git.aero2k.de Git - tmp/jakarta-migration.git/blob

   1 /**
   2  *  This document is a part of the source code and related artifacts
   3  *  for CollectionSpace, an open source collections management system
   4  *  for museums and related institutions:
   5
   6  *  http://www.collectionspace.org
   7  *  http://wiki.collectionspace.org
   8
   9  *  Copyright 2009 University of California at Berkeley
  10
  11  *  Licensed under the Educational Community License (ECL), Version 2.0.
  12  *  You may not use this file except in compliance with this License.
  13
  14  *  You may obtain a copy of the ECL 2.0 License at
  15
  16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
  17
  18  *  Unless required by applicable law or agreed to in writing, software
  19  *  distributed under the License is distributed on an "AS IS" BASIS,
  20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21  *  See the License for the specific language governing permissions and
  22  *  limitations under the License.
  23  */
  24 package org.collectionspace.services.authorization;
  25
  26 import org.collectionspace.services.account.AccountRoleSubResource;
  27 import org.collectionspace.services.client.RoleClient;
  28 import org.collectionspace.services.common.SecurityResourceBase;
  29 import org.collectionspace.services.common.ServiceMessages;
  30 import org.collectionspace.services.common.context.RemoteServiceContextFactory;
  31 import org.collectionspace.services.common.context.ServiceContext;
  32 import org.collectionspace.services.common.context.ServiceContextFactory;
  33 import org.collectionspace.services.common.storage.StorageClient;
  34 import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
  35 import org.collectionspace.services.common.CSWebApplicationException;
  36
  37 import org.jboss.resteasy.util.HttpResponseCodes;
  38 import org.slf4j.Logger;
  39 import org.slf4j.LoggerFactory;
  40
  41 import javax.ws.rs.Consumes;
  42 import javax.ws.rs.DELETE;
  43 import javax.ws.rs.GET;
  44 import javax.ws.rs.POST;
  45 import javax.ws.rs.PUT;
  46 import javax.ws.rs.Path;
  47 import javax.ws.rs.PathParam;
  48 import javax.ws.rs.Produces;
  49 import javax.ws.rs.QueryParam;
  50 import javax.ws.rs.core.Context;
  51 import javax.ws.rs.core.Response;
  52 import javax.ws.rs.core.UriBuilder;
  53 import javax.ws.rs.core.UriInfo;
  54
  55 @Path(RoleClient.SERVICE_PATH)
  56 @Consumes("application/xml")
  57 @Produces("application/xml")
  58 public class RoleResource extends SecurityResourceBase {
  59
  60     final Logger logger = LoggerFactory.getLogger(RoleResource.class);
  61     final StorageClient storageClient = new JpaStorageClientImpl();
  62
  63     @Override
  64     protected String getVersionString() {
  65         return  "$LastChangedRevision: 1165 $";
  66     }
  67
  68     @Override
  69     public String getServiceName() {
  70         return RoleClient.SERVICE_NAME;
  71     }
  72
  73     @Override
  74     public Class<RoleResource> getCommonPartClass() {
  75         return RoleResource.class;
  76     }
  77
  78     @Override
  79     public ServiceContextFactory getServiceContextFactory() {
  80         return RemoteServiceContextFactory.get();
  81     }
  82
  83     @Override
  84     public StorageClient getStorageClient(ServiceContext ctx) {
  85         //FIXME use ctx to identify storage client
  86         return storageClient;
  87     }
  88
  89     @POST
  90     public Response createRole(Role input) {
  91         return create(input);
  92     }
  93
  94     @GET
  95     @Path("{csid}")
  96     public Role getRole(@PathParam("csid") String csid) {
  97         return (Role)get(csid, Role.class);
  98     }
  99
 100     /*
 101      * Get a list of accounts associated with this role.
 102      */
 103     @GET
 104     @Path("{csid}/accountroles")
 105     public AccountRole getRoleAccounts(
 106             @PathParam("csid") String accCsid) {
 107         logger.debug("getAccountRole with accCsid=" + accCsid);
 108         ensureCSID(accCsid, ServiceMessages.GET_FAILED+ "accountroles role ");
 109         AccountRole result = null;
 110         try {
 111             AccountRoleSubResource subResource =
 112                     new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
 113             //get relationships for a role
 114             result = subResource.getAccountRole(accCsid, SubjectType.ACCOUNT);
 115         } catch (Exception e) {
 116             throw bigReThrow(e, ServiceMessages.GET_FAILED, accCsid);
 117         }
 118         checkResult(result, accCsid, ServiceMessages.GET_FAILED);
 119         return result;
 120     }
 121
 122     @GET
 123     @Produces("application/xml")
 124     public RolesList getRoleList(@Context UriInfo ui) {
 125         return (RolesList)getList(ui, Role.class);
 126     }
 127
 128     @PUT
 129     @Path("{csid}")
 130     public Role updateRole(@PathParam("csid") String csid, Role theUpdate) {
 131         try {
 132                 Role role = (Role)get(csid, Role.class);
 133                 // If marked as metadata immutable, do not update
 134                 if(RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 135                     Response response =
 136                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 137                 throw new CSWebApplicationException(response);
 138                 }
 139                 return (Role)update(csid, theUpdate, Role.class);
 140         } catch (Exception e) {
 141             throw bigReThrow(e, ServiceMessages.UPDATE_FAILED, csid);
 142         }
 143     }
 144
 145     @DELETE
 146     @Path("{csid}")
 147     public Response deleteRole(@PathParam("csid") String csid) {
 148         logger.debug("deleteRole with csid=" + csid);
 149         ensureCSID(csid, ServiceMessages.DELETE_FAILED + "deleteRole ");
 150
 151         try {
 152                 Role role = (Role)get(csid, Role.class);
 153             // If marked as metadata immutable, do not delete
 154             if(RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
 155                 Response response =
 156                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
 157                 return response;
 158             }
 159             //FIXME ideally the following three operations should be in the same tx CSPACE-658
 160             //delete all relationships for this permission
 161             PermissionRoleSubResource permRoleResource =
 162                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 163             permRoleResource.deletePermissionRole(csid, SubjectType.PERMISSION);
 164             //delete all the account/role relationships associate with this role
 165             AccountRoleSubResource accountRoleResource =
 166                 new AccountRoleSubResource(AccountRoleSubResource.ROLE_ACCOUNTROLE_SERVICE);
 167             accountRoleResource.deleteAccountRole(csid, SubjectType.ACCOUNT);
 168             //finally, delete the role itself
 169             ServiceContext<Role, Role> ctx = createServiceContext((Role) null, Role.class);
 170             ((JpaStorageClientImpl) getStorageClient(ctx)).deleteWhere(ctx, csid);
 171             return Response.status(HttpResponseCodes.SC_OK).build();
 172         } catch (Exception e) {
 173             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, csid);
 174         }
 175     }
 176
 177     @POST
 178     @Path("{csid}/permroles")
 179     public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid,
 180             PermissionRole input) {
 181         if (method != null) {
 182             if ("delete".equalsIgnoreCase(method)) {
 183                 return deleteRolePermission(roleCsid, input);
 184             }
 185         }
 186         logger.debug("createRolePermission with roleCsid=" + roleCsid);
 187         ensureCSID(roleCsid, ServiceMessages.PUT_FAILED + "permroles role ");
 188         try {
 189                 Role role = (Role)get(roleCsid, Role.class);
 190             // If marked as metadata immutable, do not delete
 191             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 192                 Response response =
 193                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 194                 return response;
 195             }
 196             PermissionRoleSubResource subResource =
 197                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 198             String permrolecsid = subResource.createPermissionRole(input, SubjectType.PERMISSION);
 199             UriBuilder path = UriBuilder.fromResource(RoleResource.class);
 200             path.path(roleCsid + "/permroles/" + permrolecsid);
 201             Response response = Response.created(path.build()).build();
 202             return response;
 203         } catch (Exception e) {
 204             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 205         }
 206     }
 207
 208     @GET
 209     @Path("{csid}/permroles")
 210     public PermissionRole getRolePermission(
 211             @PathParam("csid") String roleCsid) {
 212         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 213         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 214         PermissionRole result = null;
 215         try {
 216             PermissionRoleSubResource subResource =
 217                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 218             //get relationships for a role
 219             result = subResource.getPermissionRole(roleCsid, SubjectType.PERMISSION);
 220         } catch (Exception e) {
 221             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 222         }
 223         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 224         return result;
 225     }
 226
 227     @GET
 228     @Path("{csid}/permroles/{id}")
 229     public PermissionRoleRel getRolePermission(
 230             @PathParam("csid") String roleCsid,
 231             @PathParam("id") String permrolecsid) {
 232         logger.debug("getRolePermission with roleCsid=" + roleCsid);
 233         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
 234         PermissionRoleRel result = null;
 235         try {
 236             PermissionRoleSubResource subResource =
 237                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 238             //get relationships for a role
 239             result = subResource.getPermissionRoleRel(roleCsid, SubjectType.PERMISSION, permrolecsid);
 240         } catch (Exception e) {
 241             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
 242         }
 243         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
 244         return result;
 245     }
 246
 247     public Response deleteRolePermission(String roleCsid, PermissionRole input) {
 248         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 249         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 250         try {
 251                 Role role = (Role)get(roleCsid, Role.class);
 252             // If marked as metadata immutable, do not delete
 253             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 254                 Response response =
 255                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 256                 return response;
 257             }
 258             PermissionRoleSubResource subResource =
 259                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 260             //delete all relationships for a permission
 261             subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION, input);
 262             return Response.status(HttpResponseCodes.SC_OK).build();
 263         } catch (Exception e) {
 264             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 265         }
 266     }
 267
 268     @DELETE
 269     @Path("{csid}/permroles")
 270     public Response deleteRolePermission(
 271                 @PathParam("csid") String roleCsid) {
 272         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
 273         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
 274         try {
 275                 Role role = (Role)get(roleCsid, Role.class);
 276             // If marked as metadata immutable, do not delete
 277             if(RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
 278                 Response response =
 279                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
 280                 return response;
 281             }
 282             PermissionRoleSubResource subResource =
 283                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
 284             //delete all relationships for a permission
 285             subResource.deletePermissionRole(roleCsid, SubjectType.PERMISSION);
 286             return Response.status(HttpResponseCodes.SC_OK).build();
 287         } catch (Exception e) {
 288             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
 289         }
 290     }
 291 }