View Javadoc

1   /*
2    * Copyright 2000-2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.services.security.nosecurity;
18  
19  import java.util.Iterator;
20  import java.util.Vector;
21  
22  // Jetspeed Security
23  import org.apache.jetspeed.services.security.RoleManagement;
24  
25  import org.apache.jetspeed.om.security.Role;
26  
27  import org.apache.jetspeed.services.JetspeedSecurity;
28  import org.apache.jetspeed.om.security.BaseJetspeedRole;
29  
30  // Jetspeed Security Exceptions
31  import org.apache.jetspeed.services.security.JetspeedSecurityException;
32  
33  // Turbine
34  import org.apache.turbine.services.TurbineBaseService;
35  
36  /***
37   * <p> The <code>NoRoleManagement</code> class is a Jetspeed
38   * security provider, implementing the <code>RoleManagement</code> interface.
39   * It provides no role management - only the "user" role exists for any user, no roles are
40   * listed or saved, any role requested is supplied with a temp. Role object.
41   *
42   * @author <a href="mailto:ggolden@apache.org">Glenn R. Golden</a>
43   * @version $Id: NoRoleManagement.java,v 1.3 2004/02/23 03:53:24 jford Exp $
44   */
45  public class NoRoleManagement
46      extends TurbineBaseService
47     implements RoleManagement
48  {
49      /***
50       * Retrieves all <code>Role</code>s for a given username principal.
51       *
52       * The security service may optionally check the current user context
53       * to determine if the requestor has permission to perform this action.
54       *
55       * @param username a user principal identity to be retrieved.
56       * @return Iterator over all roles associated to the user principal.
57       * @exception RoleException when the security provider has a general failure.
58       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
59       */
60      public Iterator getRoles(String username)
61          throws JetspeedSecurityException
62      {
63          // give everyone the "user" role
64          Vector v = new Vector(1);
65          BaseJetspeedRole r = new BaseJetspeedRole();
66          //r.setNew(false);
67          r.setName(JetspeedSecurity.JETSPEED_ROLE_USER);
68          r.setId(JetspeedSecurity.JETSPEED_ROLE_USER);
69          v.add(r);
70          return v.iterator();
71      }
72  
73      /***
74       * Retrieves all <code>Role</code>s.
75       *
76       * The security service may optionally check the current user context
77       * to determine if the requestor has permission to perform this action.
78       *
79       * @return Iterator over all roles.
80       * @exception RoleException when the security provider has a general failure.
81       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
82       */
83      public Iterator getRoles()
84          throws JetspeedSecurityException
85      {
86          return new Vector().iterator();
87      }
88  
89      /***
90       * Adds a <code>Role</code> into permanent storage.
91       *
92       * The security service may optionally check the current user context
93       * to determine if the requestor has permission to perform this action.
94       *
95       * @exception RoleException when the security provider has a general failure.
96       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
97       */
98      public void addRole(Role role)
99          throws JetspeedSecurityException
100     {
101     }
102 
103     /***
104      * Saves a <code>Role</code> into permanent storage.
105      *
106      * The security service may optionally check the current user context
107      * to determine if the requestor has permission to perform this action.
108      *
109      * @exception RoleException when the security provider has a general failure.
110      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
111      */
112     public void saveRole(Role role)
113         throws JetspeedSecurityException
114     {
115     }
116 
117     /***
118      * Removes a <code>Role</code> from the permanent store.
119      *
120      * The security service may optionally check the current user context
121      * to determine if the requestor has permission to perform this action.
122      *
123      * @param rolename the principal identity of the role to be retrieved.
124      * @exception RoleException when the security provider has a general failure.
125      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
126      */
127     public void removeRole(String rolename)
128         throws JetspeedSecurityException
129     {
130     }
131 
132     /***
133      * Grants a role to a user.
134      *
135      * The security service may optionally check the current user context
136      * to determine if the requestor has permission to perform this action.
137      *
138      * @exception RoleException when the security provider has a general failure retrieving roles.
139      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
140      */
141     public void grantRole(String username, String rolename)
142         throws JetspeedSecurityException
143     {
144     }
145 
146 	public void grantRole(String username, String rolename, String groupname)
147 		throws JetspeedSecurityException
148 	{
149 	}
150 
151     /***
152      * Grants a role to a user for a specific group.
153      *
154      * The security service may optionally check the current user context
155      * to determine if the requestor has permission to perform this action.
156      *
157      * @exception RoleException when the security provider has a general failure retrieving roles.
158      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
159      */
160     public void grantGroupRole(String username, String groupname, String rolename)
161         throws JetspeedSecurityException
162     {
163     }
164 
165     /***
166      * Revokes a role from a user.
167      *
168      * The security service may optionally check the current user context
169      * to determine if the requestor has permission to perform this action.
170      *
171      * @exception RoleException when the security provider has a general failure retrieving roles.
172      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
173      */
174     public void revokeRole(String username, String rolename)
175         throws JetspeedSecurityException
176     {
177     }
178 
179     /***
180      * Revokes a role from a user for a specific group.
181      *
182      * The security service may optionally check the current user context
183      * to determine if the requestor has permission to perform this action.
184      *
185      * @exception RoleException when the security provider has a general failure retrieving roles.
186      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
187      */
188     public void revokeRole(String username, String rolename, String groupname)
189         throws JetspeedSecurityException
190     {
191     }
192 
193     /***
194      * Checks for the relationship of user has a role. Returns true when the user has the given role.
195      *
196      * The security service may optionally check the current user context
197      * to determine if the requestor has permission to perform this action.
198      *
199      * @exception RoleException when the security provider has a general failure retrieving roles.
200      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
201      */
202     public boolean hasRole(String username, String rolename)
203         throws JetspeedSecurityException
204     {
205         // give everyone the "user" role
206         if (rolename.equals(JetspeedSecurity.JETSPEED_ROLE_USER)) return true;
207 
208         return false;
209     }
210 
211 	public boolean hasRole(String username, String rolename, String groupname)
212 		throws JetspeedSecurityException
213 	{
214 		// give everyone the "user" role
215 		if (rolename.equals(JetspeedSecurity.JETSPEED_ROLE_USER) &&	
216 			groupname.equals(JetspeedSecurity.JETSPEED_GROUP)) return true;
217 
218 		return false;
219 	}
220 
221     /***
222      * Retrieves a single <code>Role</code> for a given rolename principal.
223      *
224      * The security service may optionally check the current user context
225      * to determine if the requestor has permission to perform this action.
226      *
227      * @param rolename a role principal identity to be retrieved.
228      * @return Role the role record retrieved.
229      * @exception RoleException when the security provider has a general failure.
230      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
231      */
232     public Role getRole(String rolename)
233         throws JetspeedSecurityException
234     {
235         BaseJetspeedRole r = new BaseJetspeedRole();
236         //r.setNew(false);
237         r.setName(rolename);
238         r.setId(rolename);
239         return r;
240     }
241 }
242