001: /**********************************************************************************
002: * $URL: https://source.sakaiproject.org/svn/access/trunk/access-impl/impl/src/java/org/sakaiproject/access/tool/AccessServlet.java $
003: * $Id: AccessServlet.java 17063 2006-10-11 19:48:42Z jimeng@umich.edu $
004: ***********************************************************************************
005: *
006: * Copyright (c) 2006 The Sakai Foundation.
007: *
008: * Licensed under the Educational Community License, Version 1.0 (the "License");
009: * you may not use this file except in compliance with the License.
010: * You may obtain a copy of the License at
011: *
012: * http://www.opensource.org/licenses/ecl1.php
013: *
014: * Unless required by applicable law or agreed to in writing, software
015: * distributed under the License is distributed on an "AS IS" BASIS,
016: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017: * See the License for the specific language governing permissions and
018: * limitations under the License.
019: *
020: **********************************************************************************/package org.sakaiproject.component.privacy;
021:
022: import java.sql.SQLException;
023: import java.util.List;
024: import java.util.ArrayList;
025: import java.util.Map;
026: import java.util.Set;
027: import java.util.Iterator;
028: import java.util.HashSet;
029: import java.util.HashMap;
030:
031: import org.apache.commons.logging.Log;
032: import org.apache.commons.logging.LogFactory;
033: import org.hibernate.Hibernate;
034: import org.hibernate.HibernateException;
035: import org.hibernate.Query;
036: import org.hibernate.Session;
037: import org.sakaiproject.api.privacy.PrivacyManager;
038: import org.sakaiproject.hbm.privacy.PrivacyRecordImpl;
039: import org.sakaiproject.user.api.User;
040: import org.sakaiproject.user.cover.UserDirectoryService;
041: import org.sakaiproject.authz.cover.AuthzGroupService;
042: import org.sakaiproject.authz.api.AuthzGroup;
043:
044: import org.springframework.orm.hibernate3.HibernateCallback;
045: import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
046:
047: public class PrivacyManagerImpl extends HibernateDaoSupport implements
048: PrivacyManager {
049: private static Log log = LogFactory
050: .getLog(PrivacyManagerImpl.class);
051:
052: private static final String QUERY_BY_USERID_CONTEXTID_TYPEID = "findPrivacyByUserIdContextIdType";
053: private static final String QUERY_BY_DISABLED_USERID_CONTEXTID = "findDisabledPrivacyUserIdContextIdType";
054: private static final String QUERY_BY_CONTEXT_VIEWABLE_TYPE = "finalPrivacyByContextViewableType";
055: private static final String QUERY_BY_CONTEXT__TYPE = "finalPrivacyByContextType";
056: private static final String QUERY_BY_CONTEXT__TYPE_IDLIST = "finalPrivacyByContextTypeAndUserIds";
057: private static final String QUERY_BY_CONTEXT_VIEWABLE_TYPE_IDLIST = "finalPrivacyByContextViewableTypeUserList";
058: private static final String CONTEXT_ID = "contextId";
059: private static final String USER_ID = "userId";
060: private static final String RECORD_TYPE = "recordType";
061: private static final String VIEWABLE = "viewable";
062:
063: protected boolean defaultViewable = true;
064: protected Boolean overrideViewable = null;
065: protected boolean userRecordHasPrecedence = true;
066: protected int maxResultSetNumber = 1000;
067:
068: public Set findViewable(String contextId, Set userIds) {
069: if (contextId == null || userIds == null) {
070: throw new IllegalArgumentException(
071: "Null Argument in findViewable");
072: }
073:
074: if (overrideViewable != null) {
075: if (overrideViewable.booleanValue())
076: return userIds;
077: else
078: return new HashSet();
079: }
080:
081: Iterator iter = userIds.iterator();
082: List userIdList = new ArrayList();
083: while (iter.hasNext()) {
084: String userId = (String) iter.next();
085: if (userId != null)
086: userIdList.add(userId);
087: }
088:
089: Map sysMap = new HashMap();
090: Map userMap = new HashMap();
091: List pieceList = new ArrayList();
092: List resultPieceList = new ArrayList();
093: for (int i = 0; i <= (int) (userIdList.size() / maxResultSetNumber); i++) {
094: pieceList.clear();
095: if (i == (int) (userIdList.size() / maxResultSetNumber)) {
096: for (int j = 0; j < (userIdList.size() % maxResultSetNumber); j++) {
097: pieceList.add(userIdList.get(j
098: + ((int) i * maxResultSetNumber)));
099: }
100: } else {
101: for (int j = 0; j < maxResultSetNumber; j++) {
102: pieceList.add(userIdList.get(j
103: + ((int) i * maxResultSetNumber)));
104: }
105: }
106:
107: if (pieceList.size() > 0) {
108: resultPieceList = getPrivacyByContextAndTypeAndUserIds(
109: contextId, PrivacyManager.SYSTEM_RECORD_TYPE,
110: pieceList);
111: for (int j = 0; j < resultPieceList.size(); j++)
112: sysMap.put(((PrivacyRecordImpl) resultPieceList
113: .get(j)).getUserId(),
114: (PrivacyRecordImpl) resultPieceList.get(j));
115:
116: resultPieceList = getPrivacyByContextAndTypeAndUserIds(
117: contextId, PrivacyManager.USER_RECORD_TYPE,
118: pieceList);
119: for (int j = 0; j < resultPieceList.size(); j++)
120: userMap.put(((PrivacyRecordImpl) resultPieceList
121: .get(j)).getUserId(),
122: (PrivacyRecordImpl) resultPieceList.get(j));
123: }
124: }
125:
126: Set returnSet = new HashSet();
127: for (int i = 0; i < userIdList.size(); i++) {
128: String id = (String) userIdList.get(i);
129: if (!getDisabled((PrivacyRecordImpl) sysMap.get(id),
130: (PrivacyRecordImpl) userMap.get(id)))
131: returnSet.add(id);
132: }
133:
134: return returnSet;
135: }
136:
137: public Set findHidden(String contextId, Set userIds) {
138: if (contextId == null || userIds == null) {
139: throw new IllegalArgumentException(
140: "Null Argument in findViewable");
141: }
142:
143: if (overrideViewable != null) {
144: if (overrideViewable.booleanValue())
145: return new HashSet();
146: else
147: return userIds;
148: }
149:
150: Iterator iter = userIds.iterator();
151: List userIdList = new ArrayList();
152: while (iter.hasNext()) {
153: String userId = (String) iter.next();
154: if (userId != null)
155: userIdList.add(userId);
156: }
157:
158: Map sysMap = new HashMap();
159: Map userMap = new HashMap();
160: List pieceList = new ArrayList();
161: List resultPieceList = new ArrayList();
162: for (int i = 0; i <= (int) (userIdList.size() / maxResultSetNumber); i++) {
163: pieceList.clear();
164: if (i == (int) (userIdList.size() / maxResultSetNumber)) {
165: for (int j = 0; j < (userIdList.size() % maxResultSetNumber); j++) {
166: pieceList.add(userIdList.get(j
167: + ((int) i * maxResultSetNumber)));
168: }
169: } else {
170: for (int j = 0; j < maxResultSetNumber; j++) {
171: pieceList.add(userIdList.get(j
172: + ((int) i * maxResultSetNumber)));
173: }
174: }
175:
176: if (pieceList.size() > 0) {
177: resultPieceList = getPrivacyByContextAndTypeAndUserIds(
178: contextId, PrivacyManager.SYSTEM_RECORD_TYPE,
179: pieceList);
180: for (int j = 0; j < resultPieceList.size(); j++)
181: sysMap.put(((PrivacyRecordImpl) resultPieceList
182: .get(j)).getUserId(),
183: (PrivacyRecordImpl) resultPieceList.get(j));
184:
185: resultPieceList = getPrivacyByContextAndTypeAndUserIds(
186: contextId, PrivacyManager.USER_RECORD_TYPE,
187: pieceList);
188: for (int j = 0; j < resultPieceList.size(); j++)
189: userMap.put(((PrivacyRecordImpl) resultPieceList
190: .get(j)).getUserId(),
191: (PrivacyRecordImpl) resultPieceList.get(j));
192: }
193: }
194:
195: Set returnSet = new HashSet();
196: for (int i = 0; i < userIdList.size(); i++) {
197: String id = (String) userIdList.get(i);
198: if (getDisabled((PrivacyRecordImpl) sysMap.get(id),
199: (PrivacyRecordImpl) userMap.get(id)))
200: returnSet.add(id);
201: }
202:
203: return returnSet;
204: }
205:
206: public Set getViewableState(String contextId, Boolean value,
207: String recordType) {
208: if (contextId == null || value == null || recordType == null) {
209: throw new IllegalArgumentException(
210: "Null Argument in getViewableState");
211: }
212:
213: try {
214: AuthzGroup realm = AuthzGroupService
215: .getAuthzGroup(contextId);
216: List users = new ArrayList();
217: users.addAll(UserDirectoryService
218: .getUsers(realm.getUsers()));
219: List siteUserIds = new ArrayList();
220: for (int i = 0; i < users.size(); i++)
221: siteUserIds.add(((User) users.get(i)).getId());
222:
223: //List returnedList = getViewableStateList(contextId, value, recordType);
224: List returnedList = new ArrayList();
225: List pieceList = new ArrayList();
226: List resultPieceList = new ArrayList();
227: for (int i = 0; i <= (int) (siteUserIds.size() / maxResultSetNumber); i++) {
228: pieceList.clear();
229: if (i == (int) (siteUserIds.size() / maxResultSetNumber)) {
230: for (int j = 0; j < (siteUserIds.size() % maxResultSetNumber); j++) {
231: pieceList.add(siteUserIds.get(j
232: + ((int) i * maxResultSetNumber)));
233: }
234: } else {
235: for (int j = 0; j < maxResultSetNumber; j++) {
236: pieceList.add(siteUserIds.get(j
237: + ((int) i * maxResultSetNumber)));
238: }
239: }
240:
241: if (pieceList.size() > 0) {
242: resultPieceList = getViewableStateList(contextId,
243: value, recordType, pieceList);
244: for (int j = 0; j < resultPieceList.size(); j++)
245: returnedList.add(resultPieceList.get(j));
246: }
247: }
248:
249: if (returnedList != null) {
250: Set returnSet = new HashSet();
251: for (int i = 0; i < returnedList.size(); i++) {
252: returnSet.add(((PrivacyRecordImpl) returnedList
253: .get(i)).getUserId());
254: }
255: return returnSet;
256: } else
257: return null;
258: } catch (org.sakaiproject.authz.api.GroupNotDefinedException gnde) {
259: return null;
260: }
261: }
262:
263: public Map getViewableState(String contextId, String recordType) {
264: if (contextId == null || recordType == null) {
265: throw new IllegalArgumentException(
266: "Null Argument in getViewableState");
267: }
268:
269: try {
270: AuthzGroup realm = AuthzGroupService
271: .getAuthzGroup(contextId);
272: List users = new ArrayList();
273: users.addAll(UserDirectoryService
274: .getUsers(realm.getUsers()));
275: List siteUserIds = new ArrayList();
276: for (int i = 0; i < users.size(); i++)
277: siteUserIds.add(((User) users.get(i)).getId());
278:
279: //List returnedList = getPrivacyByContextAndType(contextId, recordType);
280: List returnedList = new ArrayList();
281: List pieceList = new ArrayList();
282: List resultPieceList = new ArrayList();
283: for (int i = 0; i <= (int) (siteUserIds.size() / maxResultSetNumber); i++) {
284: pieceList.clear();
285: if (i == (int) (siteUserIds.size() / maxResultSetNumber)) {
286: for (int j = 0; j < (siteUserIds.size() % maxResultSetNumber); j++) {
287: pieceList.add(siteUserIds.get(j
288: + ((int) i * maxResultSetNumber)));
289: }
290: } else {
291: for (int j = 0; j < maxResultSetNumber; j++) {
292: pieceList.add(siteUserIds.get(j
293: + ((int) i * maxResultSetNumber)));
294: }
295: }
296:
297: if (pieceList.size() > 0) {
298: resultPieceList = getPrivacyByContextAndTypeAndUserIds(
299: contextId, recordType, pieceList);
300: for (int j = 0; j < resultPieceList.size(); j++)
301: returnedList.add(resultPieceList.get(j));
302: }
303: }
304:
305: if (returnedList != null) {
306: HashMap returnMap = new HashMap();
307: PrivacyRecordImpl pr;
308: for (int i = 0; i < returnedList.size(); i++) {
309: pr = (PrivacyRecordImpl) returnedList.get(i);
310: returnMap.put(pr.getUserId(), new Boolean(pr
311: .getViewable()));
312: }
313: return returnMap;
314: }
315: return null;
316: } catch (org.sakaiproject.authz.api.GroupNotDefinedException gnde) {
317: return null;
318: }
319: }
320:
321: public boolean isViewable(String contextId, String userId) {
322: if (contextId == null || userId == null) {
323: throw new IllegalArgumentException(
324: "Null Argument in isViewable");
325: }
326:
327: if (overrideViewable != null) {
328: return overrideViewable.booleanValue();
329: } else {
330: PrivacyRecordImpl sysRecord = getPrivacy(contextId, userId,
331: PrivacyManager.SYSTEM_RECORD_TYPE);
332: PrivacyRecordImpl userRecord = getPrivacy(contextId,
333: userId, PrivacyManager.USER_RECORD_TYPE);
334:
335: return checkPrivacyRecord(sysRecord, userRecord);
336: }
337: }
338:
339: public void setViewableState(String contextId, String userId,
340: Boolean value, String recordType) {
341: if (contextId == null || userId == null || value == null
342: || recordType == null) {
343: throw new IllegalArgumentException(
344: "Null Argument in setViewableState");
345: }
346:
347: PrivacyRecordImpl pr = getPrivacy(contextId, userId, recordType);
348: if (pr != null) {
349: pr.setViewable(value.booleanValue());
350: savePrivacyRecord(pr);
351: } else {
352: pr = createPrivacyRecord(userId, contextId, recordType,
353: value.booleanValue());
354: }
355: }
356:
357: public void setViewableState(String contextId,
358: Map userViewableState, String recordType) {
359: if (contextId == null || userViewableState == null
360: || recordType == null) {
361: throw new IllegalArgumentException(
362: "Null Argument in setViewableState");
363: }
364:
365: Set keySet = userViewableState.keySet();
366: Iterator iter = keySet.iterator();
367: while (iter.hasNext()) {
368: String userId = (String) iter.next();
369: Boolean viewable = (Boolean) userViewableState.get(userId);
370: setViewableState(contextId, userId, viewable, recordType);
371: }
372: }
373:
374: private PrivacyRecordImpl getPrivacy(final String contextId,
375: final String userId, final String recordType) {
376: if (contextId == null || userId == null || recordType == null) {
377: throw new IllegalArgumentException(
378: "Null Argument in getPrivacy");
379: }
380:
381: HibernateCallback hcb = new HibernateCallback() {
382: public Object doInHibernate(Session session)
383: throws HibernateException, SQLException {
384: Query q = session
385: .getNamedQuery(QUERY_BY_USERID_CONTEXTID_TYPEID);
386: q.setParameter(CONTEXT_ID, contextId, Hibernate.STRING);
387: q.setParameter(USER_ID, userId, Hibernate.STRING);
388: q.setParameter(RECORD_TYPE, recordType,
389: Hibernate.STRING);
390: return q.uniqueResult();
391: }
392: };
393:
394: return (PrivacyRecordImpl) getHibernateTemplate().execute(hcb);
395:
396: }
397:
398: private String getDisabledPrivacy(final String contextId,
399: final String userId) {
400: if (contextId == null || userId == null) {
401: throw new IllegalArgumentException(
402: "Null Argument in getDisabledPrivacy");
403: }
404: PrivacyRecordImpl sysRecord = getPrivacy(contextId, userId,
405: PrivacyManager.SYSTEM_RECORD_TYPE);
406: PrivacyRecordImpl userRecord = getPrivacy(contextId, userId,
407: PrivacyManager.USER_RECORD_TYPE);
408: if (!checkPrivacyRecord(sysRecord, userRecord))
409: return userId;
410: else
411: return null;
412: }
413:
414: private boolean getDisabled(PrivacyRecordImpl sysRecord,
415: PrivacyRecordImpl userRecord) {
416: if (!checkPrivacyRecord(sysRecord, userRecord))
417: return true;
418: else
419: return false;
420: }
421:
422: // private PrivacyRecord findPrivacyWithFullArg(final String contextId, final String userId, final String recordType, final Boolean viewable)
423: // {
424: // if (contextId == null || userId == null || recordType == null || viewable == null)
425: // {
426: // throw new IllegalArgumentException("Null Argument in findPrivacyWithFullArg");
427: // }
428: // HibernateCallback hcb = new HibernateCallback()
429: // {
430: // public Object doInHibernate(Session session) throws HibernateException,
431: // SQLException
432: // {
433: // Query q = session.getNamedQuery(QUERY_BY_DISABLED_USERID_CONTEXTID);
434: // q.setParameter(USER_ID, userId, Hibernate.STRING);
435: // q.setParameter(CONTEXT_ID, contextId, Hibernate.STRING);
436: // q.setParameter(RECORD_TYPE, recordType, Hibernate.STRING);
437: // q.setParameter(VIEWABLE, viewable, Hibernate.BOOLEAN);
438: // return q.uniqueResult();
439: // }
440: // };
441: //
442: // return (PrivacyRecord) getHibernateTemplate().execute(hcb);
443: // }
444:
445: private PrivacyRecordImpl createPrivacyRecord(final String userId,
446: final String contextId, final String recordType,
447: final boolean viewable) {
448: if (userId == null || contextId == null || recordType == null) {
449: throw new IllegalArgumentException(
450: "Null Argument in createPrivacyRecord");
451: } else {
452: PrivacyRecordImpl privacy = new PrivacyRecordImpl(userId,
453: contextId, recordType, viewable);
454: savePrivacyRecord(privacy);
455: return privacy;
456: }
457: }
458:
459: private List getViewableStateList(final String contextId,
460: final Boolean viewable, final String recordType) {
461: if (contextId == null || viewable == null || recordType == null) {
462: throw new IllegalArgumentException(
463: "Null Argument in getViewableStateList");
464: }
465:
466: HibernateCallback hcb = new HibernateCallback() {
467: public Object doInHibernate(Session session)
468: throws HibernateException, SQLException {
469: Query q = session
470: .getNamedQuery(QUERY_BY_CONTEXT_VIEWABLE_TYPE);
471: q
472: .setParameter("contextId", contextId,
473: Hibernate.STRING);
474: q.setParameter("viewable", viewable, Hibernate.BOOLEAN);
475: q.setParameter("recordType", recordType,
476: Hibernate.STRING);
477: return q.list();
478: }
479: };
480:
481: return (List) getHibernateTemplate().execute(hcb);
482: }
483:
484: private List getViewableStateList(final String contextId,
485: final Boolean viewable, final String recordType,
486: final List userIds) {
487: if (contextId == null || viewable == null || recordType == null
488: || userIds == null) {
489: throw new IllegalArgumentException(
490: "Null Argument in getViewableStateList");
491: }
492:
493: HibernateCallback hcb = new HibernateCallback() {
494: public Object doInHibernate(Session session)
495: throws HibernateException, SQLException {
496: Query q = session
497: .getNamedQuery(QUERY_BY_CONTEXT_VIEWABLE_TYPE_IDLIST);
498: q
499: .setParameter("contextId", contextId,
500: Hibernate.STRING);
501: q.setParameter("viewable", viewable, Hibernate.BOOLEAN);
502: q.setParameter("recordType", recordType,
503: Hibernate.STRING);
504: q.setParameterList("userIds", userIds);
505: return q.list();
506: }
507: };
508:
509: return (List) getHibernateTemplate().execute(hcb);
510: }
511:
512: private List getPrivacyByContextAndType(final String contextId,
513: final String recordType) {
514: if (contextId == null || recordType == null) {
515: throw new IllegalArgumentException(
516: "Null Argument in getPrivacyByContextAndType");
517: }
518:
519: HibernateCallback hcb = new HibernateCallback() {
520: public Object doInHibernate(Session session)
521: throws HibernateException, SQLException {
522: Query q = session.getNamedQuery(QUERY_BY_CONTEXT__TYPE);
523: q
524: .setParameter("contextId", contextId,
525: Hibernate.STRING);
526: q.setParameter("recordType", recordType,
527: Hibernate.STRING);
528: return q.list();
529: }
530: };
531:
532: return (List) getHibernateTemplate().executeFind(hcb);
533: }
534:
535: private List getPrivacyByContextAndTypeAndUserIds(
536: final String contextId, final String recordType,
537: final List userIds) {
538: if (contextId == null || recordType == null || userIds == null) {
539: throw new IllegalArgumentException(
540: "Null Argument in getPrivacyByContextAndTypeAndUserIds");
541: }
542:
543: HibernateCallback hcb = new HibernateCallback() {
544: public Object doInHibernate(Session session)
545: throws HibernateException, SQLException {
546: Query q = session
547: .getNamedQuery(QUERY_BY_CONTEXT__TYPE_IDLIST);
548: q
549: .setParameter("contextId", contextId,
550: Hibernate.STRING);
551: q.setParameter("recordType", recordType,
552: Hibernate.STRING);
553: q.setParameterList("userIds", userIds);
554: return q.list();
555: }
556: };
557:
558: return (List) getHibernateTemplate().executeFind(hcb);
559: }
560:
561: private void savePrivacyRecord(PrivacyRecordImpl privacy) {
562: getHibernateTemplate().saveOrUpdate(privacy);
563: }
564:
565: private void removePrivacyObject(PrivacyRecordImpl o) {
566: getHibernateTemplate().delete(o);
567: }
568:
569: private boolean checkPrivacyRecord(PrivacyRecordImpl sysRecord,
570: PrivacyRecordImpl userRecord) {
571: if (sysRecord != null && userRecord != null) {
572: if (userRecordHasPrecedence) {
573: return userRecord.getViewable();
574: } else
575: return sysRecord.getViewable();
576: } else if (sysRecord == null && userRecord == null) {
577: if (defaultViewable)
578: return true;
579: else
580: return false;
581: } else if (sysRecord != null) {
582: return sysRecord.getViewable();
583: } else {
584: return userRecord.getViewable();
585: }
586: }
587:
588: /**
589: * A 'true' value will set privacy enabled for a user whose privacy settings
590: * are not known. A 'false' value will set privacy disabled for a user whose
591: * privacy settings are not known (i.e. no data found).
592: *
593: * The default behavior will be to show users or make them viewable.
594: *
595: * @param defaultViewable
596: * the defaultViewable to set
597: */
598: public void setDefaultViewable(boolean defaultViewable) {
599: this .defaultViewable = defaultViewable;
600: }
601:
602: /**
603: * A 'true' value will make all users viewable in the system. A 'false' value
604: * will make all users hidden in the system.
605: *
606: * Do not set this value for normal operation (non overridden behavior; i.e. null).
607: *
608: * @param overrideViewable
609: * the overrideViewable to set
610: */
611: public void setOverrideViewable(Boolean overrideViewable) {
612: this .overrideViewable = overrideViewable;
613: }
614:
615: /**
616: * A 'true' value indicates that a user record has precedence over a system
617: * record. A 'false' value indicates that a system record has precedence over
618: * a user record
619: *
620: * @param userRecordHasPrecedence
621: * the userRecordHasPrecedence to set
622: */
623: public void setUserRecordHasPrecedence(
624: boolean userRecordHasPrecedence) {
625: this .userRecordHasPrecedence = userRecordHasPrecedence;
626: }
627:
628: /**
629: * Set maximum result set number for database query, defulat is 1000.
630: *
631: * @param maxResultSetNumber
632: * the maxResultSetNumber to set
633: */
634: public void setMaxResultSetNumber(int maxResultSetNumber) {
635: this.maxResultSetNumber = maxResultSetNumber;
636: }
637: }
|