git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization.importer;
  25
  26 import java.io.File;
  27 import org.slf4j.Logger;
  28 import org.slf4j.LoggerFactory;
  29 import java.util.ArrayList;
  30 import java.util.Hashtable;
  31 import java.util.List;
  32 import java.util.UUID;
  33 import javax.xml.bind.JAXBContext;
  34 import javax.xml.bind.Marshaller;
  35 import org.collectionspace.services.authorization.AccountRole;
  36 import org.collectionspace.services.authorization.ActionType;
  37 import org.collectionspace.services.authorization.Permission;
  38 import org.collectionspace.services.authorization.EffectType;
  39 import org.collectionspace.services.authorization.PermissionAction;
  40 import org.collectionspace.services.authorization.PermissionRole;
  41 import org.collectionspace.services.authorization.PermissionValue;
  42 import org.collectionspace.services.authorization.PermissionsList;
  43 import org.collectionspace.services.authorization.PermissionsRolesList;
  44 import org.collectionspace.services.authorization.Role;
  45 import org.collectionspace.services.authorization.RoleValue;
  46 import org.collectionspace.services.authorization.SubjectType;
  47 import org.collectionspace.services.common.config.TenantBindingConfigReaderImpl;
  48 import org.collectionspace.services.common.service.ServiceBindingType;
  49 import org.collectionspace.services.common.tenant.TenantBindingType;
  50
  51 /**
  52  * AuthorizationGen generates authorizations (permissions and roles)
  53  * for tenant services
  54  * @author
  55  */
  56 public class AuthorizationGen {
  57
  58     final Logger logger = LoggerFactory.getLogger(AuthorizationGen.class);
  59     private List<Permission> permList = new ArrayList<Permission>();
  60     private List<PermissionRole> permRoleList = new ArrayList<PermissionRole>();
  61     private Hashtable<String, TenantBindingType> tenantBindings =
  62             new Hashtable<String, TenantBindingType>();
  63
  64     public void initialize(String tenantBindingFileName) throws Exception {
  65         TenantBindingConfigReaderImpl tenantBindingConfigReader =
  66                 new TenantBindingConfigReaderImpl(null);
  67         tenantBindingConfigReader.read(tenantBindingFileName);
  68         tenantBindings = tenantBindingConfigReader.getTenantBindings();
  69         if (logger.isDebugEnabled()) {
  70             logger.debug("initialized with tenant bindings from " + tenantBindingFileName);
  71         }
  72     }
  73
  74
  75     public void createDefaultServicePermissions() {
  76         for (String tenantId : tenantBindings.keySet()) {
  77             List<Permission> perms = createDefaultServicePermissions(tenantId);
  78             permList.addAll(perms);
  79         }
  80     }
  81
  82     public List<Permission> createDefaultServicePermissions(String tenantId) {
  83         ArrayList<Permission> apcList = new ArrayList<Permission>();
  84         TenantBindingType tbinding = tenantBindings.get(tenantId);
  85         for (ServiceBindingType sbinding : tbinding.getServiceBindings()) {
  86             Permission accPerm = buildCommonPermission(tbinding.getId(),
  87                     sbinding.getName());
  88             apcList.add(accPerm);
  89         }
  90         return apcList;
  91
  92     }
  93
  94
  95     private Permission buildCommonPermission(String tenantId, String resourceName) {
  96         String id = UUID.randomUUID().toString();
  97         Permission perm = new Permission();
  98         perm.setCsid(id);
  99         perm.setResourceName(resourceName.toLowerCase());
 100         perm.setEffect(EffectType.PERMIT);
 101         perm.setTenantId(tenantId);
 102         ArrayList<PermissionAction> pas = new ArrayList<PermissionAction>();
 103         perm.setActions(pas);
 104
 105         PermissionAction pa = new PermissionAction();
 106         pa.setName(ActionType.CREATE);
 107         pas.add(pa);
 108         PermissionAction pa1 = new PermissionAction();
 109         pa1.setName(ActionType.READ);
 110         pas.add(pa1);
 111         PermissionAction pa2 = new PermissionAction();
 112         pa2.setName(ActionType.UPDATE);
 113         pas.add(pa2);
 114         PermissionAction pa3 = new PermissionAction();
 115         pa3.setName(ActionType.DELETE);
 116         pas.add(pa3);
 117         PermissionAction pa4 = new PermissionAction();
 118         pa4.setName(ActionType.SEARCH);
 119         pas.add(pa4);
 120         return perm;
 121     }
 122
 123     public List<Permission> getDefaultServicePermissions() {
 124         return permList;
 125     }
 126
 127     public void createDefaultPermissionsRoles(String roleName) {
 128         for (Permission p : permList) {
 129             PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
 130                     p.getResourceName(), roleName);
 131             permRoleList.add(permRole);
 132         }
 133     }
 134
 135     public List<PermissionRole> createPermissionsRoles(List<Permission> perms, String roleName) {
 136         List<PermissionRole> permRoles = new ArrayList<PermissionRole>();
 137         for (Permission p : perms) {
 138             PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
 139                     p.getResourceName(), roleName);
 140             permRoles.add(permRole);
 141         }
 142         return permRoles;
 143     }
 144
 145     private PermissionRole buildCommonPermissionRoles(String tenantId, String permId,
 146             String resName, String roleName) {
 147
 148         PermissionRole pr = new PermissionRole();
 149         pr.setSubject(SubjectType.ROLE);
 150         List<PermissionValue> permValues = new ArrayList<PermissionValue>();
 151         pr.setPermissions(permValues);
 152         PermissionValue permValue = new PermissionValue();
 153         permValue.setPermissionId(permId);
 154         permValue.setResourceName(resName.toLowerCase());
 155         permValues.add(permValue);
 156
 157         List<RoleValue> roleValues = new ArrayList<RoleValue>();
 158         RoleValue radmin = new RoleValue();
 159         radmin.setRoleName(roleName.toUpperCase());
 160         radmin.setRoleId(tenantId);
 161         roleValues.add(radmin);
 162         pr.setRoles(roleValues);
 163
 164         return pr;
 165     }
 166
 167     public List<PermissionRole> getDefaultServicePermissionRoles() {
 168         return permRoleList;
 169     }
 170
 171     public void exportPermissions(String fileName) {
 172         PermissionsList pcList = new PermissionsList();
 173         pcList.setPermissions(permList);
 174         toFile(pcList, PermissionsList.class,
 175                 fileName);
 176         if (logger.isDebugEnabled()) {
 177             logger.debug("exported permissions to " + fileName);
 178         }
 179     }
 180
 181     public void exportPermissionRoles(String fileName) {
 182         PermissionsRolesList psrsl = new PermissionsRolesList();
 183         psrsl.setPermissionRoles(permRoleList);
 184         toFile(psrsl, PermissionsRolesList.class,
 185                 fileName);
 186         if (logger.isDebugEnabled()) {
 187             logger.debug("exported permissions-roles to " + fileName);
 188         }
 189     }
 190
 191     private void toFile(Object o, Class jaxbClass, String fileName) {
 192         File f = new File(fileName);
 193         try {
 194             JAXBContext jc = JAXBContext.newInstance(jaxbClass);
 195             Marshaller m = jc.createMarshaller();
 196             m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT,
 197                     Boolean.TRUE);
 198             m.marshal(o, f);
 199         } catch (Exception e) {
 200             e.printStackTrace();
 201         }
 202     }
 203 }