Coverage report

  %line %branch
org.apache.turbine.services.security.db.DBSecurityService
1% 
55% 

 1  
 package org.apache.turbine.services.security.db;
 2  
 
 3  
 /*
 4  
  * Copyright 2001-2005 The Apache Software Foundation.
 5  
  *
 6  
  * Licensed under the Apache License, Version 2.0 (the "License")
 7  
  * you may not use this file except in compliance with the License.
 8  
  * You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing, software
 13  
  * distributed under the License is distributed on an "AS IS" BASIS,
 14  
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15  
  * See the License for the specific language governing permissions and
 16  
  * limitations under the License.
 17  
  */
 18  
 
 19  
 import java.util.ArrayList;
 20  
 import java.util.Hashtable;
 21  
 import java.util.Iterator;
 22  
 import java.util.List;
 23  
 import java.util.Vector;
 24  
 
 25  
 import org.apache.commons.lang.StringUtils;
 26  
 import org.apache.commons.logging.Log;
 27  
 import org.apache.commons.logging.LogFactory;
 28  
 import org.apache.torque.om.BaseObject;
 29  
 import org.apache.torque.util.Criteria;
 30  
 import org.apache.turbine.om.security.Group;
 31  
 import org.apache.turbine.om.security.Permission;
 32  
 import org.apache.turbine.om.security.Role;
 33  
 import org.apache.turbine.om.security.User;
 34  
 import org.apache.turbine.om.security.peer.GroupPeer;
 35  
 import org.apache.turbine.om.security.peer.PermissionPeer;
 36  
 import org.apache.turbine.om.security.peer.RolePeer;
 37  
 import org.apache.turbine.om.security.peer.RolePermissionPeer;
 38  
 import org.apache.turbine.om.security.peer.UserGroupRolePeer;
 39  
 import org.apache.turbine.om.security.peer.UserPeer;
 40  
 import org.apache.turbine.services.security.BaseSecurityService;
 41  
 import org.apache.turbine.services.security.TurbineSecurity;
 42  
 import org.apache.turbine.util.security.AccessControlList;
 43  
 import org.apache.turbine.util.security.DataBackendException;
 44  
 import org.apache.turbine.util.security.EntityExistsException;
 45  
 import org.apache.turbine.util.security.GroupSet;
 46  
 import org.apache.turbine.util.security.PermissionSet;
 47  
 import org.apache.turbine.util.security.RoleSet;
 48  
 import org.apache.turbine.util.security.UnknownEntityException;
 49  
 
 50  
 /**
 51  
  * An implementation of SecurityService that uses a database as backend.
 52  
  *
 53  
  * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
 54  
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
 55  
  * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
 56  
  * @version $Id: DBSecurityService.java 264148 2005-08-29 14:21:04Z henning $
 57  
  */
 58  3
 public class DBSecurityService
 59  
         extends BaseSecurityService
 60  
 {
 61  
     /** Logging */
 62  3
     private static Log log = LogFactory.getLog(DBSecurityService.class);
 63  
 
 64  
     /**
 65  
      * The key within services's properties for user implementation
 66  
      * classname (user.class)  - Leandro
 67  
      */
 68  
     public static final String USER_PEER_CLASS_KEY = "userPeer.class";
 69  
 
 70  
     /**
 71  
      * The default implementation of User interface
 72  
      * (org.apache.turbine.om.security.DBUser)
 73  
      */
 74  
     public static final String USER_PEER_CLASS_DEFAULT =
 75  
             "org.apache.turbine.om.security.peer.TurbineUserPeer";
 76  
 
 77  
     /*-----------------------------------------------------------------------
 78  
       Creation of AccessControlLists
 79  
       -----------------------------------------------------------------------*/
 80  
 
 81  
     /**
 82  
      * Constructs an AccessControlList for a specific user.
 83  
      *
 84  
      * This method creates a snapshot of the state of security information
 85  
      * concerning this user, at the moment of invocation and stores it
 86  
      * into an AccessControlList object.
 87  
      *
 88  
      * @param user the user for whom the AccessControlList are to be retrieved
 89  
      * @return A new AccessControlList object.
 90  
      * @throws DataBackendException if there was an error accessing the data
 91  
      *         backend.
 92  
      * @throws UnknownEntityException if user account is not present.
 93  
      */
 94  
     public AccessControlList getACL(User user)
 95  
             throws DataBackendException, UnknownEntityException
 96  
     {
 97  0
         if (!TurbineSecurity.accountExists(user))
 98  
         {
 99  0
             throw new UnknownEntityException("The account '"
 100  
                     + user.getName() + "' does not exist");
 101  
         }
 102  
         try
 103  
         {
 104  0
             Hashtable roles = new Hashtable();
 105  0
             Hashtable permissions = new Hashtable();
 106  
             // notify the state modifiers (writers) that we want to create
 107  
             // the snapshot.
 108  0
             lockShared();
 109  
 
 110  
             // construct the snapshot:
 111  
 
 112  
             // foreach group in the system
 113  0
             for (Iterator groupsIterator = getAllGroups().iterator();
 114  0
                  groupsIterator.hasNext();)
 115  
             {
 116  0
                 Group group = (Group) groupsIterator.next();
 117  
                 // get roles of user in the group
 118  0
                 RoleSet groupRoles = RolePeer.retrieveSet(user, group);
 119  
                 // put the Set into roles(group)
 120  0
                 roles.put(group, groupRoles);
 121  
                 // collect all permissions in this group
 122  0
                 PermissionSet groupPermissions = new PermissionSet();
 123  
                 // foreach role in Set
 124  0
                 for (Iterator rolesIterator = groupRoles.iterator();
 125  0
                      rolesIterator.hasNext();)
 126  
                 {
 127  0
                     Role role = (Role) rolesIterator.next();
 128  
                     // get permissions of the role
 129  0
                     PermissionSet rolePermissions
 130  
                             = PermissionPeer.retrieveSet(role);
 131  0
                     groupPermissions.add(rolePermissions);
 132  
                 }
 133  
                 // put the Set into permissions(group)
 134  0
                 permissions.put(group, groupPermissions);
 135  
             }
 136  0
             return getAclInstance(roles, permissions);
 137  
         }
 138  0
         catch (Exception e)
 139  
         {
 140  0
             throw new DataBackendException("Failed to build ACL for user '"
 141  
                     + user.getName() + "'", e);
 142  
         }
 143  
         finally
 144  
         {
 145  
             // notify the state modifiers that we are done creating the snapshot
 146  0
             unlockShared();
 147  
         }
 148  
     }
 149  
 
 150  
     /*-----------------------------------------------------------------------
 151  
       Security management
 152  
       -----------------------------------------------------------------------*/
 153  
 
 154  
     /**
 155  
      * Grant an User a Role in a Group.
 156  
      *
 157  
      * @param user the user.
 158  
      * @param group the group.
 159  
      * @param role the role.
 160  
      * @throws DataBackendException if there was an error accessing the data
 161  
      *         backend.
 162  
      * @throws UnknownEntityException if user account, group or role is not
 163  
      *         present.
 164  
      */
 165  
     public synchronized void grant(User user, Group group, Role role)
 166  
             throws DataBackendException, UnknownEntityException
 167  
     {
 168  0
         boolean userExists = false;
 169  0
         boolean groupExists = false;
 170  0
         boolean roleExists = false;
 171  
         try
 172  
         {
 173  0
             lockExclusive();
 174  0
             userExists = TurbineSecurity.accountExists(user);
 175  0
             groupExists = checkExists(group);
 176  0
             roleExists = checkExists(role);
 177  0
             if (userExists && groupExists && roleExists)
 178  
             {
 179  0
                 Criteria criteria = new Criteria();
 180  0
                 criteria.add(UserGroupRolePeer.USER_ID,
 181  
                         ((BaseObject) user).getPrimaryKey());
 182  0
                 criteria.add(UserGroupRolePeer.GROUP_ID,
 183  
                         ((BaseObject) group).getPrimaryKey());
 184  0
                 criteria.add(UserGroupRolePeer.ROLE_ID,
 185  
                         ((BaseObject) role).getPrimaryKey());
 186  0
                 UserGroupRolePeer.doInsert(criteria);
 187  
                 return;
 188  
             }
 189  
         }
 190  0
         catch (Exception e)
 191  
         {
 192  0
             throw new DataBackendException("grant(User,Group,Role) failed", e);
 193  
         }
 194  
         finally
 195  
         {
 196  0
             unlockExclusive();
 197  0
         }
 198  0
         if (!userExists)
 199  
         {
 200  0
             throw new UnknownEntityException("Unknown user '"
 201  
                     + user.getName() + "'");
 202  
         }
 203  0
         if (!groupExists)
 204  
         {
 205  0
             throw new UnknownEntityException("Unknown group '"
 206  
                     + group.getName() + "'");
 207  
         }
 208  0
         if (!roleExists)
 209  
         {
 210  0
             throw new UnknownEntityException("Unknown role '"
 211  
                     + role.getName() + "'");
 212  
         }
 213  0
     }
 214  
 
 215  
     /**
 216  
      * Revoke a Role in a Group from an User.
 217  
      *
 218  
      * @param user the user.
 219  
      * @param group the group.
 220  
      * @param role the role.
 221  
      * @throws DataBackendException if there was an error accessing the data
 222  
      *         backend.
 223  
      * @throws UnknownEntityException if user account, group or role is not
 224  
      *         present.
 225  
      */
 226  
     public synchronized void revoke(User user, Group group, Role role)
 227  
             throws DataBackendException, UnknownEntityException
 228  
     {
 229  0
         boolean userExists = false;
 230  0
         boolean groupExists = false;
 231  0
         boolean roleExists = false;
 232  
         try
 233  
         {
 234  0
             lockExclusive();
 235  0
             userExists = TurbineSecurity.accountExists(user);
 236  0
             groupExists = checkExists(group);
 237  0
             roleExists = checkExists(role);
 238  0
             if (userExists && groupExists && roleExists)
 239  
             {
 240  0
                 Criteria criteria = new Criteria();
 241  0
                 criteria.add(UserGroupRolePeer.USER_ID,
 242  
                         ((BaseObject) user).getPrimaryKey());
 243  0
                 criteria.add(UserGroupRolePeer.GROUP_ID,
 244  
                         ((BaseObject) group).getPrimaryKey());
 245  0
                 criteria.add(UserGroupRolePeer.ROLE_ID,
 246  
                         ((BaseObject) role).getPrimaryKey());
 247  0
                 UserGroupRolePeer.doDelete(criteria);
 248  
                 return;
 249  
             }
 250  
         }
 251  0
         catch (Exception e)
 252  
         {
 253  0
             throw new DataBackendException("revoke(User,Role,Group) failed", e);
 254  
         }
 255  
         finally
 256  
         {
 257  0
             unlockExclusive();
 258  0
         }
 259  0
         if (!userExists)
 260  
         {
 261  0
             throw new UnknownEntityException("Unknown user '"
 262  
                     + user.getName() + "'");
 263  
         }
 264  0
         if (!groupExists)
 265  
         {
 266  0
             throw new UnknownEntityException("Unknown group '"
 267  
                     + group.getName() + "'");
 268  
         }
 269  0
         if (!roleExists)
 270  
         {
 271  0
             throw new UnknownEntityException("Unknown role '"
 272  
                     + role.getName() + "'");
 273  
         }
 274  0
     }
 275  
 
 276  
     /**
 277  
      * Revokes all roles from an User.
 278  
      *
 279  
      * This method is used when deleting an account.
 280  
      *
 281  
      * @param user the User.
 282  
      * @throws DataBackendException if there was an error accessing the data
 283  
      *         backend.
 284  
      * @throws UnknownEntityException if the account is not present.
 285  
      */
 286  
     public synchronized void revokeAll(User user)
 287  
             throws DataBackendException, UnknownEntityException
 288  
     {
 289  0
         boolean userExists = false;
 290  
         try
 291  
         {
 292  0
             lockExclusive();
 293  0
             userExists = TurbineSecurity.accountExists(user);
 294  0
             if (userExists)
 295  
             {
 296  0
                 Criteria criteria = new Criteria();
 297  0
                 criteria.add(UserGroupRolePeer.USER_ID,
 298  
                         ((BaseObject) user).getPrimaryKey());
 299  0
                 UserGroupRolePeer.doDelete(criteria);
 300  
                 return;
 301  
             }
 302  
         }
 303  0
         catch (Exception e)
 304  
         {
 305  0
             throw new DataBackendException("revokeAll(User) failed", e);
 306  
         }
 307  
         finally
 308  
         {
 309  0
             unlockExclusive();
 310  0
         }
 311  0
         throw new UnknownEntityException("Unknown user '"
 312  
                 + user.getName() + "'");
 313  
     }
 314  
 
 315  
     /**
 316  
      * Grants a Role a Permission
 317  
      *
 318  
      * @param role the Role.
 319  
      * @param permission the Permission.
 320  
      * @throws DataBackendException if there was an error accessing the data
 321  
      *         backend.
 322  
      * @throws UnknownEntityException if role or permission is not present.
 323  
      */
 324  
     public synchronized void grant(Role role, Permission permission)
 325  
             throws DataBackendException, UnknownEntityException
 326  
     {
 327  0
         boolean roleExists = false;
 328  0
         boolean permissionExists = false;
 329  
         try
 330  
         {
 331  0
             lockExclusive();
 332  0
             roleExists = checkExists(role);
 333  0
             permissionExists = checkExists(permission);
 334  0
             if (roleExists && permissionExists)
 335  
             {
 336  0
                 Criteria criteria = new Criteria();
 337  0
                 criteria.add(RolePermissionPeer.ROLE_ID,
 338  
                         ((BaseObject) role).getPrimaryKey());
 339  0
                 criteria.add(RolePermissionPeer.PERMISSION_ID,
 340  
                         ((BaseObject) permission).getPrimaryKey());
 341  0
                 UserGroupRolePeer.doInsert(criteria);
 342  
                 return;
 343  
             }
 344  
         }
 345  0
         catch (Exception e)
 346  
         {
 347  0
             throw new DataBackendException("grant(Role,Permission) failed", e);
 348  
         }
 349  
         finally
 350  
         {
 351  0
             unlockExclusive();
 352  0
         }
 353  0
         if (!roleExists)
 354  
         {
 355  0
             throw new UnknownEntityException("Unknown role '"
 356  
                     + role.getName() + "'");
 357  
         }
 358  0
         if (!permissionExists)
 359  
         {
 360  0
             throw new UnknownEntityException("Unknown permission '"
 361  
                     + permission.getName() + "'");
 362  
         }
 363  0
     }
 364  
 
 365  
     /**
 366  
      * Revokes a Permission from a Role.
 367  
      *
 368  
      * @param role the Role.
 369  
      * @param permission the Permission.
 370  
      * @throws DataBackendException if there was an error accessing the data
 371  
      *         backend.
 372  
      * @throws UnknownEntityException if role or permission is not present.
 373  
      */
 374  
     public synchronized void revoke(Role role, Permission permission)
 375  
             throws DataBackendException, UnknownEntityException
 376  
     {
 377  0
         boolean roleExists = false;
 378  0
         boolean permissionExists = false;
 379  
         try
 380  
         {
 381  0
             lockExclusive();
 382  0
             roleExists = checkExists(role);
 383  0
             permissionExists = checkExists(permission);
 384  0
             if (roleExists && permissionExists)
 385  
             {
 386  0
                 Criteria criteria = new Criteria();
 387  0
                 criteria.add(RolePermissionPeer.ROLE_ID,
 388  
                         ((BaseObject) role).getPrimaryKey());
 389  0
                 criteria.add(RolePermissionPeer.PERMISSION_ID,
 390  
                         ((BaseObject) permission).getPrimaryKey());
 391  0
                 RolePermissionPeer.doDelete(criteria);
 392  
                 return;
 393  
             }
 394  
         }
 395  0
         catch (Exception e)
 396  
         {
 397  0
             throw new DataBackendException("revoke(Role,Permission) failed", e);
 398  
         }
 399  
         finally
 400  
         {
 401  0
             unlockExclusive();
 402  0
         }
 403  0
         if (!roleExists)
 404  
         {
 405  0
             throw new UnknownEntityException("Unknown role '"
 406  
                     + role.getName() + "'");
 407  
         }
 408  0
         if (!permissionExists)
 409  
         {
 410  0
             throw new UnknownEntityException("Unknown permission '"
 411  
                     + permission.getName() + "'");
 412  
         }
 413  0
     }
 414  
 
 415  
     /**
 416  
      * Revokes all permissions from a Role.
 417  
      *
 418  
      * This method is user when deleting a Role.
 419  
      *
 420  
      * @param role the Role
 421  
      * @throws DataBackendException if there was an error accessing the data
 422  
      *         backend.
 423  
      * @throws UnknownEntityException if the Role is not present.
 424  
      */
 425  
     public synchronized void revokeAll(Role role)
 426  
             throws DataBackendException, UnknownEntityException
 427  
     {
 428  0
         boolean roleExists = false;
 429  
         try
 430  
         {
 431  0
             lockExclusive();
 432  0
             roleExists = checkExists(role);
 433  0
             if (roleExists)
 434  
             {
 435  0
                 Criteria criteria = new Criteria();
 436  0
                 criteria.add(RolePermissionPeer.ROLE_ID,
 437  
                         ((BaseObject) role).getPrimaryKey());
 438  0
                 RolePermissionPeer.doDelete(criteria);
 439  
 
 440  
                 return;
 441  
             }
 442  
         }
 443  0
         catch (Exception e)
 444  
         {
 445  0
             throw new DataBackendException("revokeAll(Role) failed", e);
 446  
         }
 447  
         finally
 448  
         {
 449  0
             unlockExclusive();
 450  0
         }
 451  0
         throw new UnknownEntityException("Unknown role '"
 452  
                 + role.getName() + "'");
 453  
     }
 454  
 
 455  
     /*-----------------------------------------------------------------------
 456  
       Group/Role/Permission management
 457  
       -----------------------------------------------------------------------*/
 458  
 
 459  
     /**
 460  
      * Retrieve a set of Groups that meet the specified Criteria.
 461  
      *
 462  
      * @param criteria A Criteria of Group selection.
 463  
      * @return a set of Groups that meet the specified Criteria.
 464  
      * @throws DataBackendException if there was an error accessing the data
 465  
      *         backend.
 466  
      */
 467  
     public GroupSet getGroups(Criteria criteria)
 468  
             throws DataBackendException
 469  
     {
 470  0
         Criteria dbCriteria = new Criteria();
 471  0
         Iterator keys = criteria.keySet().iterator();
 472  0
         while (keys.hasNext())
 473  
         {
 474  0
             String key = (String) keys.next();
 475  0
             dbCriteria.put(GroupPeer.getColumnName(key), criteria.get(key));
 476  
         }
 477  0
         List groups = new ArrayList(0);
 478  
         try
 479  
         {
 480  0
             groups = GroupPeer.doSelect(criteria);
 481  
         }
 482  0
         catch (Exception e)
 483  
         {
 484  0
             throw new DataBackendException("getGroups(Criteria) failed", e);
 485  0
         }
 486  0
         return new GroupSet(groups);
 487  
     }
 488  
 
 489  
     /**
 490  
      * Retrieve a set of Roles that meet the specified Criteria.
 491  
      *
 492  
      * @param criteria A Criteria of Roles selection.
 493  
      * @return a set of Roles that meet the specified Criteria.
 494  
      * @throws DataBackendException if there was an error accessing the data
 495  
      *         backend.
 496  
      */
 497  
     public RoleSet getRoles(Criteria criteria)
 498  
             throws DataBackendException
 499  
     {
 500  0
         Criteria dbCriteria = new Criteria();
 501  0
         Iterator keys = criteria.keySet().iterator();
 502  0
         while (keys.hasNext())
 503  
         {
 504  0
             String key = (String) keys.next();
 505  0
             dbCriteria.put(RolePeer.getColumnName(key), criteria.get(key));
 506  
         }
 507  0
         List roles = new ArrayList(0);
 508  
         try
 509  
         {
 510  0
             roles = RolePeer.doSelect(criteria);
 511  
         }
 512  0
         catch (Exception e)
 513  
         {
 514  0
             throw new DataBackendException("getRoles(Criteria) failed", e);
 515  0
         }
 516  0
         return new RoleSet(roles);
 517  
     }
 518  
 
 519  
     /**
 520  
      * Retrieve a set of Permissions that meet the specified Criteria.
 521  
      *
 522  
      * @param criteria A Criteria of Permissions selection.
 523  
      * @return a set of Permissions that meet the specified Criteria.
 524  
      * @throws DataBackendException if there was an error accessing the data
 525  
      *         backend.
 526  
      */
 527  
     public PermissionSet getPermissions(Criteria criteria)
 528  
             throws DataBackendException
 529  
     {
 530  0
         Criteria dbCriteria = new Criteria();
 531  0
         Iterator keys = criteria.keySet().iterator();
 532  0
         while (keys.hasNext())
 533  
         {
 534  0
             String key = (String) keys.next();
 535  0
             dbCriteria.put(PermissionPeer.getColumnName(key),
 536  
                     criteria.get(key));
 537  
         }
 538  0
         List permissions = new Vector(0);
 539  
         try
 540  
         {
 541  0
             permissions = PermissionPeer.doSelect(criteria);
 542  
         }
 543  0
         catch (Exception e)
 544  
         {
 545  0
             throw new DataBackendException(
 546  
                     "getPermissions(Criteria) failed", e);
 547  0
         }
 548  0
         return new PermissionSet(permissions);
 549  
     }
 550  
 
 551  
     /**
 552  
      * Retrieves all permissions associated with a role.
 553  
      *
 554  
      * @param role the role name, for which the permissions are to be retrieved.
 555  
      * @return A Permission set for the Role.
 556  
      * @throws DataBackendException if there was an error accessing the data
 557  
      *         backend.
 558  
      * @throws UnknownEntityException if the role is not present.
 559  
      */
 560  
     public PermissionSet getPermissions(Role role)
 561  
             throws DataBackendException, UnknownEntityException
 562  
     {
 563  0
         boolean roleExists = false;
 564  
         try
 565  
         {
 566  0
             lockShared();
 567  0
             roleExists = checkExists(role);
 568  0
             if (roleExists)
 569  
             {
 570  0
                 return PermissionPeer.retrieveSet(role);
 571  
             }
 572  
         }
 573  0
         catch (Exception e)
 574  
         {
 575  0
             throw new DataBackendException("getPermissions(Role) failed", e);
 576  
         }
 577  
         finally
 578  
         {
 579  0
             unlockShared();
 580  0
         }
 581  0
         throw new UnknownEntityException("Unknown role '"
 582  
                 + role.getName() + "'");
 583  
     }
 584  
 
 585  
     /**
 586  
      * Stores Group's attributes. The Groups is required to exist in the system.
 587  
      *
 588  
      * @param group The Group to be stored.
 589  
      * @throws DataBackendException if there was an error accessing the data
 590  
      *         backend.
 591  
      * @throws UnknownEntityException if the group does not exist.
 592  
      */
 593  
     public void saveGroup(Group group)
 594  
             throws DataBackendException, UnknownEntityException
 595  
     {
 596  0
         boolean groupExists = false;
 597  
         try
 598  
         {
 599  0
             groupExists = checkExists(group);
 600  0
             if (groupExists)
 601  
             {
 602  0
                 Criteria criteria = GroupPeer.buildCriteria(group);
 603  0
                 GroupPeer.doUpdate(criteria);
 604  0
                 return;
 605  
             }
 606  
         }
 607  0
         catch (Exception e)
 608  
         {
 609  0
             throw new DataBackendException("saveGroup(Group) failed", e);
 610  0
         }
 611  0
         throw new UnknownEntityException("Unknown group '" + group + "'");
 612  
     }
 613  
 
 614  
     /**
 615  
      * Stores Role's attributes. The Roles is required to exist in the system.
 616  
      *
 617  
      * @param role The Role to be stored.
 618  
      * @throws DataBackendException if there was an error accessing the data
 619  
      *         backend.
 620  
      * @throws UnknownEntityException if the role does not exist.
 621  
      */
 622  
     public void saveRole(Role role)
 623  
             throws DataBackendException, UnknownEntityException
 624  
     {
 625  0
         boolean roleExists = false;
 626  
         try
 627  
         {
 628  0
             roleExists = checkExists(role);
 629  0
             if (roleExists)
 630  
             {
 631  0
                 Criteria criteria = RolePeer.buildCriteria(role);
 632  0
                 RolePeer.doUpdate(criteria);
 633  0
                 return;
 634  
             }
 635  
         }
 636  0
         catch (Exception e)
 637  
         {
 638  0
             throw new DataBackendException("saveRole(Role) failed", e);
 639  0
         }
 640  0
         throw new UnknownEntityException("Unknown role '" + role + "'");
 641  
     }
 642  
 
 643  
     /**
 644  
      * Stores Permission's attributes. The Permissions is required to exist in
 645  
      * the system.
 646  
      *
 647  
      * @param permission The Permission to be stored.
 648  
      * @throws DataBackendException if there was an error accessing the data
 649  
      *         backend.
 650  
      * @throws UnknownEntityException if the permission does not exist.
 651  
      */
 652  
     public void savePermission(Permission permission)
 653  
             throws DataBackendException, UnknownEntityException
 654  
     {
 655  0
         boolean permissionExists = false;
 656  
         try
 657  
         {
 658  0
             permissionExists = checkExists(permission);
 659  0
             if (permissionExists)
 660  
             {
 661  0
                 Criteria criteria = PermissionPeer.buildCriteria(permission);
 662  0
                 PermissionPeer.doUpdate(criteria);
 663  0
                 return;
 664  
             }
 665  
         }
 666  0
         catch (Exception e)
 667  
         {
 668  0
             throw new DataBackendException(
 669  
                     "savePermission(Permission) failed", e);
 670  0
         }
 671  0
         throw new UnknownEntityException("Unknown permission '"
 672  
                 + permission + "'");
 673  
     }
 674  
 
 675  
     /**
 676  
      * Creates a new group with specified attributes.
 677  
      *
 678  
      * @param group the object describing the group to be created.
 679  
      * @return a new Group object that has id set up properly.
 680  
      * @throws DataBackendException if there was an error accessing the data
 681  
      *         backend.
 682  
      * @throws EntityExistsException if the group already exists.
 683  
      */
 684  
     public synchronized Group addGroup(Group group)
 685  
             throws DataBackendException,
 686  
             EntityExistsException
 687  
     {
 688  0
         boolean groupExists = false;
 689  
 
 690  0
         if (StringUtils.isEmpty(group.getName()))
 691  
         {
 692  0
             throw new DataBackendException("Could not create "
 693  
                     + "a group with empty name!");
 694  
         }
 695  
 
 696  
         try
 697  
         {
 698  0
             lockExclusive();
 699  0
             groupExists = checkExists(group);
 700  0
             if (!groupExists)
 701  
             {
 702  
                 // add a row to the table
 703  0
                 Criteria criteria = GroupPeer.buildCriteria(group);
 704  0
                 GroupPeer.doInsert(criteria);
 705  
                 // try to get the object back using the name as key.
 706  0
                 criteria = new Criteria();
 707  0
                 criteria.add(GroupPeer.NAME,
 708  
                         group.getName());
 709  0
                 List results = GroupPeer.doSelect(criteria);
 710  0
                 if (results.size() != 1)
 711  
                 {
 712  0
                     throw new DataBackendException(
 713  
                             "Internal error - query returned "
 714  
                             + results.size() + " rows");
 715  
                 }
 716  0
                 Group newGroup = (Group) results.get(0);
 717  
                 // add the group to system-wide cache
 718  0
                 getAllGroups().add(newGroup);
 719  
                 // return the object with correct id
 720  0
                 return newGroup;
 721  
             }
 722  
         }
 723  0
         catch (Exception e)
 724  
         {
 725  0
             throw new DataBackendException("addGroup(Group) failed", e);
 726  
         }
 727  
         finally
 728  
         {
 729  0
             unlockExclusive();
 730  0
         }
 731  
         // the only way we could get here without return/throw tirggered
 732  
         // is that the groupExists was true.
 733  0
         throw new EntityExistsException("Group '" + group + "' already exists");
 734  
     }
 735  
 
 736  
     /**
 737  
      * Creates a new role with specified attributes.
 738  
      *
 739  
      * @param role the object describing the role to be created.
 740  
      * @return a new Role object that has id set up properly.
 741  
      * @throws DataBackendException if there was an error accessing the data
 742  
      *         backend.
 743  
      * @throws EntityExistsException if the role already exists.
 744  
      */
 745  
     public synchronized Role addRole(Role role)
 746  
             throws DataBackendException, EntityExistsException
 747  
     {
 748  0
         boolean roleExists = false;
 749  
 
 750  0
         if (StringUtils.isEmpty(role.getName()))
 751  
         {
 752  0
             throw new DataBackendException("Could not create "
 753  
                     + "a role with empty name!");
 754  
         }
 755  
 
 756  
         try
 757  
         {
 758  0
             lockExclusive();
 759  0
             roleExists = checkExists(role);
 760  0
             if (!roleExists)
 761  
             {
 762  
                 // add a row to the table
 763  0
                 Criteria criteria = RolePeer.buildCriteria(role);
 764  0
                 RolePeer.doInsert(criteria);
 765  
                 // try to get the object back using the name as key.
 766  0
                 criteria = new Criteria();
 767  0
                 criteria.add(RolePeer.NAME, role.getName());
 768  0
                 List results = RolePeer.doSelect(criteria);
 769  0
                 if (results.size() != 1)
 770  
                 {
 771  0
                     throw new DataBackendException(
 772  
                             "Internal error - query returned "
 773  
                             + results.size() + " rows");
 774  
                 }
 775  0
                 Role newRole = (Role) results.get(0);
 776  
                 // add the role to system-wide cache
 777  0
                 getAllRoles().add(newRole);
 778  
                 // return the object with correct id
 779  0
                 return newRole;
 780  
             }
 781  
         }
 782  0
         catch (Exception e)
 783  
         {
 784  0
             throw new DataBackendException("addRole(Role) failed", e);
 785  
         }
 786  
         finally
 787  
         {
 788  0
             unlockExclusive();
 789  0
         }
 790  
         // the only way we could get here without return/throw tirggered
 791  
         // is that the roleExists was true.
 792  0
         throw new EntityExistsException("Role '" + role + "' already exists");
 793  
     }
 794  
 
 795  
     /**
 796  
      * Creates a new permission with specified attributes.
 797  
      *
 798  
      * @param permission the object describing the permission to be created.
 799  
      * @return a new Permission object that has id set up properly.
 800  
      * @throws DataBackendException if there was an error accessing the data
 801  
      *         backend.
 802  
      * @throws EntityExistsException if the permission already exists.
 803  
      */
 804  
     public synchronized Permission addPermission(Permission permission)
 805  
             throws DataBackendException, EntityExistsException
 806  
     {
 807  0
         boolean permissionExists = false;
 808  
 
 809  0
         if (StringUtils.isEmpty(permission.getName()))
 810  
         {
 811  0
             throw new DataBackendException("Could not create "
 812  
                     + "a permission with empty name!");
 813  
         }
 814  
 
 815  
         try
 816  
         {
 817  0
             lockExclusive();
 818  0
             permissionExists = checkExists(permission);
 819  0
             if (!permissionExists)
 820  
             {
 821  
                 // add a row to the table
 822  0
                 Criteria criteria = PermissionPeer.buildCriteria(permission);
 823  0
                 PermissionPeer.doInsert(criteria);
 824  
                 // try to get the object back using the name as key.
 825  0
                 criteria = new Criteria();
 826  0
                 criteria.add(PermissionPeer.NAME,
 827  
                         permission.getName());
 828  0
                 List results = PermissionPeer.doSelect(criteria);
 829  0
                 if (results.size() != 1)
 830  
                 {
 831  0
                     throw new DataBackendException(
 832  
                             "Internal error - query returned "
 833  
                             + results.size() + " rows");
 834  
                 }
 835  0
                 Permission newPermission = (Permission) results.get(0);
 836  
                 // add the permission to system-wide cache
 837  0
                 getAllPermissions().add(newPermission);
 838  
                 // return the object with correct id
 839  0
                 return newPermission;
 840  
             }
 841  
         }
 842  0
         catch (Exception e)
 843  
         {
 844  0
             throw new DataBackendException(
 845  
                     "addPermission(Permission) failed", e);
 846  
         }
 847  
         finally
 848  
         {
 849  0
             unlockExclusive();
 850  0
         }
 851  
         // the only way we could get here without return/throw tirggered
 852  
         // is that the permissionExists was true.
 853  0
         throw new EntityExistsException("Permission '" + permission
 854  
                 + "' already exists");
 855  
     }
 856  
 
 857  
     /**
 858  
      * Removes a Group from the system.
 859  
      *
 860  
      * @param group The object describing the group to be removed.
 861  
      * @throws DataBackendException if there was an error accessing the data
 862  
      *         backend.
 863  
      * @throws UnknownEntityException if the group does not exist.
 864  
      */
 865  
     public synchronized void removeGroup(Group group)
 866  
             throws DataBackendException, UnknownEntityException
 867  
     {
 868  0
         boolean groupExists = false;
 869  
         try
 870  
         {
 871  0
             lockExclusive();
 872  0
             groupExists = checkExists(group);
 873  0
             if (groupExists)
 874  
             {
 875  0
                 Criteria criteria = GroupPeer.buildCriteria(group);
 876  0
                 GroupPeer.doDelete(criteria);
 877  0
                 getAllGroups().remove(group);
 878  
                 return;
 879  
             }
 880  
         }
 881  0
         catch (Exception e)
 882  
         {
 883  0
             log.error("Failed to delete a Group");
 884  0
             log.error(e);
 885  0
             throw new DataBackendException("removeGroup(Group) failed", e);
 886  
         }
 887  
         finally
 888  
         {
 889  0
             unlockExclusive();
 890  0
         }
 891  0
         throw new UnknownEntityException("Unknown group '" + group + "'");
 892  
     }
 893  
 
 894  
     /**
 895  
      * Removes a Role from the system.
 896  
      *
 897  
      * @param role The object describing the role to be removed.
 898  
      * @throws DataBackendException if there was an error accessing the data
 899  
      *         backend.
 900  
      * @throws UnknownEntityException if the role does not exist.
 901  
      */
 902  
     public synchronized void removeRole(Role role)
 903  
             throws DataBackendException, UnknownEntityException
 904  
     {
 905  0
         boolean roleExists = false;
 906  
         try
 907  
         {
 908  0
             lockExclusive();
 909  0
             roleExists = checkExists(role);
 910  0
             if (roleExists)
 911  
             {
 912  
                 // revoke all permissions from the role to be deleted
 913  0
                 revokeAll(role);
 914  0
                 Criteria criteria = RolePeer.buildCriteria(role);
 915  0
                 RolePeer.doDelete(criteria);
 916  0
                 getAllRoles().remove(role);
 917  
                 return;
 918  
             }
 919  
         }
 920  0
         catch (Exception e)
 921  
         {
 922  0
             throw new DataBackendException("removeRole(Role)", e);
 923  
         }
 924  
         finally
 925  
         {
 926  0
             unlockExclusive();
 927  0
         }
 928  0
         throw new UnknownEntityException("Unknown role '" + role + "'");
 929  
     }
 930  
 
 931  
     /**
 932  
      * Removes a Permission from the system.
 933  
      *
 934  
      * @param permission The object describing the permission to be removed.
 935  
      * @throws DataBackendException if there was an error accessing the data
 936  
      *         backend.
 937  
      * @throws UnknownEntityException if the permission does not exist.
 938  
      */
 939  
     public synchronized void removePermission(Permission permission)
 940  
             throws DataBackendException, UnknownEntityException
 941  
     {
 942  0
         boolean permissionExists = false;
 943  
         try
 944  
         {
 945  0
             lockExclusive();
 946  0
             permissionExists = checkExists(permission);
 947  0
             if (permissionExists)
 948  
             {
 949  0
                 Criteria criteria = PermissionPeer.buildCriteria(permission);
 950  0
                 PermissionPeer.doDelete(criteria);
 951  0
                 getAllPermissions().remove(permission);
 952  
                 return;
 953  
             }
 954  
         }
 955  0
         catch (Exception e)
 956  
         {
 957  0
             throw new DataBackendException("removePermission(Permission)", e);
 958  
         }
 959  
         finally
 960  
         {
 961  0
             unlockExclusive();
 962  0
         }
 963  0
         throw new UnknownEntityException("Unknown permission '"
 964  
                 + permission + "'");
 965  
     }
 966  
 
 967  
     /**
 968  
      * Renames an existing Group.
 969  
      *
 970  
      * @param group The object describing the group to be renamed.
 971  
      * @param name the new name for the group.
 972  
      * @throws DataBackendException if there was an error accessing the data
 973  
      *         backend.
 974  
      * @throws UnknownEntityException if the group does not exist.
 975  
      */
 976  
     public synchronized void renameGroup(Group group, String name)
 977  
             throws DataBackendException, UnknownEntityException
 978  
     {
 979  0
         boolean groupExists = false;
 980  
         try
 981  
         {
 982  0
             lockExclusive();
 983  0
             groupExists = checkExists(group);
 984  0
             if (groupExists)
 985  
             {
 986  0
                 group.setName(name);
 987  0
                 Criteria criteria = GroupPeer.buildCriteria(group);
 988  0
                 GroupPeer.doUpdate(criteria);
 989  
                 return;
 990  
             }
 991  
         }
 992  0
         catch (Exception e)
 993  
         {
 994  0
             throw new DataBackendException("renameGroup(Group,String)", e);
 995  
         }
 996  
         finally
 997  
         {
 998  0
             unlockExclusive();
 999  0
         }
 1000  0
         throw new UnknownEntityException("Unknown group '" + group + "'");
 1001  
     }
 1002  
 
 1003  
     /**
 1004  
      * Renames an existing Role.
 1005  
      *
 1006  
      * @param role The object describing the role to be renamed.
 1007  
      * @param name the new name for the role.
 1008  
      * @throws DataBackendException if there was an error accessing the data
 1009  
      *         backend.
 1010  
      * @throws UnknownEntityException if the role does not exist.
 1011  
      */
 1012  
     public synchronized void renameRole(Role role, String name)
 1013  
             throws DataBackendException, UnknownEntityException
 1014  
     {
 1015  0
         boolean roleExists = false;
 1016  
         try
 1017  
         {
 1018  0
             lockExclusive();
 1019  0
             roleExists = checkExists(role);
 1020  0
             if (roleExists)
 1021  
             {
 1022  0
                 role.setName(name);
 1023  0
                 Criteria criteria = RolePeer.buildCriteria(role);
 1024  0
                 RolePeer.doUpdate(criteria);
 1025  
                 return;
 1026  
             }
 1027  
         }
 1028  0
         catch (Exception e)
 1029  
         {
 1030  0
             throw new DataBackendException("renameRole(Role,String)", e);
 1031  
         }
 1032  
         finally
 1033  
         {
 1034  0
             unlockExclusive();
 1035  0
         }
 1036  0
         throw new UnknownEntityException("Unknown role '" + role + "'");
 1037  
     }
 1038  
 
 1039  
     /**
 1040  
      * Renames an existing Permission.
 1041  
      *
 1042  
      * @param permission The object describing the permission to be renamed.
 1043  
      * @param name the new name for the permission.
 1044  
      * @throws DataBackendException if there was an error accessing the data
 1045  
      *         backend.
 1046  
      * @throws UnknownEntityException if the permission does not exist.
 1047  
      */
 1048  
     public synchronized void renamePermission(Permission permission,
 1049  
                                               String name)
 1050  
             throws DataBackendException, UnknownEntityException
 1051  
     {
 1052  0
         boolean permissionExists = false;
 1053  
         try
 1054  
         {
 1055  0
             lockExclusive();
 1056  0
             permissionExists = checkExists(permission);
 1057  0
             if (permissionExists)
 1058  
             {
 1059  0
                 permission.setName(name);
 1060  0
                 Criteria criteria = PermissionPeer.buildCriteria(permission);
 1061  0
                 PermissionPeer.doUpdate(criteria);
 1062  
                 return;
 1063  
             }
 1064  
         }
 1065  0
         catch (Exception e)
 1066  
         {
 1067  0
             throw new DataBackendException(
 1068  
                     "renamePermission(Permission,name)", e);
 1069  
         }
 1070  
         finally
 1071  
         {
 1072  0
             unlockExclusive();
 1073  0
         }
 1074  0
         throw new UnknownEntityException("Unknown permission '"
 1075  
                 + permission + "'");
 1076  
     }
 1077  
 
 1078  
     /* Service specific implementation methods */
 1079  
 
 1080  
     /**
 1081  
      * Returns the Class object for the implementation of UserPeer interface
 1082  
      * used by the system (defined in TR.properties)
 1083  
      *
 1084  
      * @return the implementation of UserPeer interface used by the system.
 1085  
      * @throws UnknownEntityException if the system's implementation of UserPeer
 1086  
      *         interface could not be determined.
 1087  
      */
 1088  
     public Class getUserPeerClass() throws UnknownEntityException
 1089  
     {
 1090  0
         String userPeerClassName = getConfiguration().getString(
 1091  
                 USER_PEER_CLASS_KEY, USER_PEER_CLASS_DEFAULT);
 1092  
         try
 1093  
         {
 1094  0
             return Class.forName(userPeerClassName);
 1095  
         }
 1096  0
         catch (Exception e)
 1097  
         {
 1098  0
             throw new UnknownEntityException(
 1099  
                     "Failed create a Class object for UserPeer implementation", e);
 1100  
         }
 1101  
     }
 1102  
 
 1103  
     /**
 1104  
      * Construct a UserPeer object.
 1105  
      *
 1106  
      * This method calls getUserPeerClass, and then creates a new object using
 1107  
      * the default constructor.
 1108  
      *
 1109  
      * @return an object implementing UserPeer interface.
 1110  
      * @throws UnknownEntityException if the object could not be instantiated.
 1111  
      */
 1112  
     public UserPeer getUserPeerInstance() throws UnknownEntityException
 1113  
     {
 1114  
         UserPeer up;
 1115  
         try
 1116  
         {
 1117  0
             up = (UserPeer) getUserPeerClass().newInstance();
 1118  
         }
 1119  0
         catch (Exception e)
 1120  
         {
 1121  0
             throw new UnknownEntityException(
 1122  
                     "Failed instantiate an UserPeer implementation object", e);
 1123  0
         }
 1124  0
         return up;
 1125  
     }
 1126  
 
 1127  
     /**
 1128  
      * Determines if the <code>Group</code> exists in the security system.
 1129  
      *
 1130  
      * @param group a <code>Group</code> value
 1131  
      * @return true if the group exists in the system, false otherwise
 1132  
      * @throws DataBackendException when more than one Group with
 1133  
      *         the same name exists.
 1134  
      * @throws Exception A generic exception.
 1135  
      */
 1136  
     protected boolean checkExists(Group group)
 1137  
             throws DataBackendException, Exception
 1138  
     {
 1139  0
         return GroupPeer.checkExists(group);
 1140  
     }
 1141  
 
 1142  
     /**
 1143  
      * Determines if the <code>Role</code> exists in the security system.
 1144  
      *
 1145  
      * @param role a <code>Role</code> value
 1146  
      * @return true if the role exists in the system, false otherwise
 1147  
      * @throws DataBackendException when more than one Role with
 1148  
      *         the same name exists.
 1149  
      * @throws Exception A generic exception.
 1150  
      */
 1151  
     protected boolean checkExists(Role role)
 1152  
             throws DataBackendException, Exception
 1153  
     {
 1154  0
         return RolePeer.checkExists(role);
 1155  
     }
 1156  
 
 1157  
     /**
 1158  
      * Determines if the <code>Permission</code> exists in the security system.
 1159  
      *
 1160  
      * @param permission a <code>Permission</code> value
 1161  
      * @return true if the permission exists in the system, false otherwise
 1162  
      * @throws DataBackendException when more than one Permission with
 1163  
      *         the same name exists.
 1164  
      * @throws Exception A generic exception.
 1165  
      */
 1166  
     protected boolean checkExists(Permission permission)
 1167  
             throws DataBackendException, Exception
 1168  
     {
 1169  0
         return PermissionPeer.checkExists(permission);
 1170  
     }
 1171  
 
 1172  
 }

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.