]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


4b31644218aca649e9578b9b61ff9571ec7254ba
[tmp/jakarta-migration.git] /
1 /**
2  *  This document is a part of the source code and related artifacts
3  *  for CollectionSpace, an open source collections management system
4  *  for museums and related institutions:
5
6  *  http://www.collectionspace.org
7  *  http://wiki.collectionspace.org
8
9  *  Copyright 2009 University of California at Berkeley
10
11  *  Licensed under the Educational Community License (ECL), Version 2.0.
12  *  You may not use this file except in compliance with this License.
13
14  *  You may obtain a copy of the ECL 2.0 License at
15
16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
17
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS,
20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 package org.collectionspace.services.authorization.importer;
25
26 import java.io.File;
27 import org.slf4j.Logger;
28 import org.slf4j.LoggerFactory;
29 import java.util.ArrayList;
30 import java.util.Hashtable;
31 import java.util.List;
32 import java.util.UUID;
33 import javax.xml.bind.JAXBContext;
34 import javax.xml.bind.Marshaller;
35 import org.collectionspace.services.authorization.AccountRole;
36 import org.collectionspace.services.authorization.ActionType;
37 import org.collectionspace.services.authorization.Permission;
38 import org.collectionspace.services.authorization.EffectType;
39 import org.collectionspace.services.authorization.PermissionAction;
40 import org.collectionspace.services.authorization.PermissionRole;
41 import org.collectionspace.services.authorization.PermissionValue;
42 import org.collectionspace.services.authorization.PermissionsList;
43 import org.collectionspace.services.authorization.PermissionsRolesList;
44 import org.collectionspace.services.authorization.Role;
45 import org.collectionspace.services.authorization.RoleValue;
46 import org.collectionspace.services.authorization.SubjectType;
47 import org.collectionspace.services.common.config.TenantBindingConfigReaderImpl;
48 import org.collectionspace.services.common.service.ServiceBindingType;
49 import org.collectionspace.services.common.tenant.TenantBindingType;
50
51 /**
52  * AuthorizationGen generates authorizations (permissions and roles)
53  * for tenant services
54  * @author 
55  */
56 public class AuthorizationGen {
57
58     final Logger logger = LoggerFactory.getLogger(AuthorizationGen.class);
59     private List<Permission> permList = new ArrayList<Permission>();
60     private List<PermissionRole> permRoleList = new ArrayList<PermissionRole>();
61     private Hashtable<String, TenantBindingType> tenantBindings =
62             new Hashtable<String, TenantBindingType>();
63     final public static String ROLE_ADMINISTRATOR = "ROLE_ADMINISTRATOR";
64
65     public void initialize(String tenantBindingFileName) throws Exception {
66         TenantBindingConfigReaderImpl tenantBindingConfigReader =
67                 new TenantBindingConfigReaderImpl(null);
68         tenantBindingConfigReader.read(tenantBindingFileName);
69         tenantBindings = tenantBindingConfigReader.getTenantBindings();
70         if (logger.isDebugEnabled()) {
71             logger.debug("initialized with tenant bindings from " + tenantBindingFileName);
72         }
73     }
74
75     public void createDefaultServicePermissions() {
76         for (String tenantId : tenantBindings.keySet()) {
77             List<Permission> perms = createDefaultServicePermissions(tenantId);
78             permList.addAll(perms);
79         }
80     }
81
82     public List<Permission> createDefaultServicePermissions(String tenantId) {
83         ArrayList<Permission> apcList = new ArrayList<Permission>();
84         TenantBindingType tbinding = tenantBindings.get(tenantId);
85         for (ServiceBindingType sbinding : tbinding.getServiceBindings()) {
86
87             //add permissions for the main path
88             Permission perm = buildCommonPermission(tbinding.getId(),
89                     sbinding.getName().toLowerCase());
90             apcList.add(perm);
91
92             //add permissions for alternate paths
93             List<String> uriPaths = sbinding.getUriPath();
94             for (String uriPath : uriPaths) {
95                 perm = buildCommonPermission(tbinding.getId(),
96                         uriPath.toLowerCase());
97                 apcList.add(perm);
98             }
99
100         }
101         return apcList;
102
103     }
104
105     private Permission buildCommonPermission(String tenantId, String resourceName) {
106         String id = UUID.randomUUID().toString();
107         Permission perm = new Permission();
108         perm.setCsid(id);
109         perm.setResourceName(resourceName.toLowerCase());
110         perm.setEffect(EffectType.PERMIT);
111         perm.setTenantId(tenantId);
112         ArrayList<PermissionAction> pas = new ArrayList<PermissionAction>();
113         perm.setActions(pas);
114
115         PermissionAction pa = new PermissionAction();
116         pa.setName(ActionType.CREATE);
117         pas.add(pa);
118         PermissionAction pa1 = new PermissionAction();
119         pa1.setName(ActionType.READ);
120         pas.add(pa1);
121         PermissionAction pa2 = new PermissionAction();
122         pa2.setName(ActionType.UPDATE);
123         pas.add(pa2);
124         PermissionAction pa3 = new PermissionAction();
125         pa3.setName(ActionType.DELETE);
126         pas.add(pa3);
127         PermissionAction pa4 = new PermissionAction();
128         pa4.setName(ActionType.SEARCH);
129         pas.add(pa4);
130         return perm;
131     }
132
133     public List<Permission> getDefaultServicePermissions() {
134         return permList;
135     }
136
137     public void createDefaultPermissionsRoles() {
138         for (Permission p : permList) {
139             TenantBindingType tbinding = tenantBindings.get(p.getTenantId());
140 //            String tenantAdminRole = getTenantAdminRole(tbinding.getName());
141 //            PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
142 //                    p.getResourceName(), tenantAdminRole, "999");
143 //            permRoleList.add(permRole);
144
145             //CSpace Administrator has all access
146             PermissionRole permAdmRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
147                     p.getResourceName(), ROLE_ADMINISTRATOR, "1");
148             permRoleList.add(permAdmRole);
149         }
150     }
151
152     public List<PermissionRole> createPermissionsRoles(List<Permission> perms, String roleName, String roleId) {
153         List<PermissionRole> permRoles = new ArrayList<PermissionRole>();
154         for (Permission p : perms) {
155             PermissionRole permRole = buildCommonPermissionRoles(p.getTenantId(), p.getCsid(),
156                     p.getResourceName(), roleName, roleId);
157             permRoles.add(permRole);
158         }
159         return permRoles;
160     }
161
162     private PermissionRole buildCommonPermissionRoles(String tenantId, String permId,
163             String resName, String roleName, String roleId) {
164
165         PermissionRole pr = new PermissionRole();
166         pr.setSubject(SubjectType.ROLE);
167         List<PermissionValue> permValues = new ArrayList<PermissionValue>();
168         pr.setPermissions(permValues);
169         PermissionValue permValue = new PermissionValue();
170         permValue.setPermissionId(permId);
171         permValue.setResourceName(resName.toLowerCase());
172         permValues.add(permValue);
173
174         List<RoleValue> roleValues = new ArrayList<RoleValue>();
175         RoleValue radmin = new RoleValue();
176         radmin.setRoleName(roleName.toUpperCase());
177         radmin.setRoleId(roleId);
178         roleValues.add(radmin);
179         pr.setRoles(roleValues);
180
181         return pr;
182     }
183
184     /**
185      * getTenantAdminRole generates role for tenant administrator
186      * @param tenantName
187      * @return
188      */
189     private String getTenantAdminRole(String tenantName) {
190         tenantName = tenantName.toUpperCase();
191         tenantName = tenantName.replace(' ', '_');
192         return ROLE_ADMINISTRATOR + "_" + tenantName;
193     }
194
195     public List<PermissionRole> getDefaultServicePermissionRoles() {
196         return permRoleList;
197     }
198
199     public void exportPermissions(String fileName) {
200         PermissionsList pcList = new PermissionsList();
201         pcList.setPermissions(permList);
202         toFile(pcList, PermissionsList.class,
203                 fileName);
204         if (logger.isDebugEnabled()) {
205             logger.debug("exported permissions to " + fileName);
206         }
207     }
208
209     public void exportPermissionRoles(String fileName) {
210         PermissionsRolesList psrsl = new PermissionsRolesList();
211         psrsl.setPermissionRoles(permRoleList);
212         toFile(psrsl, PermissionsRolesList.class,
213                 fileName);
214         if (logger.isDebugEnabled()) {
215             logger.debug("exported permissions-roles to " + fileName);
216         }
217     }
218
219     private void toFile(Object o, Class jaxbClass, String fileName) {
220         File f = new File(fileName);
221         try {
222             JAXBContext jc = JAXBContext.newInstance(jaxbClass);
223             Marshaller m = jc.createMarshaller();
224             m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT,
225                     Boolean.TRUE);
226             m.marshal(o, f);
227         } catch (Exception e) {
228             e.printStackTrace();
229         }
230     }
231 }