SecurityAccessImpl xref

View Javadoc

1   /* 
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.security.spi.impl;
18  
19  import java.security.Principal;
20  import java.util.Collection;
21  import java.util.Iterator;
22  
23  import org.apache.jetspeed.components.dao.InitablePersistenceBrokerDaoSupport;
24  import org.apache.jetspeed.i18n.KeyedMessage;
25  import org.apache.jetspeed.security.SecurityException;
26  import org.apache.jetspeed.security.UserPrincipal;
27  import org.apache.jetspeed.security.impl.UserPrincipalImpl;
28  import org.apache.jetspeed.security.om.InternalGroupPrincipal;
29  import org.apache.jetspeed.security.om.InternalRolePrincipal;
30  import org.apache.jetspeed.security.om.InternalUserPrincipal;
31  import org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl;
32  import org.apache.jetspeed.security.om.impl.InternalRolePrincipalImpl;
33  import org.apache.jetspeed.security.om.impl.InternalUserPrincipalImpl;
34  import org.apache.jetspeed.security.spi.SecurityAccess;
35  import org.apache.ojb.broker.query.Criteria;
36  import org.apache.ojb.broker.query.Query;
37  import org.apache.ojb.broker.query.QueryFactory;
38  
39  /***
40   * <p>
41   * Provides a utility class for common SPI queries.
42   * </p>
43   * 
44   * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
45   * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
46   */
47  public class SecurityAccessImpl extends InitablePersistenceBrokerDaoSupport implements SecurityAccess
48  {
49      
50  
51      /***
52       * 
53       * @param repositoryPath
54       */
55      public SecurityAccessImpl(String repositoryPath)
56      {
57         super(repositoryPath);
58      }
59      
60      /***
61       * <p>
62       * Returns if a Internal UserPrincipal is defined for the user name.
63       * </p>
64       * 
65       * @param username The user name.
66       * @return true if the user is known
67       */
68      public boolean isKnownUser(String username)
69      {
70          UserPrincipal userPrincipal = new UserPrincipalImpl(username);
71          String fullPath = userPrincipal.getFullPath();
72          // Get user.
73          Criteria filter = new Criteria();
74          filter.addEqualTo("fullPath", fullPath);
75          // The isMappingOnly must not be true.
76          // We don't need the mapping only user, mapping user can't be authenticated with this provider. 
77          // we just need the true user.
78          filter.addEqualTo("isMappingOnly", Boolean.FALSE);
79          Query query = QueryFactory.newQuery(InternalUserPrincipalImpl.class, filter);
80          return getPersistenceBrokerTemplate().getCount(query) == 1;
81      }
82  
83      /***
84       * <p>
85       * Returns the {@link InternalUserPrincipal} from the user name.
86       * </p>
87       * 
88       * @param username The user name.
89       * @return The {@link InternalUserPrincipal}.
90       */
91      public InternalUserPrincipal getInternalUserPrincipal(String username)
92      {
93          UserPrincipal userPrincipal = new UserPrincipalImpl(username);
94          String fullPath = userPrincipal.getFullPath();
95          // Get user.
96          Criteria filter = new Criteria();
97          filter.addEqualTo("fullPath", fullPath);
98          Query query = QueryFactory.newQuery(InternalUserPrincipalImpl.class, filter);
99          InternalUserPrincipal internalUser = (InternalUserPrincipal) getPersistenceBrokerTemplate().getObjectByQuery(query);
100         return internalUser;
101     }
102     
103     /***
104      * <p>
105      * Returns the {@link InternalUserPrincipal} from the user name.
106      * </p>
107      * 
108      * @param username The user name.
109      * @param isMappingOnly Whether a principal's purpose is for security mappping only.
110      * @return The {@link InternalUserPrincipal}.
111      */
112     public InternalUserPrincipal getInternalUserPrincipal(String username, boolean isMappingOnly)
113     {
114         UserPrincipal userPrincipal = new UserPrincipalImpl(username);
115         String fullPath = userPrincipal.getFullPath();
116         // Get user.
117         Criteria filter = new Criteria();
118         filter.addEqualTo("fullPath", fullPath);
119         filter.addEqualTo("isMappingOnly", new Boolean(isMappingOnly));
120         Query query = QueryFactory.newQuery(InternalUserPrincipalImpl.class, filter);
121         InternalUserPrincipal internalUser = (InternalUserPrincipal) getPersistenceBrokerTemplate().getObjectByQuery(query);
122         return internalUser;
123     }
124 
125     /***
126      * <p>
127      * Returns a collection of {@link Principal}given the filter.
128      * </p>
129      * 
130      * @param filter The filter.
131      * @return Collection of {@link InternalUserPrincipal}.
132      */
133     public Iterator getInternalUserPrincipals(String filter)
134     {
135         Criteria queryCriteria = new Criteria();
136         queryCriteria.addEqualTo("isMappingOnly", new Boolean(false));
137         queryCriteria.addLike("fullPath", UserPrincipal.PREFS_USER_ROOT + filter + "%");
138         Query query = QueryFactory.newQuery(InternalUserPrincipalImpl.class, queryCriteria);
139         Iterator result = getPersistenceBrokerTemplate().getIteratorByQuery(query);
140         return result;
141     }
142 
143     /***
144      * <p>
145      * Sets the given {@link InternalUserPrincipal}.
146      * </p>
147      * 
148      * @param internalUser The {@link InternalUserPrincipal}.
149      * @param isMappingOnly Whether a principal's purpose is for security mappping only.
150      * @throws SecurityException Throws a {@link SecurityException}.
151      */
152     public void setInternalUserPrincipal(InternalUserPrincipal internalUser, boolean isMappingOnly) throws SecurityException
153     {
154         try
155         {
156             if (isMappingOnly)
157             {
158                 internalUser.setMappingOnly(isMappingOnly);
159             }
160             getPersistenceBrokerTemplate().store(internalUser);
161         }
162         catch (Exception e)
163         {
164             KeyedMessage msg = SecurityException.UNEXPECTED.create("SecurityAccess.setInternalUserPrincipal",
165                                                                    "store",
166                                                                    e.getMessage());
167             logger.error(msg, e);
168             throw new SecurityException(msg, e);
169         }
170     }
171 
172     /***
173      * <p>
174      * Remove the given {@link InternalUserPrincipal}.
175      * </p>
176      * 
177      * @param internalUser The {@link InternalUserPrincipal}.
178      * @throws SecurityException Throws a {@link SecurityException}.
179      */
180     public void removeInternalUserPrincipal(InternalUserPrincipal internalUser) throws SecurityException
181     {
182         try
183         {
184             // Remove user.
185             getPersistenceBrokerTemplate().delete(internalUser);
186             if (logger.isDebugEnabled())
187             {
188                 logger.debug("Deleted user: " + internalUser.getFullPath());
189             }
190 
191         }
192         catch (Exception e)
193         {
194             KeyedMessage msg = SecurityException.UNEXPECTED.create("SecurityAccess.removeInternalUserPrincipal",
195                                                                    "store",
196                                                                    e.getMessage());
197             logger.error(msg, e);
198             throw new SecurityException(msg, e);
199         }
200     }
201 
202     /***
203      * <p>
204      * Returns the {@link InternalRolePrincipal}from the role full path name.
205      * </p>
206      * 
207      * @param roleFullPathName The role full path name.
208      * @return The {@link InternalRolePrincipal}.
209      */
210     public InternalRolePrincipal getInternalRolePrincipal(String roleFullPathName)
211     {
212         Criteria filter = new Criteria();
213         filter.addEqualTo("fullPath", roleFullPathName);
214         Query query = QueryFactory.newQuery(InternalRolePrincipalImpl.class, filter);
215         InternalRolePrincipal internalRole = (InternalRolePrincipal) getPersistenceBrokerTemplate().getObjectByQuery(query);
216         return internalRole;
217     }
218     
219     /***
220      * <p>
221      * Sets the given {@link InternalRolePrincipal}.
222      * </p>
223      * 
224      * @param internalRole The {@link InternalRolePrincipal}.
225      * @param isMappingOnly Whether a principal's purpose is for security mappping only.
226      * @throws SecurityException Throws a {@link SecurityException}.
227      */
228     public void setInternalRolePrincipal(InternalRolePrincipal internalRole, boolean isMappingOnly) throws SecurityException
229     {
230         try
231         {
232             if (isMappingOnly)
233             {
234                 internalRole.setMappingOnly(isMappingOnly);
235             }
236             getPersistenceBrokerTemplate().store(internalRole);
237         }
238         catch (Exception e)
239         {
240             KeyedMessage msg = SecurityException.UNEXPECTED.create("SecurityAccess.setInternalRolePrincipal",
241                                                                    "store",
242                                                                    e.getMessage());
243             logger.error(msg, e);
244             throw new SecurityException(msg, e);
245         }
246     }
247     
248     /***
249      * <p>
250      * Remove the given {@link InternalRolePrincipal}.
251      * </p>
252      * 
253      * @param internalRole The {@link InternalRolePrincipal}.
254      * @throws SecurityException Throws a {@link SecurityException}.
255      */
256     public void removeInternalRolePrincipal(InternalRolePrincipal internalRole) throws SecurityException
257     {
258         try
259         {
260             // Remove role.
261 
262             getPersistenceBrokerTemplate().delete(internalRole);
263             if (logger.isDebugEnabled())
264             {
265                 logger.debug("Deleted role: " + internalRole.getFullPath());
266             }
267 
268         }
269         catch (Exception e)
270         {
271             KeyedMessage msg = SecurityException.UNEXPECTED.create("SecurityAccess.removeInternalRolePrincipal",
272                                                                    "store",
273                                                                    e.getMessage());
274             logger.error(msg, e);
275             throw new SecurityException(msg, e);
276         }
277         
278     }
279 
280     /***
281      * <p>
282      * Returns the {@link InternalGroupPrincipal}from the group full path name.
283      * </p>
284      * 
285      * @param groupFullPathName The group full path name.
286      * @return The {@link InternalGroupPrincipal}.
287      */
288     public InternalGroupPrincipal getInternalGroupPrincipal(String groupFullPathName)
289     {
290         Criteria filter = new Criteria();
291         filter.addEqualTo("fullPath", groupFullPathName);
292         Query query = QueryFactory.newQuery(InternalGroupPrincipalImpl.class, filter);
293         InternalGroupPrincipal internalGroup = (InternalGroupPrincipal) getPersistenceBrokerTemplate().getObjectByQuery(query);
294         return internalGroup;
295     }
296     
297     /***
298      * <p>
299      * Sets the given {@link InternalGroupPrincipal}.
300      * </p>
301      * 
302      * @param internalGroup The {@link InternalGroupPrincipal}.
303      * @param isMappingOnly Whether a principal's purpose is for security mappping only.
304      * @throws SecurityException Throws a {@link SecurityException}.
305      */
306     public void setInternalGroupPrincipal(InternalGroupPrincipal internalGroup, boolean isMappingOnly) throws SecurityException
307     {
308         try
309         {
310             
311             if (isMappingOnly)
312             {
313                 internalGroup.setMappingOnly(isMappingOnly);
314             }
315             getPersistenceBrokerTemplate().store(internalGroup);
316         }
317         catch (Exception e)
318         {
319             KeyedMessage msg = SecurityException.UNEXPECTED.create("SecurityAccess.setInternalGroupPrincipal",
320                                                                    "store",
321                                                                    e.getMessage());
322             logger.error(msg, e);         
323             throw new SecurityException(msg, e);
324         }
325     }
326     
327     /***
328      * <p>
329      * Remove the given {@link InternalGroupPrincipal}.
330      * </p>
331      * 
332      * @param internalGroup The {@link InternalGroupPrincipal}.
333      * @throws SecurityException Throws a {@link SecurityException}.
334      */
335     public void removeInternalGroupPrincipal(InternalGroupPrincipal internalGroup) throws SecurityException
336     {
337         try
338         {
339             // Remove role.           
340             getPersistenceBrokerTemplate().delete(internalGroup);
341        
342             if (logger.isDebugEnabled())
343             {
344                 logger.debug("Deleted group: " + internalGroup.getFullPath());
345             }
346 
347         }
348         catch (Exception e)
349         {
350             KeyedMessage msg = SecurityException.UNEXPECTED.create("SecurityAccess.removeInternalGroupPrincipal",
351                                                                    "store",
352                                                                    e.getMessage());
353             logger.error(msg, e);
354             throw new SecurityException(msg, e);
355         }
356         
357     }
358 
359     public Iterator getInternalRolePrincipals(String filter)
360     {
361         Criteria queryCriteria = new Criteria();
362         queryCriteria.addEqualTo("isMappingOnly", new Boolean(false));
363         queryCriteria.addLike("fullPath", UserPrincipal.PREFS_ROLE_ROOT + filter + "%");
364         Query query = QueryFactory.newQuery(InternalRolePrincipalImpl.class, queryCriteria);
365         Collection c = getPersistenceBrokerTemplate().getCollectionByQuery(query);
366         return c.iterator();
367     }
368 
369     public Iterator getInternalGroupPrincipals(String filter)
370     {
371       
372         Criteria queryCriteria = new Criteria();
373         queryCriteria.addEqualTo("isMappingOnly", new Boolean(false));
374         queryCriteria.addLike("fullPath", UserPrincipal.PREFS_GROUP_ROOT + filter + "%");        
375         Query query = QueryFactory.newQuery(InternalGroupPrincipalImpl.class, queryCriteria);
376         Collection c = getPersistenceBrokerTemplate().getCollectionByQuery(query);
377         return c.iterator();
378     }
379     
380 }