git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization.driver;
  25
  26 import java.io.File;
  27 import java.util.HashSet;
  28 import org.collectionspace.services.authorization.AuthZ;
  29 import org.collectionspace.services.authorization.importer.AuthorizationGen;
  30 import org.collectionspace.services.authorization.importer.AuthorizationSeed;
  31 import org.slf4j.Logger;
  32 import org.slf4j.LoggerFactory;
  33 import org.springframework.context.support.ClassPathXmlApplicationContext;
  34 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  35 import org.springframework.security.core.Authentication;
  36 import org.springframework.security.core.GrantedAuthority;
  37 import org.springframework.security.core.authority.GrantedAuthorityImpl;
  38 import org.springframework.security.core.context.SecurityContextHolder;
  39 import org.springframework.transaction.TransactionDefinition;
  40 import org.springframework.transaction.TransactionStatus;
  41 import org.springframework.transaction.support.DefaultTransactionDefinition;
  42
  43 /**
  44  * A driver for seeding authorization
  45  * @author
  46  */
  47 public class AuthorizationSeedDriver {
  48
  49     final Logger logger = LoggerFactory.getLogger(AuthorizationSeedDriver.class);
  50     final static private String SPRING_SECURITY_METADATA = "applicationContext-authorization-test.xml";
  51     final static private String PERMISSION_FILE = "import-permissions.xml";
  52     final static private String PERMISSION_ROLE_FILE = "import-permissions-roles.xml";
  53     private String user = "test";
  54     private String password = "test";
  55     private String tenantBindingFile;
  56     private String importDir;
  57     private String exportDir;
  58     private org.springframework.jdbc.datasource.DataSourceTransactionManager txManager;
  59
  60     /**
  61      * AuthorizationSeedDriver
  62      * @param user to use to establish security context. should be in ROLE_ADMINISTRATOR
  63      * @param password
  64      * @param tenantBindingFile
  65      * @param importDir dir to import permisison/permission role file from. same as
  66      * export dir by default
  67      * @param exportDir dir to export permission/permission role file to
  68      */
  69     public AuthorizationSeedDriver(String user, String password,
  70             String tenantBindingFile,
  71             String importDir, String exportDir) {
  72         if (user == null || user.isEmpty()) {
  73             this.user = user;
  74         }
  75         if (password == null || password.isEmpty()) {
  76             this.password = password;
  77         }
  78         if (tenantBindingFile == null || tenantBindingFile.isEmpty()) {
  79             throw new IllegalStateException("tenantbindings are required.");
  80         }
  81         this.tenantBindingFile = tenantBindingFile;
  82         if (exportDir == null || exportDir.isEmpty()) {
  83             throw new IllegalStateException("exportdir required.");
  84         }
  85         this.exportDir = exportDir;
  86         if (importDir == null || importDir.isEmpty()) {
  87             importDir = exportDir;
  88         } else {
  89             this.importDir = importDir;
  90         }
  91
  92     }
  93
  94     public void seedData() {
  95         setup();
  96         TransactionStatus status = null;
  97         try {
  98             AuthorizationGen authzGen = new AuthorizationGen();
  99             authzGen.initialize(tenantBindingFile);
 100             authzGen.createDefaultServicePermissions();
 101             //create default role(s) for the tenant and assign permissions
 102             authzGen.createDefaultPermissionsRoles();
 103             authzGen.exportPermissions(exportDir + File.separator + PERMISSION_FILE);
 104             authzGen.exportPermissionRoles(exportDir + File.separator + PERMISSION_ROLE_FILE);
 105             if (logger.isDebugEnabled()) {
 106                 logger.debug("authroization generation completed ");
 107             }
 108             status = beginTransaction("seedData");
 109             AuthorizationSeed authzSeed = new AuthorizationSeed();
 110             authzSeed.seedPermissions(importDir + File.separator + PERMISSION_FILE,
 111                     importDir + File.separator + PERMISSION_ROLE_FILE);
 112             if (logger.isDebugEnabled()) {
 113                 logger.debug("authroization seeding completed ");
 114             }
 115         } catch (Exception ex) {
 116             if (status != null) {
 117                 rollbackTransaction(status);
 118             }
 119             if (logger.isDebugEnabled()) {
 120                 ex.printStackTrace();
 121             }
 122             throw new RuntimeException(ex);
 123         } finally {
 124             if (status != null) {
 125                 commitTransaction(status);
 126             }
 127             logout();
 128         }
 129     }
 130
 131     private void setup() {
 132
 133         ClassPathXmlApplicationContext appContext = new ClassPathXmlApplicationContext(
 134                 new String[]{SPRING_SECURITY_METADATA});
 135         login();
 136         System.setProperty("spring-beans-config", SPRING_SECURITY_METADATA);
 137         AuthZ authZ = AuthZ.get();
 138         txManager = (org.springframework.jdbc.datasource.DataSourceTransactionManager) appContext.getBean("transactionManager");
 139     }
 140
 141     private void login() {
 142         GrantedAuthority gauth = new GrantedAuthorityImpl("ROLE_ADMINISTRATOR");
 143         HashSet<GrantedAuthority> gauths = new HashSet<GrantedAuthority>();
 144         gauths.add(gauth);
 145         Authentication authRequest = new UsernamePasswordAuthenticationToken(user, password, gauths);
 146         SecurityContextHolder.getContext().setAuthentication(authRequest);
 147     }
 148
 149     private void logout() {
 150         SecurityContextHolder.getContext().setAuthentication(null);
 151     }
 152
 153     private TransactionStatus beginTransaction(String name) {
 154         DefaultTransactionDefinition def = new DefaultTransactionDefinition();
 155         // explicitly setting the transaction name is something that can only be done programmatically
 156         def.setName(name);
 157         def.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRED);
 158         return txManager.getTransaction(def);
 159     }
 160
 161     private void rollbackTransaction(TransactionStatus status) {
 162         txManager.rollback(status);
 163     }
 164
 165     private void commitTransaction(TransactionStatus status) {
 166         txManager.commit(status);
 167     }
 168 }