001: /**********************************************************************************
002: * $URL:https://source.sakaiproject.org/svn/osp/trunk/common/api-impl/src/java/org/theospi/portfolio/security/impl/simple/SimpleAuthorizationFacade.java $
003: * $Id:SimpleAuthorizationFacade.java 9134 2006-05-08 20:28:42Z chmaurer@iupui.edu $
004: ***********************************************************************************
005: *
006: * Copyright (c) 2005, 2006 The Sakai Foundation.
007: *
008: * Licensed under the Educational Community License, Version 1.0 (the "License");
009: * you may not use this file except in compliance with the License.
010: * You may obtain a copy of the License at
011: *
012: * http://www.opensource.org/licenses/ecl1.php
013: *
014: * Unless required by applicable law or agreed to in writing, software
015: * distributed under the License is distributed on an "AS IS" BASIS,
016: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017: * See the License for the specific language governing permissions and
018: * limitations under the License.
019: *
020: **********************************************************************************/package org.theospi.portfolio.security.impl.simple;
021:
022: import java.util.ArrayList;
023: import java.util.Collection;
024: import java.util.Iterator;
025: import java.util.List;
026:
027: import org.sakaiproject.metaobj.security.AuthenticationManager;
028: import org.sakaiproject.metaobj.shared.model.Agent;
029: import org.sakaiproject.metaobj.shared.model.Id;
030: import org.springframework.orm.hibernate3.HibernateObjectRetrievalFailureException;
031: import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
032: import org.theospi.portfolio.security.Authorization;
033: import org.theospi.portfolio.security.AuthorizationFacade;
034: import org.theospi.portfolio.security.AuthorizationFailedException;
035: import org.theospi.portfolio.shared.model.OspException;
036:
037: /**
038: * Created by IntelliJ IDEA.
039: * User: John Ellis
040: * Date: May 19, 2004
041: * Time: 4:55:05 PM
042: * To change this template use File | Settings | File Templates.
043: * @jira OSP-323 PostgreSQL Table Creation
044: */
045: public class SimpleAuthorizationFacade extends HibernateDaoSupport
046: implements AuthorizationFacade {
047:
048: private AuthenticationManager authManager = null;
049:
050: public void checkPermission(String function, Id id)
051: throws AuthorizationFailedException {
052: if (!isAuthorized(function, id)) {
053: throw new AuthorizationFailedException(function, id);
054: }
055: }
056:
057: public void checkPermission(Agent agent, String function, Id id)
058: throws AuthorizationFailedException {
059: if (!isAuthorized(agent, function, id)) {
060: throw new AuthorizationFailedException(agent, function, id);
061: }
062: }
063:
064: /**
065: * @param function
066: * @param id
067: * @return
068: */
069: public boolean isAuthorized(String function, Id id) {
070: return isAuthorized(getAuthManager().getAgent(), function, id);
071: }
072:
073: /**
074: * @param agent
075: * @param function
076: * @param id
077: * @return
078: */
079: public boolean isAuthorized(Agent agent, String function, Id id) {
080:
081: return (getAuthorization(agent, function, id) != null);
082:
083: }
084:
085: /**
086: * @jira OSP-323 PostgreSQL Table Creation
087: */
088: protected Authorization getAuthorization(Agent agent,
089: String function, Id id) {
090: try {
091: if (id == null)
092: throw new NullPointerException(
093: "The id was null while getting the authorization");
094: if (agent == null || agent.getId() == null)
095: throw new NullPointerException(
096: "The agent was null while getting the authorization");
097: getHibernateTemplate().setCacheQueries(true);
098: return (Authorization) safePopList(getHibernateTemplate()
099: .findByNamedQuery(
100: "getAuthorization",
101: new Object[] { agent.getId().getValue(),
102: function, id.getValue() }));
103: } catch (HibernateObjectRetrievalFailureException e) {
104: logger.error("", e);
105: throw new OspException(e);
106: }
107: }
108:
109: protected Object safePopList(List list) {
110: if (list == null)
111: return null;
112: if (list.size() == 0)
113: return null;
114: return list.get(0);
115: }
116:
117: /**
118: * at least one param must be non-null
119: *
120: * @param agent
121: * @param function
122: * @param id
123: * @return
124: */
125: public List getAuthorizations(Agent agent, String function, Id id) {
126: List returned = null;
127:
128: if (agent != null && function != null && id != null) {
129: returned = new ArrayList();
130: Authorization authz = getAuthorization(agent, function, id);
131:
132: if (authz != null) {
133: returned.add(authz);
134: }
135: }
136: // agent stuff
137: else if (agent != null && function != null && id == null) {
138: returned = findByAgentFunction(agent, function);
139: } else if (agent != null && function == null && id != null) {
140: returned = findByAgentId(agent, id);
141: } else if (agent != null && function == null && id == null) {
142: returned = findByAgent(agent);
143: }
144: // function
145: else if (agent == null && function != null && id != null) {
146: returned = findByFunctionId(function, id);
147: } else if (agent == null && function != null && id == null) {
148: returned = findByFunction(function);
149: }
150: // id
151: else if (agent == null && function == null && id != null) {
152: returned = findById(id);
153: }
154:
155: return correctList(returned);
156: }
157:
158: protected List correctList(List returned) {
159: for (Iterator i = returned.iterator(); i.hasNext();) {
160: Authorization authz = (Authorization) i.next();
161: if (authz.getAgent() == null) {
162: i.remove();
163: }
164: }
165: return returned;
166: }
167:
168: /**
169: * @jira OSP-323 PostgreSQL Table Creation
170: */
171: protected List findById(Id id) {
172: getHibernateTemplate().setCacheQueries(true);
173: return getHibernateTemplate().findByNamedQuery("byId",
174: new Object[] { id.getValue() });
175: }
176:
177: /**
178: * @jira OSP-323 PostgreSQL Table Creation
179: */
180: protected List findByFunction(String function) {
181: getHibernateTemplate().setCacheQueries(true);
182: return getHibernateTemplate().findByNamedQuery("byFunction",
183: new Object[] { function });
184: }
185:
186: /**
187: * @jira OSP-323 PostgreSQL Table Creation
188: */
189: protected List findByFunctionId(String function, Id id) {
190: getHibernateTemplate().setCacheQueries(true);
191: return getHibernateTemplate().findByNamedQuery(
192: "byFunctionAndId",
193: new Object[] { function, id.getValue() });
194: }
195:
196: /**
197: * @jira OSP-323 PostgreSQL Table Creation
198: */
199: protected List findByAgent(Agent agent) {
200: getHibernateTemplate().setCacheQueries(true);
201: return getHibernateTemplate().findByNamedQuery("byAgent",
202: new Object[] { agent.getId().getValue() });
203: }
204:
205: /**
206: * @jira OSP-323 PostgreSQL Table Creation
207: */
208: protected List findByAgentId(Agent agent, Id id) {
209: getHibernateTemplate().setCacheQueries(true);
210: return getHibernateTemplate()
211: .findByNamedQuery(
212: "byAgentAndId",
213: new Object[] { agent.getId().getValue(),
214: id.getValue() });
215: }
216:
217: /**
218: * @jira OSP-323 PostgreSQL Table Creation
219: */
220: protected List findByAgentFunction(Agent agent, String function) {
221: getHibernateTemplate().setCacheQueries(true);
222: return getHibernateTemplate().findByNamedQuery(
223: "byAgentAndFunction",
224: new Object[] { agent.getId().getValue(), function });
225: }
226:
227: /**
228: * @param agent
229: * @param function
230: * @param id
231: */
232: public void createAuthorization(Agent agent, String function, Id id) {
233: Authorization auth = getAuthorization(agent, function, id);
234: if (auth == null) {
235: auth = new Authorization(agent, function, id);
236: }
237:
238: getHibernateTemplate().saveOrUpdate(auth);
239: }
240:
241: public void deleteAuthorization(Agent agent, String function, Id id) {
242: Authorization auth = getAuthorization(agent, function, id);
243: if (auth != null) {
244: getHibernateTemplate().delete(auth);
245: }
246: }
247:
248: public void deleteAuthorizations(Id qualifier) {
249: getHibernateTemplate().deleteAll(findById(qualifier));
250: }
251:
252: public void pushAuthzGroups(Collection authzGroups) {
253: // does nothing... this impl does not care about groups
254: }
255:
256: public void pushAuthzGroups(String siteId) {
257: // does nothing... this impl does not care about groups
258: }
259:
260: public AuthenticationManager getAuthManager() {
261: return authManager;
262: }
263:
264: public void setAuthManager(AuthenticationManager authManager) {
265: this.authManager = authManager;
266: }
267: }
|