unit tests coverage

Coverage report

%line %branch

org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler
0%

0%

1
/*

2
* Licensed to the Apache Software Foundation (ASF) under one or more

3
* contributor license agreements. See the NOTICE file distributed with

4
* this work for additional information regarding copyright ownership.

5
* The ASF licenses this file to You under the Apache License, Version 2.0

6
* (the "License"); you may not use this file except in compliance with

7
* the License. You may obtain a copy of the License at

8
*

9
* http://www.apache.org/licenses/LICENSE-2.0

10
*

11
* Unless required by applicable law or agreed to in writing, software

12
* distributed under the License is distributed on an "AS IS" BASIS,

13
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

14
* See the License for the specific language governing permissions and

15
* limitations under the License.

16
*/

17
package org.apache.jetspeed.security.spi.impl;

18

19
import java.security.Principal;

20
import java.util.HashSet;

21
import java.util.Set;

22
import java.util.prefs.Preferences;

23

24
import javax.naming.NamingException;

25

26
import org.apache.commons.logging.Log;

27
import org.apache.commons.logging.LogFactory;

28
import org.apache.jetspeed.security.GroupPrincipal;

29
import org.apache.jetspeed.security.HierarchyResolver;

30
import org.apache.jetspeed.security.RolePrincipal;

31
import org.apache.jetspeed.security.SecurityException;

32
import org.apache.jetspeed.security.UserPrincipal;

33
import org.apache.jetspeed.security.impl.GeneralizationHierarchyResolver;

34
import org.apache.jetspeed.security.impl.GroupPrincipalImpl;

35
import org.apache.jetspeed.security.impl.RolePrincipalImpl;

36
import org.apache.jetspeed.security.impl.UserPrincipalImpl;

37
import org.apache.jetspeed.security.spi.SecurityMappingHandler;

38
import org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl;

39
import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;

40
import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;

41
import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDao;

42
import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl;

43

44
/**

45
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler

46
* @author <a href="mailto:mike.long@dataline.com">Mike Long </a> 

47
* <a href="mailto:dlestrat@apache.org">David Le Strat </a>

48
*/

49
public class LdapSecurityMappingHandler implements SecurityMappingHandler

50
{

51

52
private LdapUserPrincipalDao userDao;

53

54
private LdapPrincipalDao groupDao;

55

56
private LdapPrincipalDao roleDao;

57

58
/** The logger. */

59 0
private static final Log LOG = LogFactory.getLog(LdapSecurityMappingHandler.class);

60

61
/** The role hierarchy resolver. */

62 0
private HierarchyResolver roleHierarchyResolver = new GeneralizationHierarchyResolver();

63

64
/** The group hierarchy resolver. */

65 0
private HierarchyResolver groupHierarchyResolver = new GeneralizationHierarchyResolver();

66

67
/**

68
* @param userDao

69
* @param groupDao

70
*/

71
public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao,LdapPrincipalDao roleDao)

72 0
{

73 0
this.userDao = userDao;

74 0
this.groupDao = groupDao;

75 0
this.roleDao = roleDao;

76 0
}

77

78
/**

79
* @throws NamingException A {@link NamingException}.

80
* @throws SecurityException A {@link SecurityException}.

81
*/

82
public LdapSecurityMappingHandler() throws SecurityException, NamingException

83 0
{

84 0
this.userDao = new LdapUserPrincipalDaoImpl();

85 0
this.groupDao = new LdapGroupDaoImpl();

86 0
this.roleDao = new LdapRoleDaoImpl();

87 0
}

88

89
/**

90
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRoleHierarchyResolver()

91
*/

92
public HierarchyResolver getRoleHierarchyResolver()

93
{

94 0
return roleHierarchyResolver;

95
}

96

97
/**

98
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRoleHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)

99
*/

100
public void setRoleHierarchyResolver(HierarchyResolver roleHierarchyResolver)

101
{

102 0
this.roleHierarchyResolver = roleHierarchyResolver;

103 0
}

104

105
/**

106
* @return Returns the groupHierarchyResolver.

107
*/

108
public HierarchyResolver getGroupHierarchyResolver()

109
{

110 0
return groupHierarchyResolver;

111
}

112

113
/**

114
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setGroupHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)

115
*/

116
public void setGroupHierarchyResolver(HierarchyResolver groupHierarchyResolver)

117
{

118 0
this.groupHierarchyResolver = groupHierarchyResolver;

119 0
}

120

121
/**

122
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRolePrincipals(java.lang.String)

123
*/

124
public Set getRolePrincipals(String username)

125
{

126 0
Set rolePrincipals = new HashSet();

127
String[] roles;

128
try

129
{

130 0
roles = userDao.getRoleUidsForUser(username);

131 0
for (int i = 0; i < roles.length; i++)

132
{

133 0
createResolvedRolePrincipalSet(username, rolePrincipals, roles, i);

134
}

135
}

136 0
catch (SecurityException e)

137
{

138 0
LOG.error(e);

139 0
}

140 0
return rolePrincipals;

141

142
}

143

144
/**

145
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInRole(java.lang.String,

146
* java.lang.String)

147
*/

148
public void setUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException

149
{

150 0
verifyUserAndRoleExist(username, roleFullPathName);

151 0
addRoleToUser(username, roleFullPathName);

152 0
}

153

154
/**

155
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInRole(java.lang.String,

156
* java.lang.String)

157
*/

158
public void removeUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException

159
{

160 0
verifyUserAndRoleExist(username, roleFullPathName);

161 0
removeUserFromRole(username, roleFullPathName);

162 0
}

163

164
/**

165
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRolePrincipalsInGroup(java.lang.String)

166
*/

167
public Set getRolePrincipalsInGroup(String groupFullPathName)

168
{

169 0
Set rolePrincipalsInGroup = new HashSet();

170
String[] roles;

171
try

172
{

173
//TODO: see if we can't use the groupDao here

174 0
roles = userDao.getRolesForGroup(groupFullPathName);

175 0
for (int i = 0; i < roles.length; i++)

176
{

177 0
createResolvedRolePrincipalSet(groupFullPathName, rolePrincipalsInGroup, roles, i);

178
}

179
}

180 0
catch (SecurityException e)

181
{

182 0
LOG.error(e);

183 0
}

184 0
return rolePrincipalsInGroup;

185
}

186

187
/**

188
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipalInGroup(java.lang.String,

189
* java.lang.String)

190
*/

191
public void setRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException

192
{

193 0
verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);

194 0
addRoleToGroup(groupFullPathName, roleFullPathName);

195 0
}

196

197
/**

198
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipalInGroup(java.lang.String,

199
* java.lang.String)

200
*/

201
public void removeRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException

202
{

203 0
verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);

204 0
removeRoleFromGroup(groupFullPathName, roleFullPathName);

205 0
}

206

207

208
/**

209
* This method returns the set of group principals associated with a user.

210
*

211
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipals(java.lang.String)

212
*/

213
public Set getGroupPrincipals(String userPrincipalUid)

214
{

215 0
Set groupPrincipals = new HashSet();

216

217
String[] groups;

218
try

219
{

220 0
groups = userDao.getGroupUidsForUser(userPrincipalUid);

221 0
for (int i = 0; i < groups.length; i++)

222
{

223 0
createResolvedGroupPrincipalSet(userPrincipalUid, groupPrincipals, groups, i);

224
}

225
}

226 0
catch (SecurityException e)

227
{

228 0
LOG.error(e);

229 0
}

230 0
return groupPrincipals;

231
}

232

233
/**

234
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipalsInRole(java.lang.String)

235
*/

236
public Set getGroupPrincipalsInRole(String roleFullPathName)

237
{

238 0
Set groupPrincipals = new HashSet();

239 0
return groupPrincipals;

240
}

241

242
/**

243
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getUserPrincipalsInRole(java.lang.String)

244
*/

245
public Set getUserPrincipalsInRole(String roleFullPathName)

246
{

247
//TODO: Check that this is correct

248 0
Set userPrincipals = new HashSet();

249 0
String[] fullPaths = {roleFullPathName};

250
try

251
{

252 0
getUserPrincipalsInRole(userPrincipals, fullPaths);

253
}

254 0
catch (SecurityException e)

255
{

256 0
LOG.error(e);

257 0
}

258 0
return userPrincipals;

259
}

260

261
/**

262
* 

263
* This method is the analog of the getGroupPrincipals except it returns the

264
* set of user principals in a group.

265
* 

266
*

267
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getUserPrincipalsInGroup(java.lang.String)

268
*/

269
public Set getUserPrincipalsInGroup(String groupFullPathName)

270
{

271 0
Set userPrincipals = new HashSet();

272

273
//TODO: Check that this is correct

274 0
String[] fullPaths = {groupFullPathName};

275

276
try

277
{

278 0
getUserPrincipalsInGroup(userPrincipals, fullPaths);

279
}

280 0
catch (SecurityException e)

281
{

282 0
LOG.error(e);

283 0
}

284 0
return userPrincipals;

285
}

286

287
/**

288
* 

289
* Gets the user principals in groups.

290
* 

291
*

292
* @param userPrincipals

293
* @param fullPaths

294
* @throws SecurityException A {@link SecurityException}.

295
*/

296
private void getUserPrincipalsInGroup(Set userPrincipals, String[] fullPaths) throws SecurityException

297
{

298 0
for (int i = 0; i < fullPaths.length; i++)

299
{

300 0
String[] usersInGroup = userDao.getUserUidsForGroup(fullPaths[i]);

301 0
for (int y = 0; y < usersInGroup.length; y++)

302
{

303 0
Principal userPrincipal = new UserPrincipalImpl(usersInGroup[y]);

304 0
userPrincipals.add(userPrincipal);

305
}

306
}

307 0
}

308

309
/**

310
* 

311
* Gets the user principals in groups.

312
* 

313
*

314
* @param userPrincipals

315
* @param fullPaths

316
* @throws SecurityException A {@link SecurityException}.

317
*/

318
private void getUserPrincipalsInRole(Set userPrincipals, String[] fullPaths) throws SecurityException

319
{

320 0
for (int i = 0; i < fullPaths.length; i++)

321
{

322 0
String[] usersInRole = userDao.getUserUidsForRole(fullPaths[i]);

323 0
for (int y = 0; y < usersInRole.length; y++)

324
{

325 0
Principal userPrincipal = new UserPrincipalImpl(usersInRole[y]);

326 0
userPrincipals.add(userPrincipal);

327
}

328
}

329 0
}

330

331
/**

332
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInGroup(java.lang.String,

333
* java.lang.String)

334
*/

335
public void setUserPrincipalInGroup(String username, String groupFullPathName) throws SecurityException

336
{

337 0
verifyUserAndGroupExist(username, groupFullPathName);

338 0
addGroupToUser(username, groupFullPathName);

339 0
}

340

341
/**

342
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInGroup(java.lang.String,

343
* java.lang.String)

344
*/

345
public void removeUserPrincipalInGroup(String username, String groupFullPathName) throws SecurityException

346
{

347 0
verifyUserAndGroupExist(username, groupFullPathName);

348 0
removeUserFromGroup(username, groupFullPathName);

349 0
}

350
/**

351
* @param username

352
* @param groupFullPathName

353
* @throws SecurityException

354
*/

355
private void verifyGroupAndRoleExist(String groupFullPathName, String roleFullPathName) throws SecurityException

356
{

357 0
GroupPrincipal group = getGroup(groupFullPathName);

358 0
RolePrincipal role = getRole(roleFullPathName);

359 0
if ((null == group) && (class="keyword">null == role))

360
{

361 0
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST);

362
}

363 0
}

364

365
/**

366
* @param username

367
* @param groupFullPathName

368
* @throws SecurityException

369
*/

370
private void verifyUserAndGroupExist(String username, String groupFullPathName) throws SecurityException

371
{

372 0
UserPrincipal user = getUser(username);

373 0
GroupPrincipal group = getGroup(groupFullPathName);

374 0
if ((null == user) && (class="keyword">null == group))

375
{

376 0
throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);

377
}

378 0
}

379

380
/**

381
* @param username

382
* @param groupFullPathName

383
* @throws SecurityException

384
*/

385
private void verifyUserAndRoleExist(String username, String roleFullPathName) throws SecurityException

386
{

387 0
UserPrincipal user = getUser(username);

388 0
RolePrincipal role = getRole(roleFullPathName);

389 0
if ((null == user) && (class="keyword">null == role))

390
{

391 0
throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);

392
}

393 0
}

394

395
/**

396
* @param username

397
* @param groupPrincipals

398
* @param groups

399
* @param i

400
*/

401
private void createResolvedGroupPrincipalSet(String username, Set groupPrincipals, String[] groups, int i)

402
{

403 0
LOG.debug("Group [" + i + "] for user[" + username + "] is [" + groups[i] + "]");

404

405 0
GroupPrincipal group = new GroupPrincipalImpl(groups[i]);

406 0
Preferences preferences = Preferences.userRoot().node(group.getFullPath());

407 0
LOG.debug("Group name:" + group.getName());

408 0
String[] fullPaths = groupHierarchyResolver.resolve(preferences);

409 0
for (int n = 0; n < fullPaths.length; n++)

410
{

411 0
LOG.debug("Group [" + i + "] for user[" + username + "] is ["

412
+ GroupPrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n]) + "]");

413 0
groupPrincipals.add(new GroupPrincipalImpl(GroupPrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n])));

414
}

415 0
}

416

417
/**

418
* @param username

419
* @param groupPrincipals

420
* @param groups

421
* @param i

422
*/

423
private void createResolvedRolePrincipalSet(String username, Set rolePrincipals, String[] roles, int i)

424
{

425 0
LOG.debug("Group [" + i + "] for user[" + username + "] is [" + roles[i] + "]");

426

427 0
RolePrincipal role = new RolePrincipalImpl(roles[i]);

428 0
Preferences preferences = Preferences.userRoot().node(role.getFullPath());

429 0
LOG.debug("Group name:" + role.getName());

430 0
String[] fullPaths = roleHierarchyResolver.resolve(preferences);

431 0
for (int n = 0; n < fullPaths.length; n++)

432
{

433 0
LOG.debug("Group [" + i + "] for user[" + username + "] is ["

434
+ RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n]) + "]");

435 0
rolePrincipals.add(new RolePrincipalImpl(RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n])));

436
}

437 0
}

438

439

440
/**

441
* @param username

442
* @param groupFullPathName

443
* @throws SecurityException

444
*/

445
private void removeUserFromGroup(String username, String groupFullPathName) throws SecurityException

446
{

447 0
userDao.removeGroup(username, groupFullPathName);

448 0
}

449

450
/**

451
* @param username

452
* @param groupFullPathName

453
* @throws SecurityException

454
*/

455
private void removeUserFromRole(String username, String roleFullPathName) throws SecurityException

456
{

457 0
userDao.removeRole(username, roleFullPathName);

458 0
}

459

460
private void removeRoleFromGroup(String groupFullPathName, String roleFullPathName)throws SecurityException

461
{

462 0
userDao.removeRoleFromGroup(groupFullPathName,roleFullPathName);

463 0
}

464

465

466
/**

467
* @param uid

468
* @return

469
* @throws SecurityException A {@link SecurityException}.

470
*/

471
private UserPrincipal getUser(String uid) throws SecurityException

472
{

473 0
Principal[] user = userDao.find(uid, UserPrincipal.PREFS_USER_ROOT);

474 0
if (user.length == 1)

475
{

476 0
return (UserPrincipal) user[0];

477
}

478
else

479
{

480 0
throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(uid));

481
}

482
}

483

484
/**

485
* @param uid

486
* @return

487
* @throws SecurityException A {@link SecurityException}.

488
*/

489
private GroupPrincipal getGroup(String uid) throws SecurityException

490
{

491 0
Principal[] group = groupDao.find(uid, GroupPrincipal.PREFS_GROUP_ROOT);

492 0
if (group.length == 1)

493
{

494 0
return (GroupPrincipal) group[0];

495
}

496
else

497
{

498 0
throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST.create(uid));

499
}

500
}

501

502
/**

503
* @param uid

504
* @return

505
* @throws SecurityException A {@link SecurityException}.

506
*/

507
private RolePrincipal getRole(String uid) throws SecurityException

508
{

509 0
Principal[] role = roleDao.find(uid, RolePrincipal.PREFS_ROLE_ROOT);

510

511 0
if (role.length == 1)

512

513
{

514 0
return (RolePrincipal) role[0];

515
}

516
else

517
{

518 0
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(uid));

519
}

520
}

521

522
/**

523
* @param username

524
* @param groupFullPathName

525
* @throws SecurityException A {@link SecurityException}.

526
*/

527
private void addGroupToUser(String username, String groupFullPathName) throws SecurityException

528
{

529 0
userDao.addGroup(username, groupFullPathName);

530 0
}

531

532
/**

533
* @param username

534
* @param groupFullPathName

535
* @throws SecurityException A {@link SecurityException}.

536
*/

537
private void addRoleToUser(String username, String roleFullPathName) throws SecurityException

538
{

539 0
userDao.addRole(username, roleFullPathName);

540 0
}

541

542
/**

543
* @param username

544
* @param groupFullPathName

545
* @throws SecurityException A {@link SecurityException}.

546
*/

547
private void addRoleToGroup(String groupFullPathName, String roleFullPathName) throws SecurityException

548
{

549 0
userDao.addRoleToGroup(groupFullPathName, roleFullPathName);

550 0
}

551

552

553
}

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.

1		/*
2		* Licensed to the Apache Software Foundation (ASF) under one or more
3		* contributor license agreements. See the NOTICE file distributed with
4		* this work for additional information regarding copyright ownership.
5		* The ASF licenses this file to You under the Apache License, Version 2.0
6		* (the "License"); you may not use this file except in compliance with
7		* the License. You may obtain a copy of the License at
8		*
9		* http://www.apache.org/licenses/LICENSE-2.0
10		*
11		* Unless required by applicable law or agreed to in writing, software
12		* distributed under the License is distributed on an "AS IS" BASIS,
13		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14		* See the License for the specific language governing permissions and
15		* limitations under the License.
16		*/
17		package org.apache.jetspeed.security.spi.impl;
18
19		import java.security.Principal;
20		import java.util.HashSet;
21		import java.util.Set;
22		import java.util.prefs.Preferences;
23
24		import javax.naming.NamingException;
25
26		import org.apache.commons.logging.Log;
27		import org.apache.commons.logging.LogFactory;
28		import org.apache.jetspeed.security.GroupPrincipal;
29		import org.apache.jetspeed.security.HierarchyResolver;
30		import org.apache.jetspeed.security.RolePrincipal;
31		import org.apache.jetspeed.security.SecurityException;
32		import org.apache.jetspeed.security.UserPrincipal;
33		import org.apache.jetspeed.security.impl.GeneralizationHierarchyResolver;
34		import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
35		import org.apache.jetspeed.security.impl.RolePrincipalImpl;
36		import org.apache.jetspeed.security.impl.UserPrincipalImpl;
37		import org.apache.jetspeed.security.spi.SecurityMappingHandler;
38		import org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl;
39		import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
40		import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;
41		import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDao;
42		import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl;
43
44		/**
45		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler
46		* @author <a href="mailto:mike.long@dataline.com">Mike Long </a><br/>
47		* <a href="mailto:dlestrat@apache.org">David Le Strat </a>
48		*/
49		public class LdapSecurityMappingHandler implements SecurityMappingHandler
50		{
51
52		private LdapUserPrincipalDao userDao;
53
54		private LdapPrincipalDao groupDao;
55
56		private LdapPrincipalDao roleDao;
57
58		/** The logger. */
59	0	private static final Log LOG = LogFactory.getLog(LdapSecurityMappingHandler.class);
60
61		/** The role hierarchy resolver. */
62	0	private HierarchyResolver roleHierarchyResolver = new GeneralizationHierarchyResolver();
63
64		/** The group hierarchy resolver. */
65	0	private HierarchyResolver groupHierarchyResolver = new GeneralizationHierarchyResolver();
66
67		/**
68		* @param userDao
69		* @param groupDao
70		*/
71		public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao,LdapPrincipalDao roleDao)
72	0	{
73	0	this.userDao = userDao;
74	0	this.groupDao = groupDao;
75	0	this.roleDao = roleDao;
76	0	}
77
78		/**
79		* @throws NamingException A {@link NamingException}.
80		* @throws SecurityException A {@link SecurityException}.
81		*/
82		public LdapSecurityMappingHandler() throws SecurityException, NamingException
83	0	{
84	0	this.userDao = new LdapUserPrincipalDaoImpl();
85	0	this.groupDao = new LdapGroupDaoImpl();
86	0	this.roleDao = new LdapRoleDaoImpl();
87	0	}
88
89		/**
90		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRoleHierarchyResolver()
91		*/
92		public HierarchyResolver getRoleHierarchyResolver()
93		{
94	0	return roleHierarchyResolver;
95		}
96
97		/**
98		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRoleHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)
99		*/
100		public void setRoleHierarchyResolver(HierarchyResolver roleHierarchyResolver)
101		{
102	0	this.roleHierarchyResolver = roleHierarchyResolver;
103	0	}
104
105		/**
106		* @return Returns the groupHierarchyResolver.
107		*/
108		public HierarchyResolver getGroupHierarchyResolver()
109		{
110	0	return groupHierarchyResolver;
111		}
112
113		/**
114		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setGroupHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)
115		*/
116		public void setGroupHierarchyResolver(HierarchyResolver groupHierarchyResolver)
117		{
118	0	this.groupHierarchyResolver = groupHierarchyResolver;
119	0	}
120
121		/**
122		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRolePrincipals(java.lang.String)
123		*/
124		public Set getRolePrincipals(String username)
125		{
126	0	Set rolePrincipals = new HashSet();
127		String[] roles;
128		try
129		{
130	0	roles = userDao.getRoleUidsForUser(username);
131	0	for (int i = 0; i < roles.length; i++)
132		{
133	0	createResolvedRolePrincipalSet(username, rolePrincipals, roles, i);
134		}
135		}
136	0	catch (SecurityException e)
137		{
138	0	LOG.error(e);
139	0	}
140	0	return rolePrincipals;
141
142		}
143
144		/**
145		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInRole(java.lang.String,
146		* java.lang.String)
147		*/
148		public void setUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
149		{
150	0	verifyUserAndRoleExist(username, roleFullPathName);
151	0	addRoleToUser(username, roleFullPathName);
152	0	}
153
154		/**
155		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInRole(java.lang.String,
156		* java.lang.String)
157		*/
158		public void removeUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
159		{
160	0	verifyUserAndRoleExist(username, roleFullPathName);
161	0	removeUserFromRole(username, roleFullPathName);
162	0	}
163
164		/**
165		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRolePrincipalsInGroup(java.lang.String)
166		*/
167		public Set getRolePrincipalsInGroup(String groupFullPathName)
168		{
169	0	Set rolePrincipalsInGroup = new HashSet();
170		String[] roles;
171		try
172		{
173		//TODO: see if we can't use the groupDao here
174	0	roles = userDao.getRolesForGroup(groupFullPathName);
175	0	for (int i = 0; i < roles.length; i++)
176		{
177	0	createResolvedRolePrincipalSet(groupFullPathName, rolePrincipalsInGroup, roles, i);
178		}
179		}
180	0	catch (SecurityException e)
181		{
182	0	LOG.error(e);
183	0	}
184	0	return rolePrincipalsInGroup;
185		}
186
187		/**
188		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipalInGroup(java.lang.String,
189		* java.lang.String)
190		*/
191		public void setRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException
192		{
193	0	verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);
194	0	addRoleToGroup(groupFullPathName, roleFullPathName);
195	0	}
196
197		/**
198		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipalInGroup(java.lang.String,
199		* java.lang.String)
200		*/
201		public void removeRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException
202		{
203	0	verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);
204	0	removeRoleFromGroup(groupFullPathName, roleFullPathName);
205	0	}
206
207
208		/**
209		* This method returns the set of group principals associated with a user.
210		*
211		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipals(java.lang.String)
212		*/
213		public Set getGroupPrincipals(String userPrincipalUid)
214		{
215	0	Set groupPrincipals = new HashSet();
216
217		String[] groups;
218		try
219		{
220	0	groups = userDao.getGroupUidsForUser(userPrincipalUid);
221	0	for (int i = 0; i < groups.length; i++)
222		{
223	0	createResolvedGroupPrincipalSet(userPrincipalUid, groupPrincipals, groups, i);
224		}
225		}
226	0	catch (SecurityException e)
227		{
228	0	LOG.error(e);
229	0	}
230	0	return groupPrincipals;
231		}
232
233		/**
234		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipalsInRole(java.lang.String)
235		*/
236		public Set getGroupPrincipalsInRole(String roleFullPathName)
237		{
238	0	Set groupPrincipals = new HashSet();
239	0	return groupPrincipals;
240		}
241
242		/**
243		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getUserPrincipalsInRole(java.lang.String)
244		*/
245		public Set getUserPrincipalsInRole(String roleFullPathName)
246		{
247		//TODO: Check that this is correct
248	0	Set userPrincipals = new HashSet();
249	0	String[] fullPaths = {roleFullPathName};
250		try
251		{
252	0	getUserPrincipalsInRole(userPrincipals, fullPaths);
253		}
254	0	catch (SecurityException e)
255		{
256	0	LOG.error(e);
257	0	}
258	0	return userPrincipals;
259		}
260
261		/**
262		* <p>
263		* This method is the analog of the getGroupPrincipals except it returns the
264		* set of user principals in a group.
265		* </p>
266		*
267		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getUserPrincipalsInGroup(java.lang.String)
268		*/
269		public Set getUserPrincipalsInGroup(String groupFullPathName)
270		{
271	0	Set userPrincipals = new HashSet();
272
273		//TODO: Check that this is correct
274	0	String[] fullPaths = {groupFullPathName};
275
276		try
277		{
278	0	getUserPrincipalsInGroup(userPrincipals, fullPaths);
279		}
280	0	catch (SecurityException e)
281		{
282	0	LOG.error(e);
283	0	}
284	0	return userPrincipals;
285		}
286
287		/**
288		* <p>
289		* Gets the user principals in groups.
290		* </p>
291		*
292		* @param userPrincipals
293		* @param fullPaths
294		* @throws SecurityException A {@link SecurityException}.
295		*/
296		private void getUserPrincipalsInGroup(Set userPrincipals, String[] fullPaths) throws SecurityException
297		{
298	0	for (int i = 0; i < fullPaths.length; i++)
299		{
300	0	String[] usersInGroup = userDao.getUserUidsForGroup(fullPaths[i]);
301	0	for (int y = 0; y < usersInGroup.length; y++)
302		{
303	0	Principal userPrincipal = new UserPrincipalImpl(usersInGroup[y]);
304	0	userPrincipals.add(userPrincipal);
305		}
306		}
307	0	}
308
309		/**
310		* <p>
311		* Gets the user principals in groups.
312		* </p>
313		*
314		* @param userPrincipals
315		* @param fullPaths
316		* @throws SecurityException A {@link SecurityException}.
317		*/
318		private void getUserPrincipalsInRole(Set userPrincipals, String[] fullPaths) throws SecurityException
319		{
320	0	for (int i = 0; i < fullPaths.length; i++)
321		{
322	0	String[] usersInRole = userDao.getUserUidsForRole(fullPaths[i]);
323	0	for (int y = 0; y < usersInRole.length; y++)
324		{
325	0	Principal userPrincipal = new UserPrincipalImpl(usersInRole[y]);
326	0	userPrincipals.add(userPrincipal);
327		}
328		}
329	0	}
330
331		/**
332		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInGroup(java.lang.String,
333		* java.lang.String)
334		*/
335		public void setUserPrincipalInGroup(String username, String groupFullPathName) throws SecurityException
336		{
337	0	verifyUserAndGroupExist(username, groupFullPathName);
338	0	addGroupToUser(username, groupFullPathName);
339	0	}
340
341		/**
342		* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInGroup(java.lang.String,
343		* java.lang.String)
344		*/
345		public void removeUserPrincipalInGroup(String username, String groupFullPathName) throws SecurityException
346		{
347	0	verifyUserAndGroupExist(username, groupFullPathName);
348	0	removeUserFromGroup(username, groupFullPathName);
349	0	}
350		/**
351		* @param username
352		* @param groupFullPathName
353		* @throws SecurityException
354		*/
355		private void verifyGroupAndRoleExist(String groupFullPathName, String roleFullPathName) throws SecurityException
356		{
357	0	GroupPrincipal group = getGroup(groupFullPathName);
358	0	RolePrincipal role = getRole(roleFullPathName);
359	0	if ((null == group) && (class="keyword">null == role))
360		{
361	0	throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST);
362		}
363	0	}
364
365		/**
366		* @param username
367		* @param groupFullPathName
368		* @throws SecurityException
369		*/
370		private void verifyUserAndGroupExist(String username, String groupFullPathName) throws SecurityException
371		{
372	0	UserPrincipal user = getUser(username);
373	0	GroupPrincipal group = getGroup(groupFullPathName);
374	0	if ((null == user) && (class="keyword">null == group))
375		{
376	0	throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
377		}
378	0	}
379
380		/**
381		* @param username
382		* @param groupFullPathName
383		* @throws SecurityException
384		*/
385		private void verifyUserAndRoleExist(String username, String roleFullPathName) throws SecurityException
386		{
387	0	UserPrincipal user = getUser(username);
388	0	RolePrincipal role = getRole(roleFullPathName);
389	0	if ((null == user) && (class="keyword">null == role))
390		{
391	0	throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
392		}
393	0	}
394
395		/**
396		* @param username
397		* @param groupPrincipals
398		* @param groups
399		* @param i
400		*/
401		private void createResolvedGroupPrincipalSet(String username, Set groupPrincipals, String[] groups, int i)
402		{
403	0	LOG.debug("Group [" + i + "] for user[" + username + "] is [" + groups[i] + "]");
404
405	0	GroupPrincipal group = new GroupPrincipalImpl(groups[i]);
406	0	Preferences preferences = Preferences.userRoot().node(group.getFullPath());
407	0	LOG.debug("Group name:" + group.getName());
408	0	String[] fullPaths = groupHierarchyResolver.resolve(preferences);
409	0	for (int n = 0; n < fullPaths.length; n++)
410		{
411	0	LOG.debug("Group [" + i + "] for user[" + username + "] is ["
412		+ GroupPrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n]) + "]");
413	0	groupPrincipals.add(new GroupPrincipalImpl(GroupPrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n])));
414		}
415	0	}
416
417		/**
418		* @param username
419		* @param groupPrincipals
420		* @param groups
421		* @param i
422		*/
423		private void createResolvedRolePrincipalSet(String username, Set rolePrincipals, String[] roles, int i)
424		{
425	0	LOG.debug("Group [" + i + "] for user[" + username + "] is [" + roles[i] + "]");
426
427	0	RolePrincipal role = new RolePrincipalImpl(roles[i]);
428	0	Preferences preferences = Preferences.userRoot().node(role.getFullPath());
429	0	LOG.debug("Group name:" + role.getName());
430	0	String[] fullPaths = roleHierarchyResolver.resolve(preferences);
431	0	for (int n = 0; n < fullPaths.length; n++)
432		{
433	0	LOG.debug("Group [" + i + "] for user[" + username + "] is ["
434		+ RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n]) + "]");
435	0	rolePrincipals.add(new RolePrincipalImpl(RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n])));
436		}
437	0	}
438
439
440		/**
441		* @param username
442		* @param groupFullPathName
443		* @throws SecurityException
444		*/
445		private void removeUserFromGroup(String username, String groupFullPathName) throws SecurityException
446		{
447	0	userDao.removeGroup(username, groupFullPathName);
448	0	}
449
450		/**
451		* @param username
452		* @param groupFullPathName
453		* @throws SecurityException
454		*/
455		private void removeUserFromRole(String username, String roleFullPathName) throws SecurityException
456		{
457	0	userDao.removeRole(username, roleFullPathName);
458	0	}
459
460		private void removeRoleFromGroup(String groupFullPathName, String roleFullPathName)throws SecurityException
461		{
462	0	userDao.removeRoleFromGroup(groupFullPathName,roleFullPathName);
463	0	}
464
465
466		/**
467		* @param uid
468		* @return
469		* @throws SecurityException A {@link SecurityException}.
470		*/
471		private UserPrincipal getUser(String uid) throws SecurityException
472		{
473	0	Principal[] user = userDao.find(uid, UserPrincipal.PREFS_USER_ROOT);
474	0	if (user.length == 1)
475		{
476	0	return (UserPrincipal) user[0];
477		}
478		else
479		{
480	0	throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(uid));
481		}
482		}
483
484		/**
485		* @param uid
486		* @return
487		* @throws SecurityException A {@link SecurityException}.
488		*/
489		private GroupPrincipal getGroup(String uid) throws SecurityException
490		{
491	0	Principal[] group = groupDao.find(uid, GroupPrincipal.PREFS_GROUP_ROOT);
492	0	if (group.length == 1)
493		{
494	0	return (GroupPrincipal) group[0];
495		}
496		else
497		{
498	0	throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST.create(uid));
499		}
500		}
501
502		/**
503		* @param uid
504		* @return
505		* @throws SecurityException A {@link SecurityException}.
506		*/
507		private RolePrincipal getRole(String uid) throws SecurityException
508		{
509	0	Principal[] role = roleDao.find(uid, RolePrincipal.PREFS_ROLE_ROOT);
510
511	0	if (role.length == 1)
512
513		{
514	0	return (RolePrincipal) role[0];
515		}
516		else
517		{
518	0	throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(uid));
519		}
520		}
521
522		/**
523		* @param username
524		* @param groupFullPathName
525		* @throws SecurityException A {@link SecurityException}.
526		*/
527		private void addGroupToUser(String username, String groupFullPathName) throws SecurityException
528		{
529	0	userDao.addGroup(username, groupFullPathName);
530	0	}
531
532		/**
533		* @param username
534		* @param groupFullPathName
535		* @throws SecurityException A {@link SecurityException}.
536		*/
537		private void addRoleToUser(String username, String roleFullPathName) throws SecurityException
538		{
539	0	userDao.addRole(username, roleFullPathName);
540	0	}
541
542		/**
543		* @param username
544		* @param groupFullPathName
545		* @throws SecurityException A {@link SecurityException}.
546		*/
547		private void addRoleToGroup(String groupFullPathName, String roleFullPathName) throws SecurityException
548		{
549	0	userDao.addRoleToGroup(groupFullPathName, roleFullPathName);
550	0	}
551
552
553		}