git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization;
  25
  26 import org.collectionspace.services.account.AccountRoleSubResource;
  27 import org.collectionspace.services.client.RoleClient;
  28 import org.collectionspace.services.common.SecurityResourceBase;
  29 import org.collectionspace.services.common.ServiceMessages;
  30 import org.collectionspace.services.common.context.RemoteServiceContextFactory;
  31 import org.collectionspace.services.common.context.ServiceContext;
  32 import org.collectionspace.services.common.context.ServiceContextFactory;
  33 import org.collectionspace.services.common.storage.StorageClient;
  34 import org.collectionspace.services.common.storage.TransactionContext;
  35 import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
  36 import org.collectionspace.services.common.CSWebApplicationException;
  37
  38 import org.jboss.resteasy.util.HttpResponseCodes;
  39 import org.slf4j.Logger;
  40 import org.slf4j.LoggerFactory;
  41
  42 import javax.ws.rs.Consumes;
  43 import javax.ws.rs.DELETE;
  44 import javax.ws.rs.GET;
  45 import javax.ws.rs.POST;
  46 import javax.ws.rs.PUT;
  47 import javax.ws.rs.Path;
  48 import javax.ws.rs.PathParam;
  49 import javax.ws.rs.Produces;
  50 import javax.ws.rs.QueryParam;
  51 import javax.ws.rs.core.Context;
  52 import javax.ws.rs.core.Response;
  53 import javax.ws.rs.core.UriBuilder;
  54 import javax.ws.rs.core.UriInfo;
  55
  56 @Path(RoleClient.SERVICE_PATH)
  57 @Consumes("application/xml")
  58 @Produces("application/xml")
  59 @SuppressWarnings("unchecked")
  60 public class RoleResource extends SecurityResourceBase {
  61
  62     final Logger logger = LoggerFactory.getLogger(RoleResource.class);
  63     final StorageClient storageClient = new JpaStorageClientImpl();
  64
  65     @Override
  66     protected String getVersionString() {
  67         return  "$LastChangedRevision: 1165 $";
  68     }
  69
  70     @Override
  71     public String getServiceName() {
  72         return RoleClient.SERVICE_NAME;
  73     }
  74
  75     @Override
  76     public Class<RoleResource> getCommonPartClass() {
  77         return RoleResource.class;
  78     }
  79
  80     @Override
  81     public ServiceContextFactory getServiceContextFactory() {
  82         return RemoteServiceContextFactory.get();
  83     }
  84
  85     @Override
  86     public StorageClient getStorageClient(ServiceContext ctx) {
  87         //FIXME use ctx to identify storage client
  88         return storageClient;
  89     }
  90
  91     @POST
  92     public Response createRole(Role input) {
  93         return create(input);
  94     }
  95
  96     @GET
  97     @Path("{csid}")
  98     public Role getRole(@PathParam("csid") String csid, @Context UriInfo ui) {
  99         return (Role)get(ui, csid, Role.class);
 100     }
 101
 102     /*
 103      * Get a list of accounts associated with this role.
 104      */
 105     @GET
 106     @Path("{csid}/accountroles")
 107     public AccountRole getRoleAccounts(
 108             @PathParam("csid") String accCsid) {
 109         logger.debug("getAccountRole with accCsid=" + accCsid);
 110         ensureCSID(accCsid, ServiceMessages.GET_FAILED+ "accountroles role ");
 111
 112         AccountRole result = null;
 113         try {
 114             AccountRoleSubResource subResource =
 115                     new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
 116             //get relationships for a role
 117             result = subResource.getAccountRole((ServiceContext)null, accCsid, SubjectType.ACCOUNT);
 118         } catch (Exception e) {
 119             throw bigReThrow(e, ServiceMessages.GET_FAILED, accCsid);
 120         }
 121         checkResult(result, accCsid, ServiceMessages.GET_FAILED);
 122
 123         return result;
 124     }
 125
 126     @GET
 127     @Produces("application/xml")
 128     public RolesList getRoleList(@Context UriInfo ui) {
 129         return (RolesList)getList(ui, Role.class);
 130     }
 131
 132     @PUT
 133     @Path("{csid}")
 134     public Role updateRole(@PathParam("csid") String csid, Role theUpdate) {
 135         Role result = null;
 136
 137         try {
 138                 Role role = (Role)get(csid, Role.class);
 139                 // If marked as metadata immutable, do not update
 140                 if (RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 141                     Response response =
 142                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 143                 throw new CSWebApplicationException(response);
 144                 }
 145                 result = (Role)update(csid, theUpdate, Role.class);
 146         } catch (Exception e) {
 147             throw bigReThrow(e, ServiceMessages.UPDATE_FAILED, csid);
 148         }
 149
 150         return result;
 151     }
 152
 153         @DELETE
 154     @Path("{csid}")
 155     public Response deleteRole(@PathParam("csid") String csid, @Context UriInfo ui) throws Exception {
 156         logger.debug("deleteRole with csid=" + csid);
 157         ensureCSID(csid, ServiceMessages.DELETE_FAILED + "deleteRole ");
 158
 159         ServiceContext<Role, Role> ctx = createServiceContext((Role) null, Role.class);
 160         TransactionContext transactionContext = ctx.openConnection(); // ensure we do all this in one transaction
 161         try {
 162                 transactionContext.beginTransaction();
 163                 Role role = (Role)get(csid, Role.class);
 164             // If marked as metadata immutable, do not delete
 165             if (RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 166                 Response response =
 167                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 168                 return response;
 169             }
 170             //
 171             // delete all the permission/role relationships
 172             //
 173             PermissionRoleSubResource permRoleResource =
 174                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 175             permRoleResource.deletePermissionRole(ctx, csid, SubjectType.PERMISSION);
 176             //
 177             //delete all the account/role relationships associate with this role
 178             //
 179             AccountRoleSubResource accountRoleResource =
 180                 new AccountRoleSubResource(AccountRoleSubResource.ROLE_ACCOUNTROLE_SERVICE);
 181             accountRoleResource.deleteAccountRole(ctx, csid, SubjectType.ACCOUNT);
 182             //
 183             //finally, delete the role itself
 184             //
 185             ((JpaStorageClientImpl) getStorageClient(ctx)).deleteWhere(ctx, csid);
 186             transactionContext.commitTransaction();
 187         } catch(Exception e) {
 188                 transactionContext.markForRollback();
 189             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, csid);
 190         } finally {
 191                 ctx.closeConnection();
 192         }
 193
 194         return Response.status(HttpResponseCodes.SC_OK).build();
 195     }
 196
 197     @POST
 198     @Path("{csid}/permroles")
 199     public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid,
 200             PermissionRole input) {
 201         if (method != null) {
 202             if ("delete".equalsIgnoreCase(method)) {
 203                 return deleteRolePermission(roleCsid, input);
 204             }
 205         }
 206
 207         logger.debug("createRolePermission with roleCsid=" + roleCsid);
 208         ensureCSID(roleCsid, ServiceMessages.PUT_FAILED + "permroles role ");
 209         Response response = null;
 210         try {
 211                 Role role = (Role)get(roleCsid, Role.class);
 212             // If marked as metadata immutable, do not delete
 213             if (RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 214                 response =
 215                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 216                 return response;
 217             }
 218             PermissionRoleSubResource subResource =
 219                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 220             String permrolecsid = subResource.createPermissionRole((ServiceContext)null, input, SubjectType.PERMISSION);
 221             UriBuilder path = UriBuilder.fromResource(RoleResource.class);
 222             path.path(roleCsid + "/permroles/" + permrolecsid);
 223             response = Response.created(path.build()).build();
 224         } catch (Exception e) {
 225             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 226         }
 227
 228         return response;
 229     }
 230
 231     @GET
 232     @Path("{csid}/permroles")
 233     public PermissionRole getRolePermission(
 234             @PathParam("csid") String roleCsid) {
 235         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 236         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 237
 238         PermissionRole result = null;
 239         try {
 240             PermissionRoleSubResource subResource =
 241                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 242             //get relationships for a role
 243             result = subResource.getPermissionRole((ServiceContext)null, roleCsid, SubjectType.PERMISSION);
 244         } catch (Exception e) {
 245             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 246         }
 247         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 248
 249         return result;
 250     }
 251
 252     @GET
 253     @Path("{csid}/permroles/{id}")
 254     public PermissionRoleRel getRolePermission(
 255             @PathParam("csid") String roleCsid,
 256             @PathParam("id") String permrolecsid) {
 257         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 258         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 259
 260         PermissionRoleRel result = null;
 261         try {
 262             PermissionRoleSubResource subResource =
 263                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 264             //get relationships for a role
 265             result = subResource.getPermissionRoleRel((ServiceContext)null, roleCsid, SubjectType.PERMISSION, permrolecsid);
 266         } catch (Exception e) {
 267             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 268         }
 269         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 270
 271         return result;
 272     }
 273
 274     public Response deleteRolePermission(String roleCsid, PermissionRole input) {
 275         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 276         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 277
 278         Response result = null;
 279         try {
 280                 Role role = (Role)get(roleCsid, Role.class);
 281             // If marked as metadata immutable, do not delete
 282             if (RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 283                 Response response = Response.status(Response.Status.FORBIDDEN).entity(
 284                                 "Role: "+roleCsid+" is immutable.").type("text/plain").build();
 285                 return response;
 286             }
 287             PermissionRoleSubResource subResource =
 288                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 289             //delete all relationships for a permission
 290             subResource.deletePermissionRole((ServiceContext)null, roleCsid, SubjectType.PERMISSION, input);
 291             result = Response.status(HttpResponseCodes.SC_OK).build();
 292         } catch (Exception e) {
 293             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 294         }
 295
 296         return result;
 297     }
 298
 299     @DELETE
 300     @Path("{csid}/permroles")
 301     public Response deleteRolePermission(
 302                 @PathParam("csid") String roleCsid) {
 303         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 304         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 305
 306         try {
 307                 Role role = (Role)get(roleCsid, Role.class);
 308             // If marked as metadata immutable, do not delete
 309             if (RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 310                 Response response =
 311                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 312                 return response;
 313             }
 314             PermissionRoleSubResource subResource =
 315                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 316             //delete all relationships for a permission
 317             subResource.deletePermissionRole((ServiceContext)null, roleCsid, SubjectType.PERMISSION);
 318         } catch (Exception e) {
 319             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 320         }
 321
 322         return Response.status(HttpResponseCodes.SC_OK).build();
 323     }
 324 }