001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.security.spi.impl;
018:
019: import java.security.Principal;
020: import java.util.Collection;
021: import java.util.Iterator;
022:
023: import org.apache.jetspeed.components.dao.InitablePersistenceBrokerDaoSupport;
024: import org.apache.jetspeed.i18n.KeyedMessage;
025: import org.apache.jetspeed.security.SecurityException;
026: import org.apache.jetspeed.security.UserPrincipal;
027: import org.apache.jetspeed.security.impl.UserPrincipalImpl;
028: import org.apache.jetspeed.security.om.InternalGroupPrincipal;
029: import org.apache.jetspeed.security.om.InternalRolePrincipal;
030: import org.apache.jetspeed.security.om.InternalUserPrincipal;
031: import org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl;
032: import org.apache.jetspeed.security.om.impl.InternalRolePrincipalImpl;
033: import org.apache.jetspeed.security.om.impl.InternalUserPrincipalImpl;
034: import org.apache.jetspeed.security.spi.SecurityAccess;
035: import org.apache.ojb.broker.query.Criteria;
036: import org.apache.ojb.broker.query.Query;
037: import org.apache.ojb.broker.query.QueryFactory;
038:
039: /**
040: * <p>
041: * Provides a utility class for common SPI queries.
042: * </p>
043: *
044: * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
045: * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
046: */
047: public class SecurityAccessImpl extends
048: InitablePersistenceBrokerDaoSupport implements SecurityAccess {
049:
050: /**
051: *
052: * @param repositoryPath
053: */
054: public SecurityAccessImpl(String repositoryPath) {
055: super (repositoryPath);
056: }
057:
058: /**
059: * <p>
060: * Returns if a Internal UserPrincipal is defined for the user name.
061: * </p>
062: *
063: * @param username The user name.
064: * @return true if the user is known
065: */
066: public boolean isKnownUser(String username) {
067: UserPrincipal userPrincipal = new UserPrincipalImpl(username);
068: String fullPath = userPrincipal.getFullPath();
069: // Get user.
070: Criteria filter = new Criteria();
071: filter.addEqualTo("fullPath", fullPath);
072: // The isMappingOnly must not be true.
073: // We don't need the mapping only user, mapping user can't be authenticated with this provider.
074: // we just need the true user.
075: filter.addEqualTo("isMappingOnly", Boolean.FALSE);
076: Query query = QueryFactory.newQuery(
077: InternalUserPrincipalImpl.class, filter);
078: return getPersistenceBrokerTemplate().getCount(query) == 1;
079: }
080:
081: /**
082: * <p>
083: * Returns the {@link InternalUserPrincipal} from the user name.
084: * </p>
085: *
086: * @param username The user name.
087: * @return The {@link InternalUserPrincipal}.
088: */
089: public InternalUserPrincipal getInternalUserPrincipal(
090: String username) {
091: UserPrincipal userPrincipal = new UserPrincipalImpl(username);
092: String fullPath = userPrincipal.getFullPath();
093: // Get user.
094: Criteria filter = new Criteria();
095: filter.addEqualTo("fullPath", fullPath);
096: Query query = QueryFactory.newQuery(
097: InternalUserPrincipalImpl.class, filter);
098: InternalUserPrincipal internalUser = (InternalUserPrincipal) getPersistenceBrokerTemplate()
099: .getObjectByQuery(query);
100: return internalUser;
101: }
102:
103: /**
104: * <p>
105: * Returns the {@link InternalUserPrincipal} from the user name.
106: * </p>
107: *
108: * @param username The user name.
109: * @param isMappingOnly Whether a principal's purpose is for security mappping only.
110: * @return The {@link InternalUserPrincipal}.
111: */
112: public InternalUserPrincipal getInternalUserPrincipal(
113: String username, boolean isMappingOnly) {
114: UserPrincipal userPrincipal = new UserPrincipalImpl(username);
115: String fullPath = userPrincipal.getFullPath();
116: // Get user.
117: Criteria filter = new Criteria();
118: filter.addEqualTo("fullPath", fullPath);
119: filter.addEqualTo("isMappingOnly", new Boolean(isMappingOnly));
120: Query query = QueryFactory.newQuery(
121: InternalUserPrincipalImpl.class, filter);
122: InternalUserPrincipal internalUser = (InternalUserPrincipal) getPersistenceBrokerTemplate()
123: .getObjectByQuery(query);
124: return internalUser;
125: }
126:
127: /**
128: * <p>
129: * Returns a collection of {@link Principal}given the filter.
130: * </p>
131: *
132: * @param filter The filter.
133: * @return Collection of {@link InternalUserPrincipal}.
134: */
135: public Iterator getInternalUserPrincipals(String filter) {
136: Criteria queryCriteria = new Criteria();
137: queryCriteria.addEqualTo("isMappingOnly", new Boolean(false));
138: queryCriteria.addLike("fullPath", UserPrincipal.PREFS_USER_ROOT
139: + filter + "%");
140: Query query = QueryFactory.newQuery(
141: InternalUserPrincipalImpl.class, queryCriteria);
142: Iterator result = getPersistenceBrokerTemplate()
143: .getIteratorByQuery(query);
144: return result;
145: }
146:
147: /**
148: * <p>
149: * Sets the given {@link InternalUserPrincipal}.
150: * </p>
151: *
152: * @param internalUser The {@link InternalUserPrincipal}.
153: * @param isMappingOnly Whether a principal's purpose is for security mappping only.
154: * @throws SecurityException Throws a {@link SecurityException}.
155: */
156: public void setInternalUserPrincipal(
157: InternalUserPrincipal internalUser, boolean isMappingOnly)
158: throws SecurityException {
159: try {
160: if (isMappingOnly) {
161: internalUser.setMappingOnly(isMappingOnly);
162: }
163: getPersistenceBrokerTemplate().store(internalUser);
164: } catch (Exception e) {
165: KeyedMessage msg = SecurityException.UNEXPECTED.create(
166: "SecurityAccess.setInternalUserPrincipal", "store",
167: e.getMessage());
168: logger.error(msg, e);
169: throw new SecurityException(msg, e);
170: }
171: }
172:
173: /**
174: * <p>
175: * Remove the given {@link InternalUserPrincipal}.
176: * </p>
177: *
178: * @param internalUser The {@link InternalUserPrincipal}.
179: * @throws SecurityException Throws a {@link SecurityException}.
180: */
181: public void removeInternalUserPrincipal(
182: InternalUserPrincipal internalUser)
183: throws SecurityException {
184: try {
185: // Remove user.
186: getPersistenceBrokerTemplate().delete(internalUser);
187: if (logger.isDebugEnabled()) {
188: logger.debug("Deleted user: "
189: + internalUser.getFullPath());
190: }
191:
192: } catch (Exception e) {
193: KeyedMessage msg = SecurityException.UNEXPECTED.create(
194: "SecurityAccess.removeInternalUserPrincipal",
195: "store", e.getMessage());
196: logger.error(msg, e);
197: throw new SecurityException(msg, e);
198: }
199: }
200:
201: /**
202: * <p>
203: * Returns the {@link InternalRolePrincipal}from the role full path name.
204: * </p>
205: *
206: * @param roleFullPathName The role full path name.
207: * @return The {@link InternalRolePrincipal}.
208: */
209: public InternalRolePrincipal getInternalRolePrincipal(
210: String roleFullPathName) {
211: Criteria filter = new Criteria();
212: filter.addEqualTo("fullPath", roleFullPathName);
213: Query query = QueryFactory.newQuery(
214: InternalRolePrincipalImpl.class, filter);
215: InternalRolePrincipal internalRole = (InternalRolePrincipal) getPersistenceBrokerTemplate()
216: .getObjectByQuery(query);
217: return internalRole;
218: }
219:
220: /**
221: * <p>
222: * Sets the given {@link InternalRolePrincipal}.
223: * </p>
224: *
225: * @param internalRole The {@link InternalRolePrincipal}.
226: * @param isMappingOnly Whether a principal's purpose is for security mappping only.
227: * @throws SecurityException Throws a {@link SecurityException}.
228: */
229: public void setInternalRolePrincipal(
230: InternalRolePrincipal internalRole, boolean isMappingOnly)
231: throws SecurityException {
232: try {
233: if (isMappingOnly) {
234: internalRole.setMappingOnly(isMappingOnly);
235: }
236: getPersistenceBrokerTemplate().store(internalRole);
237: } catch (Exception e) {
238: KeyedMessage msg = SecurityException.UNEXPECTED.create(
239: "SecurityAccess.setInternalRolePrincipal", "store",
240: e.getMessage());
241: logger.error(msg, e);
242: throw new SecurityException(msg, e);
243: }
244: }
245:
246: /**
247: * <p>
248: * Remove the given {@link InternalRolePrincipal}.
249: * </p>
250: *
251: * @param internalRole The {@link InternalRolePrincipal}.
252: * @throws SecurityException Throws a {@link SecurityException}.
253: */
254: public void removeInternalRolePrincipal(
255: InternalRolePrincipal internalRole)
256: throws SecurityException {
257: try {
258: // Remove role.
259:
260: getPersistenceBrokerTemplate().delete(internalRole);
261: if (logger.isDebugEnabled()) {
262: logger.debug("Deleted role: "
263: + internalRole.getFullPath());
264: }
265:
266: } catch (Exception e) {
267: KeyedMessage msg = SecurityException.UNEXPECTED.create(
268: "SecurityAccess.removeInternalRolePrincipal",
269: "store", e.getMessage());
270: logger.error(msg, e);
271: throw new SecurityException(msg, e);
272: }
273:
274: }
275:
276: /**
277: * <p>
278: * Returns the {@link InternalGroupPrincipal}from the group full path name.
279: * </p>
280: *
281: * @param groupFullPathName The group full path name.
282: * @return The {@link InternalGroupPrincipal}.
283: */
284: public InternalGroupPrincipal getInternalGroupPrincipal(
285: String groupFullPathName) {
286: Criteria filter = new Criteria();
287: filter.addEqualTo("fullPath", groupFullPathName);
288: Query query = QueryFactory.newQuery(
289: InternalGroupPrincipalImpl.class, filter);
290: InternalGroupPrincipal internalGroup = (InternalGroupPrincipal) getPersistenceBrokerTemplate()
291: .getObjectByQuery(query);
292: return internalGroup;
293: }
294:
295: /**
296: * <p>
297: * Sets the given {@link InternalGroupPrincipal}.
298: * </p>
299: *
300: * @param internalGroup The {@link InternalGroupPrincipal}.
301: * @param isMappingOnly Whether a principal's purpose is for security mappping only.
302: * @throws SecurityException Throws a {@link SecurityException}.
303: */
304: public void setInternalGroupPrincipal(
305: InternalGroupPrincipal internalGroup, boolean isMappingOnly)
306: throws SecurityException {
307: try {
308:
309: if (isMappingOnly) {
310: internalGroup.setMappingOnly(isMappingOnly);
311: }
312: getPersistenceBrokerTemplate().store(internalGroup);
313: } catch (Exception e) {
314: KeyedMessage msg = SecurityException.UNEXPECTED.create(
315: "SecurityAccess.setInternalGroupPrincipal",
316: "store", e.getMessage());
317: logger.error(msg, e);
318: throw new SecurityException(msg, e);
319: }
320: }
321:
322: /**
323: * <p>
324: * Remove the given {@link InternalGroupPrincipal}.
325: * </p>
326: *
327: * @param internalGroup The {@link InternalGroupPrincipal}.
328: * @throws SecurityException Throws a {@link SecurityException}.
329: */
330: public void removeInternalGroupPrincipal(
331: InternalGroupPrincipal internalGroup)
332: throws SecurityException {
333: try {
334: // Remove role.
335: getPersistenceBrokerTemplate().delete(internalGroup);
336:
337: if (logger.isDebugEnabled()) {
338: logger.debug("Deleted group: "
339: + internalGroup.getFullPath());
340: }
341:
342: } catch (Exception e) {
343: KeyedMessage msg = SecurityException.UNEXPECTED.create(
344: "SecurityAccess.removeInternalGroupPrincipal",
345: "store", e.getMessage());
346: logger.error(msg, e);
347: throw new SecurityException(msg, e);
348: }
349:
350: }
351:
352: public Iterator getInternalRolePrincipals(String filter) {
353: Criteria queryCriteria = new Criteria();
354: queryCriteria.addEqualTo("isMappingOnly", new Boolean(false));
355: queryCriteria.addLike("fullPath", UserPrincipal.PREFS_ROLE_ROOT
356: + filter + "%");
357: Query query = QueryFactory.newQuery(
358: InternalRolePrincipalImpl.class, queryCriteria);
359: Collection c = getPersistenceBrokerTemplate()
360: .getCollectionByQuery(query);
361: return c.iterator();
362: }
363:
364: public Iterator getInternalGroupPrincipals(String filter) {
365:
366: Criteria queryCriteria = new Criteria();
367: queryCriteria.addEqualTo("isMappingOnly", new Boolean(false));
368: queryCriteria.addLike("fullPath",
369: UserPrincipal.PREFS_GROUP_ROOT + filter + "%");
370: Query query = QueryFactory.newQuery(
371: InternalGroupPrincipalImpl.class, queryCriteria);
372: Collection c = getPersistenceBrokerTemplate()
373: .getCollectionByQuery(query);
374: return c.iterator();
375: }
376:
377: }
|