git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization.importer;
  25
  26 import java.io.FileInputStream;
  27 import java.io.InputStream;
  28 import java.util.ArrayList;
  29 import java.util.List;
  30 import javax.xml.bind.JAXBContext;
  31 import javax.xml.bind.Unmarshaller;
  32 import org.collectionspace.services.authorization.ActionType;
  33 import org.slf4j.Logger;
  34 import org.slf4j.LoggerFactory;
  35 import org.collectionspace.services.authorization.AuthZ;
  36 import org.collectionspace.services.authorization.CSpaceAction;
  37 import org.collectionspace.services.authorization.Permission;
  38 import org.collectionspace.services.authorization.PermissionAction;
  39 import org.collectionspace.services.authorization.PermissionException;
  40 import org.collectionspace.services.authorization.PermissionRole;
  41 import org.collectionspace.services.authorization.PermissionsList;
  42 import org.collectionspace.services.authorization.PermissionsRolesList;
  43 import org.collectionspace.services.authorization.RoleValue;
  44 import org.collectionspace.services.authorization.URIResourceImpl;
  45
  46 /**
  47  * AuthorizationSeed seeds authorizations (permission, role) into authz provider database
  48  * @author
  49  */
  50 public class AuthorizationSeed {
  51
  52     final Logger logger = LoggerFactory.getLogger(AuthorizationSeed.class);
  53
  54
  55     /**
  56      * seedPermissions seed permissions from given files
  57      * @param permFileName permisison file name
  58      * @param permRoleFileName permission role file name
  59      * @throws Exception
  60      */
  61     public void seedPermissions(String permFileName, String permRoleFileName) throws Exception {
  62         PermissionsList permList =
  63                 (PermissionsList) fromFile(PermissionsList.class,
  64                 permFileName);
  65         if (logger.isDebugEnabled()) {
  66             logger.debug("read permissions from " + permFileName);
  67         }
  68         PermissionsRolesList permRoleList =
  69                 (PermissionsRolesList) fromFile(PermissionsRolesList.class,
  70                 permRoleFileName);
  71         if (logger.isDebugEnabled()) {
  72             logger.debug("read permissions-roles from " + permRoleFileName);
  73         }
  74
  75         seedPermissions(permList, permRoleList);
  76     }
  77
  78     /**
  79      * seedPermissions seed permissions from given permisison and permission role lists
  80      * @param permList
  81      * @param permRoleList
  82      * @throws Exception
  83      */
  84     public void seedPermissions(PermissionsList permList, PermissionsRolesList permRoleList)
  85             throws Exception {
  86         for (Permission p : permList.getPermissions()) {
  87             if (logger.isDebugEnabled()) {
  88                 logger.debug("adding permission for res=" + p.getResourceName());
  89             }
  90             for (PermissionRole pr : permRoleList.getPermissionRoles()) {
  91                 if (pr.getPermissions().get(0).getPermissionId().equals(p.getCsid())) {
  92                     addPermissionsForUri(p, pr);
  93                 }
  94             }
  95         }
  96     }
  97
  98     /**
  99      * addPermissionsForUri add permissions from given permission configuration
 100      * with assumption that resource is of type URI
 101      * @param permission configuration
 102      */
 103     private void addPermissionsForUri(Permission perm,
 104             PermissionRole permRole) throws PermissionException {
 105         List<String> principals = new ArrayList<String>();
 106         if (!perm.getCsid().equals(permRole.getPermissions().get(0).getPermissionId())) {
 107             throw new IllegalArgumentException("permission ids do not"
 108                     + " match for role=" + permRole.getRoles().get(0).getRoleName()
 109                     + " with permissionId=" + permRole.getPermissions().get(0).getPermissionId()
 110                     + " for permission with csid=" + perm.getCsid());
 111         }
 112         for (RoleValue roleValue : permRole.getRoles()) {
 113             principals.add(roleValue.getRoleName());
 114         }
 115         List<PermissionAction> permActions = perm.getActions();
 116         for (PermissionAction permAction : permActions) {
 117             CSpaceAction action = getAction(permAction.getName());
 118             URIResourceImpl uriRes = new URIResourceImpl(perm.getTenantId(),
 119                     perm.getResourceName(), action);
 120             AuthZ.get().addPermissions(uriRes, principals.toArray(new String[0]));
 121         }
 122     }
 123
 124     /**
 125      * getAction is a convenience method to get corresponding action for
 126      * given ActionType
 127      * @param action
 128      * @return
 129      */
 130     private CSpaceAction getAction(ActionType action) {
 131         if (ActionType.CREATE.equals(action)) {
 132             return CSpaceAction.CREATE;
 133         } else if (ActionType.READ.equals(action)) {
 134             return CSpaceAction.READ;
 135         } else if (ActionType.UPDATE.equals(action)) {
 136             return CSpaceAction.UPDATE;
 137         } else if (ActionType.DELETE.equals(action)) {
 138             return CSpaceAction.DELETE;
 139         } else if (ActionType.SEARCH.equals(action)) {
 140             return CSpaceAction.SEARCH;
 141         } else if (ActionType.ADMIN.equals(action)) {
 142             return CSpaceAction.ADMIN;
 143         } else if (ActionType.START.equals(action)) {
 144             return CSpaceAction.START;
 145         } else if (ActionType.STOP.equals(action)) {
 146             return CSpaceAction.STOP;
 147         }
 148         throw new IllegalArgumentException("action = " + action.toString());
 149     }
 150
 151     static Object fromFile(Class jaxbClass, String fileName) throws Exception {
 152         InputStream is = new FileInputStream(fileName);
 153         try {
 154             JAXBContext context = JAXBContext.newInstance(jaxbClass);
 155             Unmarshaller unmarshaller = context.createUnmarshaller();
 156             //note: setting schema to null will turn validator off
 157             unmarshaller.setSchema(null);
 158             return jaxbClass.cast(unmarshaller.unmarshal(is));
 159         } finally {
 160             if (is != null) {
 161                 try {
 162                     is.close();
 163                 } catch (Exception e) {
 164                 }
 165             }
 166         }
 167     }
 168 }