git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization;
  25
  26 import org.collectionspace.services.account.AccountRoleSubResource;
  27 import org.collectionspace.services.client.RoleClient;
  28 import org.collectionspace.services.common.SecurityResourceBase;
  29 import org.collectionspace.services.common.ServiceMessages;
  30 import org.collectionspace.services.common.context.RemoteServiceContextFactory;
  31 import org.collectionspace.services.common.context.ServiceContext;
  32 import org.collectionspace.services.common.context.ServiceContextFactory;
  33 import org.collectionspace.services.common.storage.StorageClient;
  34 import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
  35 import org.jboss.resteasy.util.HttpResponseCodes;
  36 import org.slf4j.Logger;
  37 import org.slf4j.LoggerFactory;
  38
  39 import javax.ws.rs.Consumes;
  40 import javax.ws.rs.DELETE;
  41 import javax.ws.rs.GET;
  42 import javax.ws.rs.POST;
  43 import javax.ws.rs.PUT;
  44 import javax.ws.rs.Path;
  45 import javax.ws.rs.PathParam;
  46 import javax.ws.rs.Produces;
  47 import javax.ws.rs.QueryParam;
  48 import javax.ws.rs.WebApplicationException;
  49 import javax.ws.rs.core.Context;
  50 import javax.ws.rs.core.Response;
  51 import javax.ws.rs.core.UriBuilder;
  52 import javax.ws.rs.core.UriInfo;
  53
  54 @Path(RoleClient.SERVICE_PATH)
  55 @Consumes("application/xml")
  56 @Produces("application/xml")
  57 public class RoleResource extends SecurityResourceBase {
  58
  59     final Logger logger = LoggerFactory.getLogger(RoleResource.class);
  60     final StorageClient storageClient = new JpaStorageClientImpl();
  61
  62     @Override
  63     protected String getVersionString() {
  64         return  "$LastChangedRevision: 1165 $";
  65     }
  66
  67     @Override
  68     public String getServiceName() {
  69         return RoleClient.SERVICE_NAME;
  70     }
  71
  72     @Override
  73     public Class<RoleResource> getCommonPartClass() {
  74         return RoleResource.class;
  75     }
  76
  77     @Override
  78     public ServiceContextFactory getServiceContextFactory() {
  79         return RemoteServiceContextFactory.get();
  80     }
  81
  82     @Override
  83     public StorageClient getStorageClient(ServiceContext ctx) {
  84         //FIXME use ctx to identify storage client
  85         return storageClient;
  86     }
  87
  88     @POST
  89     public Response createRole(Role input) {
  90         return create(input);
  91     }
  92
  93     @GET
  94     @Path("{csid}")
  95     public Role getRole(@PathParam("csid") String csid) {
  96         return (Role)get(csid, Role.class);
  97     }
  98
  99     /*
 100      * Get a list of accounts associated with this role.
 101      */
 102     @GET
 103     @Path("{csid}/accountroles")
 104     public AccountRole getRoleAccounts(
 105             @PathParam("csid") String accCsid) {
 106         logger.debug("getAccountRole with accCsid=" + accCsid);
 107         ensureCSID(accCsid, ServiceMessages.GET_FAILED+ "accountroles role ");
 108         AccountRole result = null;
 109         try {
 110             AccountRoleSubResource subResource =
 111                     new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
 112             //get relationships for a role
 113             result = subResource.getAccountRole(accCsid, SubjectType.ACCOUNT);
 114         } catch (Exception e) {
 115             throw bigReThrow(e, ServiceMessages.GET_FAILED, accCsid);
 116         }
 117         checkResult(result, accCsid, ServiceMessages.GET_FAILED);
 118         return result;
 119     }
 120
 121     @GET
 122     @Produces("application/xml")
 123     public RolesList getRoleList(@Context UriInfo ui) {
 124         return (RolesList)getList(ui, Role.class);
 125     }
 126
 127     @PUT
 128     @Path("{csid}")
 129     public Role updateRole(@PathParam("csid") String csid, Role theUpdate) {
 130         try {
 131                 Role role = (Role)get(csid, Role.class);
 132                 // If marked as metadata immutable, do not update
 133                 if(RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 134                     Response response =
 135                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 136                 throw new WebApplicationException(response);
 137                 }
 138                 return (Role)update(csid, theUpdate, Role.class);
 139         } catch (Exception e) {
 140             throw bigReThrow(e, ServiceMessages.UPDATE_FAILED, csid);
 141         }
 142     }
 143
 144     @DELETE
 145     @Path("{csid}")
 146     public Response deleteRole(@PathParam("csid") String csid) {
 147         logger.debug("deleteRole with csid=" + csid);
 148         ensureCSID(csid, ServiceMessages.DELETE_FAILED + "deleteRole ");
 149
 150         try {
 151                 Role role = (Role)get(csid, Role.class);
 152             // If marked as metadata immutable, do not delete
 153             if(RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 154                 Response response =
 155                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 156                 return response;
 157             }
 158             //FIXME ideally the following three operations should be in the same tx CSPACE-658
 159             //delete all relationships for this permission
 160             PermissionRoleSubResource permRoleResource =
 161                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 162             permRoleResource.deletePermissionRole(csid, SubjectType.PERMISSION);
 163             //delete all the account/role relationships associate with this role
 164             AccountRoleSubResource accountRoleResource =
 165                 new AccountRoleSubResource(AccountRoleSubResource.ROLE_ACCOUNTROLE_SERVICE);
 166             accountRoleResource.deleteAccountRole(csid, SubjectType.ACCOUNT);
 167             //finally, delete the role itself
 168             ServiceContext<Role, Role> ctx = createServiceContext((Role) null, Role.class);
 169             ((JpaStorageClientImpl) getStorageClient(ctx)).deleteWhere(ctx, csid);
 170             return Response.status(HttpResponseCodes.SC_OK).build();
 171         } catch (Exception e) {
 172             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, csid);
 173         }
 174     }
 175
 176     @POST
 177     @Path("{csid}/permroles")
 178     public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid,
 179             PermissionRole input) {
 180         if (method != null) {
 181             if ("delete".equalsIgnoreCase(method)) {
 182                 return deleteRolePermission(roleCsid, input);
 183             }
 184         }
 185         logger.debug("createRolePermission with roleCsid=" + roleCsid);
 186         ensureCSID(roleCsid, ServiceMessages.PUT_FAILED + "permroles role ");
 187         try {
 188                 Role role = (Role)get(roleCsid, Role.class);
 189             // If marked as metadata immutable, do not delete
 190             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 191                 Response response =
 192                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 193                 return response;
 194             }
 195             PermissionRoleSubResource subResource =
 196                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 197             String permrolecsid = subResource.createPermissionRole(input, SubjectType.PERMISSION);
 198             UriBuilder path = UriBuilder.fromResource(RoleResource.class);
 199             path.path(roleCsid + "/permroles/" + permrolecsid);
 200             Response response = Response.created(path.build()).build();
 201             return response;
 202         } catch (Exception e) {
 203             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 204         }
 205     }
 206
 207     @GET
 208     @Path("{csid}/permroles")
 209     public PermissionRole getRolePermission(
 210             @PathParam("csid") String roleCsid) {
 211         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 212         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 213         PermissionRole result = null;
 214         try {
 215             PermissionRoleSubResource subResource =
 216                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 217             //get relationships for a role
 218             result = subResource.getPermissionRole(roleCsid, SubjectType.PERMISSION);
 219         } catch (Exception e) {
 220             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 221         }
 222         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 223         return result;
 224     }
 225
 226     @GET
 227     @Path("{csid}/permroles/{id}")
 228     public PermissionRoleRel getRolePermission(
 229             @PathParam("csid") String roleCsid,
 230             @PathParam("id") String permrolecsid) {
 231         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 232         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 233         PermissionRoleRel result = null;
 234         try {
 235             PermissionRoleSubResource subResource =
 236                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 237             //get relationships for a role
 238             result = subResource.getPermissionRoleRel(roleCsid, SubjectType.PERMISSION, permrolecsid);
 239         } catch (Exception e) {
 240             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 241         }
 242         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 243         return result;
 244     }
 245
 246     public Response deleteRolePermission(String roleCsid, PermissionRole input) {
 247         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 248         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 249         try {
 250                 Role role = (Role)get(roleCsid, Role.class);
 251             // If marked as metadata immutable, do not delete
 252             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 253                 Response response =
 254                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 255                 return response;
 256             }
 257             PermissionRoleSubResource subResource =
 258                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 259             //delete all relationships for a permission
 260             subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION, input);
 261             return Response.status(HttpResponseCodes.SC_OK).build();
 262         } catch (Exception e) {
 263             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 264         }
 265     }
 266
 267     @DELETE
 268     @Path("{csid}/permroles")
 269     public Response deleteRolePermission(
 270                 @PathParam("csid") String roleCsid) {
 271         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 272         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 273         try {
 274                 Role role = (Role)get(roleCsid, Role.class);
 275             // If marked as metadata immutable, do not delete
 276             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 277                 Response response =
 278                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 279                 return response;
 280             }
 281             PermissionRoleSubResource subResource =
 282                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 283             //delete all relationships for a permission
 284             subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION);
 285             return Response.status(HttpResponseCodes.SC_OK).build();
 286         } catch (Exception e) {
 287             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 288         }
 289     }
 290 }