1/*2 * Copyright 2000-2004 The Apache Software Foundation.3 * 4 * Licensed under the Apache License, Version 2.0 (the "License");5 * you may not use this file except in compliance with the License.6 * You may obtain a copy of the License at7 * 8 * http://www.apache.org/licenses/LICENSE-2.09 * 10 * Unless required by applicable law or agreed to in writing, software11 * distributed under the License is distributed on an "AS IS" BASIS,12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.13 * See the License for the specific language governing permissions and14 * limitations under the License.15 */1617packageorg.apache.jetspeed.services.security.nosecurity;
1819import java.util.Iterator;
20import java.util.Vector;
2122// Jetspeed Security23import org.apache.jetspeed.services.security.RoleManagement;
2425import org.apache.jetspeed.om.security.Role;
2627import org.apache.jetspeed.services.JetspeedSecurity;
28import org.apache.jetspeed.om.security.BaseJetspeedRole;
2930// Jetspeed Security Exceptions31import org.apache.jetspeed.services.security.JetspeedSecurityException;
3233// Turbine34import org.apache.turbine.services.TurbineBaseService;
3536/***37 * <p> The <code>NoRoleManagement</code> class is a Jetspeed38 * security provider, implementing the <code>RoleManagement</code> interface.39 * It provides no role management - only the "user" role exists for any user, no roles are40 * listed or saved, any role requested is supplied with a temp. Role object.41 *42 * @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>43 * @version $Id: NoRoleManagement.java,v 1.3 2004/02/23 03:53:24 jford Exp $44 */45publicclassNoRoleManagement46extends TurbineBaseService
47 implements RoleManagement48 {
49/***50 * Retrieves all <code>Role</code>s for a given username principal.51 *52 * The security service may optionally check the current user context53 * to determine if the requestor has permission to perform this action.54 *55 * @param username a user principal identity to be retrieved.56 * @return Iterator over all roles associated to the user principal.57 * @exception RoleException when the security provider has a general failure.58 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege59 */60public Iterator getRoles(String username)
61 throws JetspeedSecurityException62 {
63// give everyone the "user" role64 Vector v = new Vector(1);
65BaseJetspeedRole r = newBaseJetspeedRole();
66//r.setNew(false);67 r.setName(JetspeedSecurity.JETSPEED_ROLE_USER);
68 r.setId(JetspeedSecurity.JETSPEED_ROLE_USER);
69 v.add(r);
70return v.iterator();
71 }
7273/***74 * Retrieves all <code>Role</code>s.75 *76 * The security service may optionally check the current user context77 * to determine if the requestor has permission to perform this action.78 *79 * @return Iterator over all roles.80 * @exception RoleException when the security provider has a general failure.81 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege82 */83public Iterator getRoles()
84 throws JetspeedSecurityException85 {
86returnnew Vector().iterator();
87 }
8889/***90 * Adds a <code>Role</code> into permanent storage.91 *92 * The security service may optionally check the current user context93 * to determine if the requestor has permission to perform this action.94 *95 * @exception RoleException when the security provider has a general failure.96 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege97 */98publicvoid addRole(Role role)
99 throws JetspeedSecurityException100 {
101 }
102103/***104 * Saves a <code>Role</code> into permanent storage.105 *106 * The security service may optionally check the current user context107 * to determine if the requestor has permission to perform this action.108 *109 * @exception RoleException when the security provider has a general failure.110 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege111 */112publicvoid saveRole(Role role)
113 throws JetspeedSecurityException114 {
115 }
116117/***118 * Removes a <code>Role</code> from the permanent store.119 *120 * The security service may optionally check the current user context121 * to determine if the requestor has permission to perform this action.122 *123 * @param rolename the principal identity of the role to be retrieved.124 * @exception RoleException when the security provider has a general failure.125 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege126 */127publicvoid removeRole(String rolename)
128 throws JetspeedSecurityException129 {
130 }
131132/***133 * Grants a role to a user.134 *135 * The security service may optionally check the current user context136 * to determine if the requestor has permission to perform this action.137 *138 * @exception RoleException when the security provider has a general failure retrieving roles.139 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege140 */141publicvoid grantRole(String username, String rolename)
142 throws JetspeedSecurityException143 {
144 }
145146publicvoid grantRole(String username, String rolename, String groupname)
147 throws JetspeedSecurityException148 {
149 }
150151/***152 * Grants a role to a user for a specific group.153 *154 * The security service may optionally check the current user context155 * to determine if the requestor has permission to perform this action.156 *157 * @exception RoleException when the security provider has a general failure retrieving roles.158 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege159 */160publicvoid grantGroupRole(String username, String groupname, String rolename)
161 throws JetspeedSecurityException162 {
163 }
164165/***166 * Revokes a role from a user.167 *168 * The security service may optionally check the current user context169 * to determine if the requestor has permission to perform this action.170 *171 * @exception RoleException when the security provider has a general failure retrieving roles.172 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege173 */174publicvoid revokeRole(String username, String rolename)
175 throws JetspeedSecurityException176 {
177 }
178179/***180 * Revokes a role from a user for a specific group.181 *182 * The security service may optionally check the current user context183 * to determine if the requestor has permission to perform this action.184 *185 * @exception RoleException when the security provider has a general failure retrieving roles.186 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege187 */188publicvoid revokeRole(String username, String rolename, String groupname)
189 throws JetspeedSecurityException190 {
191 }
192193/***194 * Checks for the relationship of user has a role. Returns true when the user has the given role.195 *196 * The security service may optionally check the current user context197 * to determine if the requestor has permission to perform this action.198 *199 * @exception RoleException when the security provider has a general failure retrieving roles.200 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege201 */202publicboolean hasRole(String username, String rolename)
203 throws JetspeedSecurityException204 {
205// give everyone the "user" role206if (rolename.equals(JetspeedSecurity.JETSPEED_ROLE_USER)) returntrue;
207208return false;
209 }
210211publicboolean hasRole(String username, String rolename, String groupname)
212 throws JetspeedSecurityException213 {
214// give everyone the "user" role215if (rolename.equals(JetspeedSecurity.JETSPEED_ROLE_USER) &&
216 groupname.equals(JetspeedSecurity.JETSPEED_GROUP)) returntrue;
217218return false;
219 }
220221/***222 * Retrieves a single <code>Role</code> for a given rolename principal.223 *224 * The security service may optionally check the current user context225 * to determine if the requestor has permission to perform this action.226 *227 * @param rolename a role principal identity to be retrieved.228 * @return Role the role record retrieved.229 * @exception RoleException when the security provider has a general failure.230 * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege231 */232publicRole getRole(String rolename)
233 throws JetspeedSecurityException234 {
235BaseJetspeedRole r = newBaseJetspeedRole();
236//r.setNew(false);237 r.setName(rolename);
238 r.setId(rolename);
239return r;
240 }
241 }
242