addRoleToGroup(java.lang.String, java.lang.String)");
347
348		// Get the role principal to add to group.
349	0	Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);
350	0	if (null == rolePrincipal)
351		{
352	0	throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));
353		}
354	0	securityMappingHandler.setRolePrincipalInGroup(groupFullPathName, roleFullPathName);
355	0	}
356
357		/**
358		* @see org.apache.jetspeed.security.RoleManager#removeRoleFromGroup(java.lang.String,
359		* java.lang.String)
360		*/
361		public void removeRoleFromGroup(String roleFullPathName, String groupFullPathName) throws SecurityException
362		{
363	0	ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, class="keyword">new String[] { "roleFullPathName",
364		"groupFullPathName" }, "removeRoleFromGroup(java.lang.String, java.lang.String)");
365
366		// Get the role principal to remove.
367	0	Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleFullPathName);
368	0	if (null != rolePrincipal)
369		{
370	0	securityMappingHandler.removeRolePrincipalInGroup(groupFullPathName, roleFullPathName);
371		}
372	0	}
373
374		/**
375		* @see org.apache.jetspeed.security.RoleManager#isGroupInRole(java.lang.String,
376		* java.lang.String)
377		*/
378		public boolean isGroupInRole(String groupFullPathName, String roleFullPathName) throws SecurityException
379		{
380	0	ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, class="keyword">new String[] { "roleFullPathName",
381		"groupFullPathName" }, "isGroupInRole(java.lang.String, java.lang.String)");
382
383	0	boolean isGroupInRole = false;
384
385	0	Set rolePrincipals = securityMappingHandler.getRolePrincipalsInGroup(groupFullPathName);
386	0	Principal rolePrincipal = new RolePrincipalImpl(roleFullPathName);
387	0	if (rolePrincipals.contains(rolePrincipal))
388		{
389	0	isGroupInRole = true;
390		}
391
392	0	return isGroupInRole;
393		}
394
395		/**
396		* @see org.apache.jetspeed.security.RoleManager#getRoles(java.lang.String)
397		*/
398		public Iterator getRoles(String filter) throws SecurityException
399		{
400	0	List roles = new LinkedList();
401	0	Iterator rolePrincipals = roleSecurityHandler.getRolePrincipals(filter).iterator();
402	0	while (rolePrincipals.hasNext())
403		{
404	0	String roleName = ((Principal) rolePrincipals.next()).getName();
405	0	Role role = getRole(roleName);
406	0	roles.add(role);
407	0	}
408	0	return roles.iterator();
409		}
410
411		/**
412		* @see org.apache.jetspeed.security.RoleManager#setRoleEnabled(java.lang.String, boolean)
413		*/
414		public void setRoleEnabled(String roleFullPathName, boolean enabled) throws SecurityException
415		{
416	0	ArgUtil.notNull(new Object[] { roleFullPathName }, class="keyword">new String[] { "roleFullPathName" },
417		"setRoleEnabled(java.lang.String,boolean)");
418
419	0	RolePrincipalImpl rolePrincipal = (RolePrincipalImpl)roleSecurityHandler.getRolePrincipal(roleFullPathName);
420	0	if (null == rolePrincipal)
421		{
422	0	throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleFullPathName));
423		}
424	0	if ( enabled != rolePrincipal.isEnabled() )
425		{
426	0	rolePrincipal.setEnabled(enabled);
427	0	roleSecurityHandler.setRolePrincipal(rolePrincipal);
428		}
429	0	}
430		}