git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization;
  25
  26 import org.collectionspace.services.account.AccountRoleSubResource;
  27 import org.collectionspace.services.client.RoleClient;
  28 import org.collectionspace.services.common.SecurityResourceBase;
  29 import org.collectionspace.services.common.ServiceMessages;
  30 import org.collectionspace.services.common.context.RemoteServiceContextFactory;
  31 import org.collectionspace.services.common.context.ServiceContext;
  32 import org.collectionspace.services.common.context.ServiceContextFactory;
  33 import org.collectionspace.services.common.storage.StorageClient;
  34 import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
  35 import org.collectionspace.services.common.CSWebApplicationException;
  36
  37 import org.jboss.resteasy.util.HttpResponseCodes;
  38 import org.slf4j.Logger;
  39 import org.slf4j.LoggerFactory;
  40
  41 import javax.ws.rs.Consumes;
  42 import javax.ws.rs.DELETE;
  43 import javax.ws.rs.GET;
  44 import javax.ws.rs.POST;
  45 import javax.ws.rs.PUT;
  46 import javax.ws.rs.Path;
  47 import javax.ws.rs.PathParam;
  48 import javax.ws.rs.Produces;
  49 import javax.ws.rs.QueryParam;
  50 import javax.ws.rs.WebApplicationException;
  51 import javax.ws.rs.core.Context;
  52 import javax.ws.rs.core.Response;
  53 import javax.ws.rs.core.UriBuilder;
  54 import javax.ws.rs.core.UriInfo;
  55
  56 @Path(RoleClient.SERVICE_PATH)
  57 @Consumes("application/xml")
  58 @Produces("application/xml")
  59 public class RoleResource extends SecurityResourceBase {
  60
  61     final Logger logger = LoggerFactory.getLogger(RoleResource.class);
  62     final StorageClient storageClient = new JpaStorageClientImpl();
  63
  64     @Override
  65     protected String getVersionString() {
  66         return  "$LastChangedRevision: 1165 $";
  67     }
  68
  69     @Override
  70     public String getServiceName() {
  71         return RoleClient.SERVICE_NAME;
  72     }
  73
  74     @Override
  75     public Class<RoleResource> getCommonPartClass() {
  76         return RoleResource.class;
  77     }
  78
  79     @Override
  80     public ServiceContextFactory getServiceContextFactory() {
  81         return RemoteServiceContextFactory.get();
  82     }
  83
  84     @Override
  85     public StorageClient getStorageClient(ServiceContext ctx) {
  86         //FIXME use ctx to identify storage client
  87         return storageClient;
  88     }
  89
  90     @POST
  91     public Response createRole(Role input) {
  92         return create(input);
  93     }
  94
  95     @GET
  96     @Path("{csid}")
  97     public Role getRole(@PathParam("csid") String csid) {
  98         return (Role)get(csid, Role.class);
  99     }
 100
 101     /*
 102      * Get a list of accounts associated with this role.
 103      */
 104     @GET
 105     @Path("{csid}/accountroles")
 106     public AccountRole getRoleAccounts(
 107             @PathParam("csid") String accCsid) {
 108         logger.debug("getAccountRole with accCsid=" + accCsid);
 109         ensureCSID(accCsid, ServiceMessages.GET_FAILED+ "accountroles role ");
 110         AccountRole result = null;
 111         try {
 112             AccountRoleSubResource subResource =
 113                     new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
 114             //get relationships for a role
 115             result = subResource.getAccountRole(accCsid, SubjectType.ACCOUNT);
 116         } catch (Exception e) {
 117             throw bigReThrow(e, ServiceMessages.GET_FAILED, accCsid);
 118         }
 119         checkResult(result, accCsid, ServiceMessages.GET_FAILED);
 120         return result;
 121     }
 122
 123     @GET
 124     @Produces("application/xml")
 125     public RolesList getRoleList(@Context UriInfo ui) {
 126         return (RolesList)getList(ui, Role.class);
 127     }
 128
 129     @PUT
 130     @Path("{csid}")
 131     public Role updateRole(@PathParam("csid") String csid, Role theUpdate) {
 132         try {
 133                 Role role = (Role)get(csid, Role.class);
 134                 // If marked as metadata immutable, do not update
 135                 if(RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 136                     Response response =
 137                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 138                 throw new CSWebApplicationException(response);
 139                 }
 140                 return (Role)update(csid, theUpdate, Role.class);
 141         } catch (Exception e) {
 142             throw bigReThrow(e, ServiceMessages.UPDATE_FAILED, csid);
 143         }
 144     }
 145
 146     @DELETE
 147     @Path("{csid}")
 148     public Response deleteRole(@PathParam("csid") String csid) {
 149         logger.debug("deleteRole with csid=" + csid);
 150         ensureCSID(csid, ServiceMessages.DELETE_FAILED + "deleteRole ");
 151
 152         try {
 153                 Role role = (Role)get(csid, Role.class);
 154             // If marked as metadata immutable, do not delete
 155             if(RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 156                 Response response =
 157                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 158                 return response;
 159             }
 160             //FIXME ideally the following three operations should be in the same tx CSPACE-658
 161             //delete all relationships for this permission
 162             PermissionRoleSubResource permRoleResource =
 163                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 164             permRoleResource.deletePermissionRole(csid, SubjectType.PERMISSION);
 165             //delete all the account/role relationships associate with this role
 166             AccountRoleSubResource accountRoleResource =
 167                 new AccountRoleSubResource(AccountRoleSubResource.ROLE_ACCOUNTROLE_SERVICE);
 168             accountRoleResource.deleteAccountRole(csid, SubjectType.ACCOUNT);
 169             //finally, delete the role itself
 170             ServiceContext<Role, Role> ctx = createServiceContext((Role) null, Role.class);
 171             ((JpaStorageClientImpl) getStorageClient(ctx)).deleteWhere(ctx, csid);
 172             return Response.status(HttpResponseCodes.SC_OK).build();
 173         } catch (Exception e) {
 174             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, csid);
 175         }
 176     }
 177
 178     @POST
 179     @Path("{csid}/permroles")
 180     public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid,
 181             PermissionRole input) {
 182         if (method != null) {
 183             if ("delete".equalsIgnoreCase(method)) {
 184                 return deleteRolePermission(roleCsid, input);
 185             }
 186         }
 187         logger.debug("createRolePermission with roleCsid=" + roleCsid);
 188         ensureCSID(roleCsid, ServiceMessages.PUT_FAILED + "permroles role ");
 189         try {
 190                 Role role = (Role)get(roleCsid, Role.class);
 191             // If marked as metadata immutable, do not delete
 192             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 193                 Response response =
 194                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 195                 return response;
 196             }
 197             PermissionRoleSubResource subResource =
 198                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 199             String permrolecsid = subResource.createPermissionRole(input, SubjectType.PERMISSION);
 200             UriBuilder path = UriBuilder.fromResource(RoleResource.class);
 201             path.path(roleCsid + "/permroles/" + permrolecsid);
 202             Response response = Response.created(path.build()).build();
 203             return response;
 204         } catch (Exception e) {
 205             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 206         }
 207     }
 208
 209     @GET
 210     @Path("{csid}/permroles")
 211     public PermissionRole getRolePermission(
 212             @PathParam("csid") String roleCsid) {
 213         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 214         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 215         PermissionRole result = null;
 216         try {
 217             PermissionRoleSubResource subResource =
 218                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 219             //get relationships for a role
 220             result = subResource.getPermissionRole(roleCsid, SubjectType.PERMISSION);
 221         } catch (Exception e) {
 222             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 223         }
 224         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 225         return result;
 226     }
 227
 228     @GET
 229     @Path("{csid}/permroles/{id}")
 230     public PermissionRoleRel getRolePermission(
 231             @PathParam("csid") String roleCsid,
 232             @PathParam("id") String permrolecsid) {
 233         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 234         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 235         PermissionRoleRel result = null;
 236         try {
 237             PermissionRoleSubResource subResource =
 238                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 239             //get relationships for a role
 240             result = subResource.getPermissionRoleRel(roleCsid, SubjectType.PERMISSION, permrolecsid);
 241         } catch (Exception e) {
 242             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 243         }
 244         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 245         return result;
 246     }
 247
 248     public Response deleteRolePermission(String roleCsid, PermissionRole input) {
 249         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 250         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 251         try {
 252                 Role role = (Role)get(roleCsid, Role.class);
 253             // If marked as metadata immutable, do not delete
 254             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 255                 Response response =
 256                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 257                 return response;
 258             }
 259             PermissionRoleSubResource subResource =
 260                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 261             //delete all relationships for a permission
 262             subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION, input);
 263             return Response.status(HttpResponseCodes.SC_OK).build();
 264         } catch (Exception e) {
 265             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 266         }
 267     }
 268
 269     @DELETE
 270     @Path("{csid}/permroles")
 271     public Response deleteRolePermission(
 272                 @PathParam("csid") String roleCsid) {
 273         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 274         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 275         try {
 276                 Role role = (Role)get(roleCsid, Role.class);
 277             // If marked as metadata immutable, do not delete
 278             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 279                 Response response =
 280                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 281                 return response;
 282             }
 283             PermissionRoleSubResource subResource =
 284                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 285             //delete all relationships for a permission
 286             subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION);
 287             return Response.status(HttpResponseCodes.SC_OK).build();
 288         } catch (Exception e) {
 289             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 290         }
 291     }
 292 }