View Javadoc

1   /*
2    * Copyright 2000-2001,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.om.security.ldap;
18  
19  import java.util.Vector;
20  import javax.naming.directory.Attribute;
21  import javax.naming.directory.BasicAttribute;
22  import javax.naming.directory.BasicAttributes;
23  import org.apache.jetspeed.om.security.Role;
24  import org.apache.jetspeed.services.JetspeedLDAP;
25  import org.apache.jetspeed.services.ldap.LDAPURL;
26  import org.apache.jetspeed.services.security.RoleException;
27  
28  /***
29   *
30   * @author <a href="mailto:ender@kilicoglu.nom.tr">Ender KILICOGLU</a>
31   * @author <a href="mailto:sami.leino@netorek.fi">Sami Leino</a>
32   *
33   * @version $Id: LDAPRole.java,v 1.6 2004/02/23 03:12:13 jford Exp $ 
34   * 
35   */
36  public class LDAPRole extends BaseLDAPObject implements Role {
37  
38      // ---------------------------- Constants ----------------------------
39  
40      protected static final String OBJECT_CLASS          = "jetspeedrole";
41      protected static final String ORGANIZATIONAL_UNIT   = "ou=roles";
42  
43      protected static final String ATTR_ROLE_PERMISSIONS = "rolepermissions";
44      protected static final String ATTR_ROLE_NAME        = "rolename";
45      protected static final String ATTR_ROLE_ID          = "uid";
46  
47      // ------------------------- Member variables ------------------------
48  
49      protected String name                               = null;
50      protected String id                                 = null;
51      protected Vector rolePermissions                    = null;
52      protected boolean isNew                             = true;
53  
54      // --------------------------- Constructors --------------------------
55  
56      public LDAPRole()
57      {
58          rolePermissions = new Vector();
59          isNew = true;
60      }
61  
62      public LDAPRole(String id)
63      {
64          this.setId(id);
65          isNew = true;
66          rolePermissions = new Vector();
67      }
68  
69      public LDAPRole(String name, boolean isNew)
70  
71      {
72  		name = super.createId(name);
73          super.ldapurl = JetspeedLDAP.buildURL(ATTR_ROLE_ID + "=" + name + "," + ORGANIZATIONAL_UNIT);
74          this.isNew = isNew;
75  
76          if (isNew)
77          {
78              rolePermissions = new Vector();
79              this.setName(name);
80              super.myAttrs = new BasicAttributes();
81              super.myAttrs.put(ATTR_ROLE_ID, this.id);
82              super.myAttrs.put(ATTR_ROLE_NAME, this.name);
83  			super.setObjectClass(OBJECT_CLASS);
84          }
85          else
86          {
87              super.myAttrs = JetspeedLDAP.read(super.ldapurl);
88              this.id = getutil(ATTR_ROLE_ID);
89              this.name = getutil(ATTR_ROLE_NAME);
90              this.rolePermissions = getutil(ATTR_ROLE_PERMISSIONS, true);
91          }
92      }
93  
94      public LDAPRole(LDAPURL ldapurl)
95      {
96          super.ldapurl = ldapurl;
97          super.myAttrs =  JetspeedLDAP.read(ldapurl);
98          this.id = getutil(ATTR_ROLE_ID);
99          this.name = getutil(ATTR_ROLE_NAME);
100         this.rolePermissions = getutil(ATTR_ROLE_PERMISSIONS, true);
101     }
102 
103     // --------------------- Persistence operations ----------------------
104 
105     public void update(boolean create)
106 	throws RoleException
107     {
108         removeutil("createTimeStamp", false);
109         removeutil("modifyTimeStamp", false);       
110 
111 		setutil(ATTR_ROLE_PERMISSIONS, rolePermissions, create);
112 		
113         if (create)
114         {
115             if (JetspeedLDAP.addEntry(super.ldapurl, super.myAttrs) == false) throw new RoleException("Failed to insert role in LDAP!");
116         }
117         else if (JetspeedLDAP.exists(super.ldapurl))
118         {
119             JetspeedLDAP.deleteAttrs(super.ldapurl, super.rmAttrs);
120 			// These two method calls shouldn't be needed anymore.
121 			// If you face some problems with role permissions, 
122 			// you can remove the comments from below and try again. 
123             //  removePreviousPermissionsFromLDAP();
124             //  super.myAttrs.put(toAttribute(ATTR_ROLE_PERMISSIONS, rolePermissions));
125             if (JetspeedLDAP.updateEntry(super.ldapurl, super.myAttrs) == false) throw new RoleException("Failed to update role in LDAP!");
126         }
127     }
128 
129     public void removePreviousPermissionsFromLDAP()
130     {
131         Vector previousPermissions = getutil(ATTR_ROLE_PERMISSIONS, true);
132         BasicAttributes attrs = new BasicAttributes();
133  
134         for (int i=0; i < previousPermissions.size(); i++)
135         {
136             String uid = (String)previousPermissions.get(i);
137             //Log.debug("Deleting value '" + uid + "' from rolepermissions.");
138             attrs.put(ATTR_ROLE_PERMISSIONS, uid);
139         }
140 
141         JetspeedLDAP.deleteAttrs(super.ldapurl, attrs);
142     }
143 
144     public Attribute toAttribute(String id, Vector values)
145     {
146         Attribute attr = new BasicAttribute(id);
147  
148         for (int i=0; i < values.size(); i++)
149         {
150             String uid = (String)values.get(i);
151             //Log.debug("Adding value '" + uid + "' to rolepermissions.");
152             attr.add(uid);
153         }
154 
155         return attr;
156     }
157 
158     // ------------------------ Accessor methods -------------------------
159 
160     /***
161      * Get the name of the Role
162      *
163      * @return the name of the role.
164      */
165     public String getName()
166     {
167         return name;
168     }
169  
170     /***
171      * Set the name of the Role
172      *
173      * @param roleName the name of the Role.
174      */
175     public void setName(String roleName)
176     {
177     	setId(roleName);
178         name = super.createId(roleName);
179     }
180 
181     /***
182      * Get the id of the Role
183      *
184      * @return the id of the role.
185      */
186     public String getId()
187     {
188         return id;
189     }
190 
191     /***
192      * Set the id of the Role
193      *
194      * @param id the new id for the role
195      */
196     public void setId(String id)
197     {      
198         if (this.id == null)
199         {
200             this.id = super.createId(id);
201         }
202     }
203 
204     public boolean isNew()
205     {
206         return isNew;
207     }
208 
209     void setNew(boolean isNew)
210     {
211         this.isNew = isNew;
212     }
213 
214     public Vector getRolePermissions()
215     {
216         return rolePermissions;
217     }
218 
219     public void addRolePermissions(String rolePermission)
220     {
221         if (!(permissionExists(rolePermission)))
222         {
223             rolePermissions.add(rolePermission);
224         }
225     }
226 
227     public void removeRolePermissions(String rolePermission)
228     {
229         rolePermissions.remove(rolePermission);
230     }
231 
232     public boolean permissionExists(String rolePermission)
233     {
234         if (rolePermissions.indexOf(rolePermission) != -1)
235         {
236             return true;
237         }
238         else
239         {
240             return false;
241         }
242     }
243             
244 
245 }
246