]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


4e80ddb5bfbc7500dad24c8d87cee11df7b96db9
[tmp/jakarta-migration.git] /
1 /**
2  *  This document is a part of the source code and related artifacts
3  *  for CollectionSpace, an open source collections management system
4  *  for museums and related institutions:
5
6  *  http://www.collectionspace.org
7  *  http://wiki.collectionspace.org
8
9  *  Copyright 2009 University of California at Berkeley
10
11  *  Licensed under the Educational Community License (ECL), Version 2.0.
12  *  You may not use this file except in compliance with this License.
13
14  *  You may obtain a copy of the ECL 2.0 License at
15
16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
17
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS,
20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 package org.collectionspace.services.authorization.importer;
25
26 import java.io.FileInputStream;
27 import java.io.InputStream;
28 import java.util.ArrayList;
29 import java.util.List;
30 import javax.xml.bind.JAXBContext;
31 import javax.xml.bind.Unmarshaller;
32 import org.collectionspace.services.authorization.ActionType;
33 import org.slf4j.Logger;
34 import org.slf4j.LoggerFactory;
35 import org.collectionspace.services.authorization.AuthZ;
36 import org.collectionspace.services.authorization.CSpaceAction;
37 import org.collectionspace.services.authorization.EffectType;
38 import org.collectionspace.services.authorization.Permission;
39 import org.collectionspace.services.authorization.PermissionAction;
40 import org.collectionspace.services.authorization.PermissionException;
41 import org.collectionspace.services.authorization.PermissionRole;
42 import org.collectionspace.services.authorization.PermissionsList;
43 import org.collectionspace.services.authorization.PermissionsRolesList;
44 import org.collectionspace.services.authorization.RoleValue;
45 import org.collectionspace.services.authorization.URIResourceImpl;
46
47 /**
48  * AuthorizationSeed seeds authorizations (permission, role) into authz provider database
49  * @author 
50  */
51 public class AuthorizationSeed {
52
53     final Logger logger = LoggerFactory.getLogger(AuthorizationSeed.class);
54
55
56     /**
57      * seedPermissions seed permissions from given files
58      * @param permFileName permisison file name
59      * @param permRoleFileName permission role file name
60      * @throws Exception
61      */
62     public void seedPermissions(String permFileName, String permRoleFileName) throws Exception {
63         PermissionsList permList =
64                 (PermissionsList) fromFile(PermissionsList.class,
65                 permFileName);
66         if (logger.isDebugEnabled()) {
67             logger.debug("read permissions from " + permFileName);
68         }
69         PermissionsRolesList permRoleList =
70                 (PermissionsRolesList) fromFile(PermissionsRolesList.class,
71                 permRoleFileName);
72         if (logger.isDebugEnabled()) {
73             logger.debug("read permissions-roles from " + permRoleFileName);
74         }
75
76         seedPermissions(permList, permRoleList);
77     }
78
79     /**
80      * seedPermissions seed permissions from given permisison and permission role lists
81      * @param permList
82      * @param permRoleList
83      * @throws Exception
84      */
85     public void seedPermissions(PermissionsList permList, PermissionsRolesList permRoleList)
86             throws Exception {
87         for (Permission p : permList.getPermissions()) {
88             if (logger.isTraceEnabled()) {
89                 logger.trace("adding permission for res=" + p.getResourceName() +
90                         " for tenant=" + p.getTenantId());
91             }
92             for (PermissionRole pr : permRoleList.getPermissionRoles()) {
93                 if (pr.getPermissions().get(0).getPermissionId().equals(p.getCsid())) {
94                     addPermissionsForUri(p, pr);
95                 }
96             }
97         }
98     }
99
100     /**
101      * addPermissionsForUri add permissions from given permission configuration
102      * with assumption that resource is of type URI
103      * @param permission configuration
104      */
105     private void addPermissionsForUri(Permission perm,
106             PermissionRole permRole) throws PermissionException {
107         List<String> principals = new ArrayList<String>();
108         if (!perm.getCsid().equals(permRole.getPermissions().get(0).getPermissionId())) {
109             throw new IllegalArgumentException("permission ids do not"
110                     + " match for role=" + permRole.getRoles().get(0).getRoleName()
111                     + " with permissionId=" + permRole.getPermissions().get(0).getPermissionId()
112                     + " for permission with csid=" + perm.getCsid());
113         }
114         for (RoleValue roleValue : permRole.getRoles()) {
115             principals.add(roleValue.getRoleName());
116         }
117         List<PermissionAction> permActions = perm.getActions();
118         for (PermissionAction permAction : permActions) {
119             CSpaceAction action = URIResourceImpl.getAction(permAction.getName());
120             URIResourceImpl uriRes = new URIResourceImpl(perm.getTenantId(),
121                     perm.getResourceName(), action);
122             boolean grant = perm.getEffect().equals(EffectType.PERMIT) ? true : false;
123             AuthZ.get().addPermissions(uriRes, principals.toArray(new String[0]), grant);
124         }
125     }
126
127     /**
128      * getAction is a convenience method to get corresponding action for
129      * given ActionType
130      * @param action
131      * @return
132      *
133     private CSpaceAction getAction(ActionType action) {
134         if (ActionType.CREATE.equals(action)) {
135             return CSpaceAction.CREATE;
136         } else if (ActionType.READ.equals(action)) {
137             return CSpaceAction.READ;
138         } else if (ActionType.UPDATE.equals(action)) {
139             return CSpaceAction.UPDATE;
140         } else if (ActionType.DELETE.equals(action)) {
141             return CSpaceAction.DELETE;
142         } else if (ActionType.SEARCH.equals(action)) {
143             return CSpaceAction.SEARCH;
144         } else if (ActionType.ADMIN.equals(action)) {
145             return CSpaceAction.ADMIN;
146         } else if (ActionType.START.equals(action)) {
147             return CSpaceAction.START;
148         } else if (ActionType.STOP.equals(action)) {
149             return CSpaceAction.STOP;
150         }
151         throw new IllegalArgumentException("action = " + action.toString());
152     }
153     */
154
155     static Object fromFile(Class jaxbClass, String fileName) throws Exception {
156         InputStream is = new FileInputStream(fileName);
157         try {
158             JAXBContext context = JAXBContext.newInstance(jaxbClass);
159             Unmarshaller unmarshaller = context.createUnmarshaller();
160             //note: setting schema to null will turn validator off
161             unmarshaller.setSchema(null);
162             return jaxbClass.cast(unmarshaller.unmarshal(is));
163         } finally {
164             if (is != null) {
165                 try {
166                     is.close();
167                 } catch (Exception e) {
168                 }
169             }
170         }
171     }
172 }