1 |
|
package org.apache.fulcrum.security.memory.dynamic; |
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
import org.apache.commons.logging.Log; |
18 |
|
import org.apache.commons.logging.LogFactory; |
19 |
|
import org.apache.fulcrum.security.entity.Group; |
20 |
|
import org.apache.fulcrum.security.entity.Permission; |
21 |
|
import org.apache.fulcrum.security.entity.Role; |
22 |
|
import org.apache.fulcrum.security.entity.User; |
23 |
|
import org.apache.fulcrum.security.model.dynamic.AbstractDynamicModelManager; |
24 |
|
import org.apache.fulcrum.security.model.dynamic.DynamicModelManager; |
25 |
|
import org.apache.fulcrum.security.model.dynamic.entity.DynamicGroup; |
26 |
|
import org.apache.fulcrum.security.model.dynamic.entity.DynamicPermission; |
27 |
|
import org.apache.fulcrum.security.model.dynamic.entity.DynamicRole; |
28 |
|
import org.apache.fulcrum.security.model.dynamic.entity.DynamicUser; |
29 |
|
import org.apache.fulcrum.security.util.DataBackendException; |
30 |
|
import org.apache.fulcrum.security.util.UnknownEntityException; |
31 |
|
|
32 |
|
|
33 |
|
|
34 |
|
|
35 |
|
|
36 |
|
|
37 |
|
|
38 |
|
|
39 |
252 |
public class MemoryModelManagerImpl |
40 |
|
extends AbstractDynamicModelManager |
41 |
|
implements DynamicModelManager |
42 |
|
{ |
43 |
|
|
44 |
24 |
private static Log log = LogFactory.getLog(MemoryModelManagerImpl.class); |
45 |
|
|
46 |
|
|
47 |
|
|
48 |
|
|
49 |
|
|
50 |
|
|
51 |
|
|
52 |
|
|
53 |
|
|
54 |
|
|
55 |
|
|
56 |
|
public void grant(User user, Group group) throws DataBackendException, UnknownEntityException |
57 |
|
{ |
58 |
15 |
boolean groupExists = false; |
59 |
15 |
boolean userExists = false; |
60 |
|
try |
61 |
|
{ |
62 |
15 |
groupExists = getGroupManager().checkExists(group); |
63 |
15 |
userExists = getUserManager().checkExists(user); |
64 |
15 |
if (groupExists && userExists) |
65 |
|
{ |
66 |
15 |
((DynamicUser) user).addGroup(group); |
67 |
15 |
((DynamicGroup) group).addUser(user); |
68 |
15 |
return; |
69 |
|
} |
70 |
|
} |
71 |
0 |
catch (Exception e) |
72 |
|
{ |
73 |
0 |
throw new DataBackendException("grant(Role,Permission) failed", e); |
74 |
|
} |
75 |
|
|
76 |
0 |
if (!groupExists) |
77 |
|
{ |
78 |
0 |
throw new UnknownEntityException("Unknown group '" + group.getName() + "'"); |
79 |
|
} |
80 |
0 |
if (!userExists) |
81 |
|
{ |
82 |
0 |
throw new UnknownEntityException("Unknown user '" + user.getName() + "'"); |
83 |
|
} |
84 |
0 |
} |
85 |
|
|
86 |
|
|
87 |
|
|
88 |
|
|
89 |
|
|
90 |
|
|
91 |
|
|
92 |
|
|
93 |
|
|
94 |
|
public void revoke(User user, Group group) throws DataBackendException, UnknownEntityException |
95 |
|
{ |
96 |
6 |
boolean groupExists = false; |
97 |
6 |
boolean userExists = false; |
98 |
|
try |
99 |
|
{ |
100 |
6 |
groupExists = getGroupManager().checkExists(group); |
101 |
6 |
userExists = getUserManager().checkExists(user); |
102 |
6 |
if (groupExists && userExists) |
103 |
|
{ |
104 |
6 |
((DynamicUser) user).removeGroup(group); |
105 |
6 |
((DynamicGroup) group).removeUser(user); |
106 |
6 |
return; |
107 |
|
} |
108 |
|
} |
109 |
0 |
catch (Exception e) |
110 |
|
{ |
111 |
0 |
throw new DataBackendException("grant(Role,Permission) failed", e); |
112 |
|
} |
113 |
|
|
114 |
0 |
if (!groupExists) |
115 |
|
{ |
116 |
0 |
throw new UnknownEntityException("Unknown group '" + group.getName() + "'"); |
117 |
|
} |
118 |
0 |
if (!userExists) |
119 |
|
{ |
120 |
0 |
throw new UnknownEntityException("Unknown user '" + user.getName() + "'"); |
121 |
|
} |
122 |
0 |
} |
123 |
|
|
124 |
|
|
125 |
|
|
126 |
|
|
127 |
|
|
128 |
|
|
129 |
|
|
130 |
|
|
131 |
|
|
132 |
|
public synchronized void grant(Group group, Role role) |
133 |
|
throws DataBackendException, UnknownEntityException |
134 |
|
{ |
135 |
120 |
boolean groupExists = false; |
136 |
120 |
boolean roleExists = false; |
137 |
|
try |
138 |
|
{ |
139 |
120 |
groupExists = getGroupManager().checkExists(group); |
140 |
120 |
roleExists = getRoleManager().checkExists(role); |
141 |
120 |
if (groupExists && roleExists) |
142 |
|
{ |
143 |
120 |
((DynamicGroup) group).addRole(role); |
144 |
120 |
((DynamicRole) role).addGroup(group); |
145 |
120 |
return; |
146 |
|
} |
147 |
|
} |
148 |
0 |
catch (Exception e) |
149 |
|
{ |
150 |
0 |
throw new DataBackendException("grant(Group,Role) failed", e); |
151 |
|
} |
152 |
0 |
if (!groupExists) |
153 |
|
{ |
154 |
0 |
throw new UnknownEntityException("Unknown group '" + group.getName() + "'"); |
155 |
|
} |
156 |
0 |
if (!roleExists) |
157 |
|
{ |
158 |
0 |
throw new UnknownEntityException("Unknown role '" + role.getName() + "'"); |
159 |
|
} |
160 |
0 |
} |
161 |
|
|
162 |
|
|
163 |
|
|
164 |
|
|
165 |
|
|
166 |
|
|
167 |
|
|
168 |
|
|
169 |
|
public synchronized void revoke(Group group, Role role) |
170 |
|
throws DataBackendException, UnknownEntityException |
171 |
|
{ |
172 |
6 |
boolean groupExists = false; |
173 |
6 |
boolean roleExists = false; |
174 |
|
try |
175 |
|
{ |
176 |
6 |
groupExists = getGroupManager().checkExists(group); |
177 |
6 |
roleExists = getRoleManager().checkExists(role); |
178 |
6 |
if (groupExists && roleExists) |
179 |
|
{ |
180 |
6 |
((DynamicGroup) group).removeRole(role); |
181 |
6 |
((DynamicRole) role).removeGroup(group); |
182 |
6 |
return; |
183 |
|
} |
184 |
|
} |
185 |
0 |
catch (Exception e) |
186 |
|
{ |
187 |
0 |
throw new DataBackendException("revoke(Group,Role) failed", e); |
188 |
|
} |
189 |
|
|
190 |
0 |
if (!groupExists) |
191 |
|
{ |
192 |
0 |
throw new UnknownEntityException("Unknown group '" + group.getName() + "'"); |
193 |
|
} |
194 |
0 |
if (!roleExists) |
195 |
|
{ |
196 |
0 |
throw new UnknownEntityException("Unknown role '" + role.getName() + "'"); |
197 |
|
} |
198 |
0 |
} |
199 |
|
|
200 |
|
|
201 |
|
|
202 |
|
|
203 |
|
|
204 |
|
|
205 |
|
|
206 |
|
|
207 |
|
public synchronized void grant(Role role, Permission permission) |
208 |
|
throws DataBackendException, UnknownEntityException |
209 |
|
{ |
210 |
123 |
boolean roleExists = false; |
211 |
123 |
boolean permissionExists = false; |
212 |
|
try |
213 |
|
{ |
214 |
123 |
roleExists = getRoleManager().checkExists(role); |
215 |
123 |
permissionExists = getPermissionManager().checkExists(permission); |
216 |
123 |
if (roleExists && permissionExists) |
217 |
|
{ |
218 |
123 |
((DynamicRole) role).addPermission(permission); |
219 |
123 |
((DynamicPermission)permission).addRole(role); |
220 |
123 |
return; |
221 |
|
} |
222 |
|
} |
223 |
0 |
catch (Exception e) |
224 |
|
{ |
225 |
0 |
throw new DataBackendException("grant(Role,Permission) failed", e); |
226 |
|
} |
227 |
|
|
228 |
0 |
if (!roleExists) |
229 |
|
{ |
230 |
0 |
throw new UnknownEntityException("Unknown role '" + role.getName() + "'"); |
231 |
|
} |
232 |
0 |
if (!permissionExists) |
233 |
|
{ |
234 |
0 |
throw new UnknownEntityException("Unknown permission '" + permission.getName() + "'"); |
235 |
|
} |
236 |
0 |
} |
237 |
|
|
238 |
|
|
239 |
|
|
240 |
|
|
241 |
|
|
242 |
|
|
243 |
|
|
244 |
|
|
245 |
|
public synchronized void revoke(Role role, Permission permission) |
246 |
|
throws DataBackendException, UnknownEntityException |
247 |
|
{ |
248 |
21 |
boolean roleExists = false; |
249 |
21 |
boolean permissionExists = false; |
250 |
|
try |
251 |
|
{ |
252 |
21 |
roleExists = getRoleManager().checkExists(role); |
253 |
21 |
permissionExists = getPermissionManager().checkExists(permission); |
254 |
21 |
if (roleExists && permissionExists) |
255 |
|
{ |
256 |
21 |
((DynamicRole) role).removePermission(permission); |
257 |
21 |
((DynamicPermission) permission).removeRole(role); |
258 |
21 |
return; |
259 |
|
} |
260 |
|
} |
261 |
0 |
catch (Exception e) |
262 |
|
{ |
263 |
0 |
throw new DataBackendException("revoke(Role,Permission) failed", e); |
264 |
|
} |
265 |
|
|
266 |
0 |
if (!roleExists) |
267 |
|
{ |
268 |
0 |
throw new UnknownEntityException("Unknown role '" + role.getName() + "'"); |
269 |
|
} |
270 |
0 |
if (!permissionExists) |
271 |
|
{ |
272 |
0 |
throw new UnknownEntityException("Unknown permission '" + permission.getName() + "'"); |
273 |
|
} |
274 |
0 |
} |
275 |
|
|
276 |
|
} |