Coverage report

  %line %branch
org.apache.turbine.services.security.torque.TorqueSecurityService
80% 
89% 

 1  
 package org.apache.turbine.services.security.torque;
 2  
 
 3  
 /*
 4  
  * Copyright 2001-2005 The Apache Software Foundation.
 5  
  *
 6  
  * Licensed under the Apache License, Version 2.0 (the "License")
 7  
  * you may not use this file except in compliance with the License.
 8  
  * You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing, software
 13  
  * distributed under the License is distributed on an "AS IS" BASIS,
 14  
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15  
  * See the License for the specific language governing permissions and
 16  
  * limitations under the License.
 17  
  */
 18  
 
 19  
 import java.util.ArrayList;
 20  
 import java.util.Hashtable;
 21  
 import java.util.Iterator;
 22  
 import java.util.List;
 23  
 
 24  
 import org.apache.commons.configuration.Configuration;
 25  
 
 26  
 import org.apache.commons.lang.StringUtils;
 27  
 
 28  
 import org.apache.commons.logging.Log;
 29  
 import org.apache.commons.logging.LogFactory;
 30  
 
 31  
 import org.apache.torque.om.NumberKey;
 32  
 import org.apache.torque.om.Persistent;
 33  
 import org.apache.torque.util.Criteria;
 34  
 
 35  
 import org.apache.turbine.om.security.Group;
 36  
 import org.apache.turbine.om.security.Permission;
 37  
 import org.apache.turbine.om.security.Role;
 38  
 import org.apache.turbine.om.security.User;
 39  
 import org.apache.turbine.services.InitializationException;
 40  
 import org.apache.turbine.services.security.BaseSecurityService;
 41  
 import org.apache.turbine.services.security.TurbineSecurity;
 42  
 import org.apache.turbine.services.security.torque.om.TurbineRolePermissionPeer;
 43  
 import org.apache.turbine.services.security.torque.om.TurbineUserGroupRolePeer;
 44  
 import org.apache.turbine.util.security.AccessControlList;
 45  
 import org.apache.turbine.util.security.DataBackendException;
 46  
 import org.apache.turbine.util.security.EntityExistsException;
 47  
 import org.apache.turbine.util.security.GroupSet;
 48  
 import org.apache.turbine.util.security.PermissionSet;
 49  
 import org.apache.turbine.util.security.RoleSet;
 50  
 import org.apache.turbine.util.security.UnknownEntityException;
 51  
 
 52  
 /**
 53  
  * An implementation of SecurityService that uses torque objects.
 54  
  *
 55  
  * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
 56  
  * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
 57  
  * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
 58  
  * @version $Id: TorqueSecurityService.java 264148 2005-08-29 14:21:04Z henning $
 59  
  */
 60  24
 public class TorqueSecurityService
 61  
     extends BaseSecurityService
 62  
 {
 63  
     /** Logging */
 64  24
     private static Log log = LogFactory.getLog(TorqueSecurityService.class);
 65  
 
 66  
     /**
 67  
      * Initializes the TorqueSecurityService, loading the various class objects
 68  
      * representing the security entity peer classes
 69  
      *
 70  
      * @exception InitializationException A problem occured during initialization
 71  
      */
 72  
 
 73  
     public void init()
 74  
         throws InitializationException
 75  
     {
 76  16
         Configuration conf = getConfiguration();
 77  
 
 78  16
         GroupPeerManager.init(conf);
 79  16
         RolePeerManager.init(conf);
 80  16
         PermissionPeerManager.init(conf);
 81  
 
 82  
         /* At the end, because it calls setInit(true)! */
 83  16
         super.init();
 84  16
     }
 85  
 
 86  
 
 87  
     /*-----------------------------------------------------------------------
 88  
       Creation of AccessControlLists
 89  
       -----------------------------------------------------------------------*/
 90  
 
 91  
     /**
 92  
      * Constructs an AccessControlList for a specific user.
 93  
      *
 94  
      * This method creates a snapshot of the state of security information
 95  
      * concerning this user, at the moment of invocation and stores it
 96  
      * into an AccessControlList object.
 97  
      *
 98  
      * @param user the user for whom the AccessControlList are to be retrieved
 99  
      * @return A new AccessControlList object.
 100  
      * @throws DataBackendException if there was an error accessing the data
 101  
      *         backend.
 102  
      * @throws UnknownEntityException if user account is not present.
 103  
      */
 104  
     public AccessControlList getACL(User user)
 105  
         throws DataBackendException, UnknownEntityException
 106  
     {
 107  18
         if (!TurbineSecurity.accountExists(user))
 108  
         {
 109  0
             throw new UnknownEntityException("The account '"
 110  
                                              + user.getName() + "' does not exist");
 111  
         }
 112  
         try
 113  
         {
 114  18
             Hashtable roles = new Hashtable();
 115  18
             Hashtable permissions = new Hashtable();
 116  
             // notify the state modifiers (writers) that we want to create
 117  
             // the snapshot.
 118  18
             lockShared();
 119  
 
 120  
             // construct the snapshot:
 121  
 
 122  
             // foreach group in the system
 123  18
             for (Iterator groupsIterator = getAllGroups().iterator();
 124  54
                  groupsIterator.hasNext();)
 125  
             {
 126  36
                 Group group = (Group) groupsIterator.next();
 127  
                 // get roles of user in the group
 128  36
                 RoleSet groupRoles = RolePeerManager.retrieveSet(user, group);
 129  
                 // put the Set into roles(group)
 130  36
                 roles.put(group, groupRoles);
 131  
                 // collect all permissions in this group
 132  36
                 PermissionSet groupPermissions = new PermissionSet();
 133  
                 // foreach role in Set
 134  36
                 for (Iterator rolesIterator = groupRoles.iterator();
 135  56
                      rolesIterator.hasNext();)
 136  
                 {
 137  20
                     Role role = (Role) rolesIterator.next();
 138  
                     // get permissions of the role
 139  20
                     PermissionSet rolePermissions =
 140  
                         PermissionPeerManager.retrieveSet(role);
 141  20
                     groupPermissions.add(rolePermissions);
 142  
                 }
 143  
                 // put the Set into permissions(group)
 144  36
                 permissions.put(group, groupPermissions);
 145  
             }
 146  18
             return getAclInstance(roles, permissions);
 147  
         }
 148  0
         catch (Exception e)
 149  
         {
 150  0
             throw new DataBackendException("Failed to build ACL for user '" +
 151  
                                            user.getName() + "'" , e);
 152  
         }
 153  
         finally
 154  
         {
 155  
             // notify the state modifiers that we are done creating the snapshot.
 156  9
             unlockShared();
 157  
         }
 158  
     }
 159  
 
 160  
     /*-----------------------------------------------------------------------
 161  
       Security management
 162  
       -----------------------------------------------------------------------*/
 163  
 
 164  
     /**
 165  
      * Grant an User a Role in a Group.
 166  
      *
 167  
      * @param user the user.
 168  
      * @param group the group.
 169  
      * @param role the role.
 170  
      * @throws DataBackendException if there was an error accessing the data
 171  
      *         backend.
 172  
      * @throws UnknownEntityException if user account, group or role is not
 173  
      *         present.
 174  
      */
 175  
     public synchronized void grant(User user, Group group, Role role)
 176  
         throws DataBackendException, UnknownEntityException
 177  
     {
 178  8
         boolean userExists = false;
 179  8
         boolean groupExists = false;
 180  8
         boolean roleExists = false;
 181  
         try
 182  
         {
 183  8
             lockExclusive();
 184  8
             userExists = TurbineSecurity.accountExists(user);
 185  8
             groupExists = checkExists(group);
 186  8
             roleExists = checkExists(role);
 187  8
             if (userExists && groupExists && roleExists)
 188  
             {
 189  4
                 Criteria criteria = new Criteria();
 190  4
                 criteria.add(TurbineUserGroupRolePeer.USER_ID,
 191  
                              ((Persistent) user).getPrimaryKey());
 192  4
                 criteria.add(TurbineUserGroupRolePeer.GROUP_ID,
 193  
                              ((Persistent) group).getPrimaryKey());
 194  4
                 criteria.add(TurbineUserGroupRolePeer.ROLE_ID,
 195  
                              ((Persistent) role).getPrimaryKey());
 196  4
                 TurbineUserGroupRolePeer.doInsert(criteria);
 197  1
                 return;
 198  
             }
 199  2
         }
 200  1
         catch (Exception e)
 201  
         {
 202  2
             throw new DataBackendException("grant(User,Group,Role) failed", e);
 203  
         }
 204  
         finally
 205  
         {
 206  3
             unlockExclusive();
 207  2
         }
 208  4
         if (!userExists)
 209  
         {
 210  0
             throw new UnknownEntityException("Unknown user '"
 211  
                                              + user.getName() + "'");
 212  
         }
 213  4
         if (!groupExists)
 214  
         {
 215  2
             throw new UnknownEntityException("Unknown group '"
 216  
                                              + group.getName() + "'");
 217  
         }
 218  2
         if (!roleExists)
 219  
         {
 220  2
             throw new UnknownEntityException("Unknown role '"
 221  
                                              + role.getName() + "'");
 222  
         }
 223  0
     }
 224  
 
 225  
     /**
 226  
      * Revoke a Role in a Group from an User.
 227  
      *
 228  
      * @param user the user.
 229  
      * @param group the group.
 230  
      * @param role the role.
 231  
      * @throws DataBackendException if there was an error accessing the data
 232  
      *         backend.
 233  
      * @throws UnknownEntityException if user account, group or role is not
 234  
      *         present.
 235  
      */
 236  
     public synchronized void revoke(User user, Group group, Role role)
 237  
         throws DataBackendException, UnknownEntityException
 238  
     {
 239  6
         boolean userExists = false;
 240  6
         boolean groupExists = false;
 241  6
         boolean roleExists = false;
 242  
         try
 243  
         {
 244  6
             lockExclusive();
 245  6
             userExists = TurbineSecurity.accountExists(user);
 246  6
             groupExists = checkExists(group);
 247  6
             roleExists = checkExists(role);
 248  6
             if (userExists && groupExists && roleExists)
 249  
             {
 250  2
                 Criteria criteria = new Criteria();
 251  2
                 criteria.add(TurbineUserGroupRolePeer.USER_ID,
 252  
                              ((Persistent) user).getPrimaryKey());
 253  2
                 criteria.add(TurbineUserGroupRolePeer.GROUP_ID,
 254  
                              ((Persistent) group).getPrimaryKey());
 255  2
                 criteria.add(TurbineUserGroupRolePeer.ROLE_ID,
 256  
                              ((Persistent) role).getPrimaryKey());
 257  2
                 TurbineUserGroupRolePeer.doDelete(criteria);
 258  1
                 return;
 259  
             }
 260  2
         }
 261  0
         catch (Exception e)
 262  
         {
 263  0
             throw new DataBackendException("revoke(User,Role,Group) failed", e);
 264  
         }
 265  
         finally
 266  
         {
 267  1
             unlockExclusive();
 268  2
         }
 269  4
         if (!userExists)
 270  
         {
 271  0
             throw new UnknownEntityException("Unknown user '"
 272  
                                              + user.getName() + "'");
 273  
         }
 274  4
         if (!groupExists)
 275  
         {
 276  2
             throw new UnknownEntityException("Unknown group '"
 277  
                                              + group.getName() + "'");
 278  
         }
 279  2
         if (!roleExists)
 280  
         {
 281  2
             throw new UnknownEntityException("Unknown role '"
 282  
                                              + role.getName() + "'");
 283  
         }
 284  0
     }
 285  
 
 286  
     /**
 287  
      * Revokes all roles from an User.
 288  
      *
 289  
      * This method is used when deleting an account.
 290  
      *
 291  
      * @param user the User.
 292  
      * @throws DataBackendException if there was an error accessing the data
 293  
      *         backend.
 294  
      * @throws UnknownEntityException if the account is not present.
 295  
      */
 296  
     public synchronized void revokeAll(User user)
 297  
         throws DataBackendException, UnknownEntityException
 298  
     {
 299  6
         boolean userExists = false;
 300  
         try
 301  
         {
 302  6
             lockExclusive();
 303  6
             userExists = TurbineSecurity.accountExists(user);
 304  6
             if (userExists)
 305  
             {
 306  
                 // The following would not work, due to an annoying misfeature
 307  
                 // of Village. Village allows only a single row to be deleted at
 308  
                 // a time. I wish that it was possible to disable this
 309  
                 // behaviour!
 310  
 
 311  
                 // Criteria criteria = new Criteria();
 312  
                 // criteria.add(UserGroupRolePeer.USER_ID,
 313  
                 //           ((Persistent) user).getPrimaryKey());
 314  
                 // UserGroupRolePeer.doDelete(criteria);
 315  4
                 int id = ((NumberKey) ((Persistent) user)
 316  
                           .getPrimaryKey()).intValue();
 317  4
                 TurbineUserGroupRolePeer.deleteAll(
 318  
                     TurbineUserGroupRolePeer.TABLE_NAME,
 319  
                     TurbineUserGroupRolePeer.USER_ID, id);
 320  2
                 return;
 321  
             }
 322  1
         }
 323  0
         catch (Exception e)
 324  
         {
 325  0
             throw new DataBackendException("revokeAll(User) failed", e);
 326  
         }
 327  
         finally
 328  
         {
 329  2
             unlockExclusive();
 330  1
         }
 331  2
         throw new UnknownEntityException("Unknown user '"
 332  
                                          + user.getName() + "'");
 333  
     }
 334  
 
 335  
     /**
 336  
      * Grants a Role a Permission
 337  
      *
 338  
      * @param role the Role.
 339  
      * @param permission the Permission.
 340  
      * @throws DataBackendException if there was an error accessing the data
 341  
      *         backend.
 342  
      * @throws UnknownEntityException if role or permission is not present.
 343  
      */
 344  
     public synchronized void grant(Role role, Permission permission)
 345  
         throws DataBackendException, UnknownEntityException
 346  
     {
 347  6
         boolean roleExists = false;
 348  6
         boolean permissionExists = false;
 349  
         try
 350  
         {
 351  6
             lockExclusive();
 352  6
             roleExists = checkExists(role);
 353  6
             permissionExists = checkExists(permission);
 354  6
             if (roleExists && permissionExists)
 355  
             {
 356  4
                 Criteria criteria = new Criteria();
 357  4
                 criteria.add(TurbineRolePermissionPeer.ROLE_ID,
 358  
                              ((Persistent) role).getPrimaryKey());
 359  4
                 criteria.add(TurbineRolePermissionPeer.PERMISSION_ID,
 360  
                              ((Persistent) permission).getPrimaryKey());
 361  4
                 TurbineRolePermissionPeer.doInsert(criteria);
 362  1
                 return;
 363  
             }
 364  1
         }
 365  1
         catch (Exception e)
 366  
         {
 367  2
             throw new DataBackendException("grant(Role,Permission) failed", e);
 368  
         }
 369  
         finally
 370  
         {
 371  3
             unlockExclusive();
 372  1
         }
 373  2
         if (!roleExists)
 374  
         {
 375  0
             throw new UnknownEntityException("Unknown role '"
 376  
                                              + role.getName() + "'");
 377  
         }
 378  2
         if (!permissionExists)
 379  
         {
 380  2
             throw new UnknownEntityException("Unknown permission '"
 381  
                                              + permission.getName() + "'");
 382  
         }
 383  0
     }
 384  
 
 385  
     /**
 386  
      * Revokes a Permission from a Role.
 387  
      *
 388  
      * @param role the Role.
 389  
      * @param permission the Permission.
 390  
      * @throws DataBackendException if there was an error accessing the data
 391  
      *         backend.
 392  
      * @throws UnknownEntityException if role or permission is not present.
 393  
      */
 394  
     public synchronized void revoke(Role role, Permission permission)
 395  
         throws DataBackendException, UnknownEntityException
 396  
     {
 397  4
         boolean roleExists = false;
 398  4
         boolean permissionExists = false;
 399  
         try
 400  
         {
 401  4
             lockExclusive();
 402  4
             roleExists = checkExists(role);
 403  4
             permissionExists = checkExists(permission);
 404  4
             if (roleExists && permissionExists)
 405  
             {
 406  2
                 Criteria criteria = new Criteria();
 407  2
                 criteria.add(TurbineRolePermissionPeer.ROLE_ID,
 408  
                              ((Persistent) role).getPrimaryKey());
 409  2
                 criteria.add(TurbineRolePermissionPeer.PERMISSION_ID,
 410  
                              ((Persistent) permission).getPrimaryKey());
 411  2
                 TurbineRolePermissionPeer.doDelete(criteria);
 412  1
                 return;
 413  
             }
 414  1
         }
 415  0
         catch (Exception e)
 416  
         {
 417  0
             throw new DataBackendException("revoke(Role,Permission) failed", e);
 418  
         }
 419  
         finally
 420  
         {
 421  1
             unlockExclusive();
 422  1
         }
 423  2
         if (!roleExists)
 424  
         {
 425  0
             throw new UnknownEntityException("Unknown role '"
 426  
                                              + role.getName() + "'");
 427  
         }
 428  2
         if (!permissionExists)
 429  
         {
 430  2
             throw new UnknownEntityException("Unknown permission '"
 431  
                                              + permission.getName() + "'");
 432  
         }
 433  0
     }
 434  
 
 435  
     /**
 436  
      * Revokes all permissions from a Role.
 437  
      *
 438  
      * This method is user when deleting a Role.
 439  
      *
 440  
      * @param role the Role
 441  
      * @throws DataBackendException if there was an error accessing the data
 442  
      *         backend.
 443  
      * @throws UnknownEntityException if the Role is not present.
 444  
      */
 445  
     public synchronized void revokeAll(Role role)
 446  
         throws DataBackendException, UnknownEntityException
 447  
     {
 448  4
         boolean roleExists = false;
 449  
         try
 450  
         {
 451  4
             lockExclusive();
 452  4
             roleExists = checkExists(role);
 453  4
             if (roleExists)
 454  
             {
 455  
                 // The following would not work, due to an annoying misfeature
 456  
                 // of Village. see revokeAll( user )
 457  
 
 458  
                 // Criteria criteria = new Criteria();
 459  
                 // criteria.add(RolePermissionPeer.ROLE_ID,
 460  
                 //         role.getPrimaryKey());
 461  
                 // RolePermissionPeer.doDelete(criteria);
 462  
 
 463  4
                 int id = ((NumberKey) ((Persistent) role)
 464  
                           .getPrimaryKey()).intValue();
 465  4
                 TurbineRolePermissionPeer.deleteAll(
 466  
                     TurbineRolePermissionPeer.TABLE_NAME,
 467  
                     TurbineRolePermissionPeer.ROLE_ID, id);
 468  2
                 return;
 469  
             }
 470  
         }
 471  0
         catch (Exception e)
 472  
         {
 473  0
             throw new DataBackendException("revokeAll(Role) failed", e);
 474  
         }
 475  
         finally
 476  
         {
 477  2
             unlockExclusive();
 478  0
         }
 479  0
         throw new UnknownEntityException("Unknown role '"
 480  
                                          + role.getName() + "'");
 481  
     }
 482  
 
 483  
     /*-----------------------------------------------------------------------
 484  
       Group/Role/Permission management
 485  
       -----------------------------------------------------------------------*/
 486  
 
 487  
     /**
 488  
      * Retrieve a set of Groups that meet the specified Criteria.
 489  
      *
 490  
      * @param criteria A Criteria of Group selection.
 491  
      * @return a set of Groups that meet the specified Criteria.
 492  
      * @throws DataBackendException if there was an error accessing the data
 493  
      *         backend.
 494  
      */
 495  
     public GroupSet getGroups(Criteria criteria)
 496  
         throws DataBackendException
 497  
     {
 498  100
         Criteria torqueCriteria = new Criteria();
 499  100
         Iterator keys = criteria.keySet().iterator();
 500  150
         while (keys.hasNext())
 501  
         {
 502  0
             String key = (String) keys.next();
 503  0
             torqueCriteria.put(GroupPeerManager.getColumnName(key),
 504  
                     criteria.get(key));
 505  
         }
 506  100
         List groups = new ArrayList(0);
 507  
         try
 508  
         {
 509  100
             groups = GroupPeerManager.doSelect(criteria);
 510  50
         }
 511  0
         catch (Exception e)
 512  
         {
 513  0
             throw new DataBackendException("getGroups(Criteria) failed", e);
 514  50
         }
 515  100
         return new GroupSet(groups);
 516  
     }
 517  
 
 518  
     /**
 519  
      * Retrieve a set of Roles that meet the specified Criteria.
 520  
      *
 521  
      * @param criteria A Criteria of Roles selection.
 522  
      * @return a set of Roles that meet the specified Criteria.
 523  
      * @throws DataBackendException if there was an error accessing the data
 524  
      *         backend.
 525  
      */
 526  
     public RoleSet getRoles(Criteria criteria)
 527  
         throws DataBackendException
 528  
     {
 529  66
         Criteria torqueCriteria = new Criteria();
 530  66
         Iterator keys = criteria.keySet().iterator();
 531  99
         while (keys.hasNext())
 532  
         {
 533  0
             String key = (String) keys.next();
 534  0
             torqueCriteria.put(RolePeerManager.getColumnName(key),
 535  
                     criteria.get(key));
 536  
         }
 537  66
         List roles = new ArrayList(0);
 538  
         try
 539  
         {
 540  66
             roles = RolePeerManager.doSelect(criteria);
 541  33
         }
 542  0
         catch (Exception e)
 543  
         {
 544  0
             throw new DataBackendException("getRoles(Criteria) failed", e);
 545  33
         }
 546  66
         return new RoleSet(roles);
 547  
     }
 548  
 
 549  
     /**
 550  
      * Retrieve a set of Permissions that meet the specified Criteria.
 551  
      *
 552  
      * @param criteria A Criteria of Permissions selection.
 553  
      * @return a set of Permissions that meet the specified Criteria.
 554  
      * @throws DataBackendException if there was an error accessing the data
 555  
      *         backend.
 556  
      */
 557  
     public PermissionSet getPermissions(Criteria criteria)
 558  
         throws DataBackendException
 559  
     {
 560  60
         Criteria torqueCriteria = new Criteria();
 561  60
         Iterator keys = criteria.keySet().iterator();
 562  90
         while (keys.hasNext())
 563  
         {
 564  0
             String key = (String) keys.next();
 565  0
             torqueCriteria.put(PermissionPeerManager.getColumnName(key),
 566  
                     criteria.get(key));
 567  
         }
 568  60
         List permissions = new ArrayList(0);
 569  
         try
 570  
         {
 571  60
             permissions = PermissionPeerManager.doSelect(criteria);
 572  30
         }
 573  0
         catch (Exception e)
 574  
         {
 575  0
             throw new DataBackendException(
 576  
                 "getPermissions(Criteria) failed", e);
 577  30
         }
 578  60
         return new PermissionSet(permissions);
 579  
     }
 580  
 
 581  
     /**
 582  
      * Retrieves all permissions associated with a role.
 583  
      *
 584  
      * @param role the role name, for which the permissions are to be retrieved.
 585  
      * @return A Permission set for the Role.
 586  
      * @throws DataBackendException if there was an error accessing the data
 587  
      *         backend.
 588  
      * @throws UnknownEntityException if the role is not present.
 589  
      */
 590  
     public PermissionSet getPermissions(Role role)
 591  
         throws DataBackendException, UnknownEntityException
 592  
     {
 593  50
         boolean roleExists = false;
 594  
         try
 595  
         {
 596  50
             lockShared();
 597  50
             roleExists = checkExists(role);
 598  50
             if (roleExists)
 599  
             {
 600  50
                 return PermissionPeerManager.retrieveSet(role);
 601  
             }
 602  
         }
 603  0
         catch (Exception e)
 604  
         {
 605  0
             throw new DataBackendException("getPermissions(Role) failed", e);
 606  
         }
 607  
         finally
 608  
         {
 609  25
             unlockShared();
 610  0
         }
 611  0
         throw new UnknownEntityException("Unknown role '"
 612  
                                          + role.getName() + "'");
 613  
     }
 614  
 
 615  
     /**
 616  
      * Stores Group's attributes. The Groups is required to exist in the system.
 617  
      *
 618  
      * @param group The Group to be stored.
 619  
      * @throws DataBackendException if there was an error accessing the data
 620  
      *         backend.
 621  
      * @throws UnknownEntityException if the group does not exist.
 622  
      */
 623  
     public void saveGroup(Group group)
 624  
         throws DataBackendException, UnknownEntityException
 625  
     {
 626  4
         boolean groupExists = false;
 627  
         try
 628  
         {
 629  4
             groupExists = checkExists(group);
 630  4
             if (groupExists)
 631  
             {
 632  2
                 Criteria criteria = GroupPeerManager.buildCriteria(group);
 633  2
                 GroupPeerManager.doUpdate(criteria);
 634  2
                 return;
 635  
             }
 636  1
         }
 637  0
         catch (Exception e)
 638  
         {
 639  0
             throw new DataBackendException("saveGroup(Group) failed", e);
 640  1
         }
 641  2
         throw new UnknownEntityException("Unknown group '" + group + "'");
 642  
     }
 643  
 
 644  
     /**
 645  
      * Stores Role's attributes. The Roles is required to exist in the system.
 646  
      *
 647  
      * @param role The Role to be stored.
 648  
      * @throws DataBackendException if there was an error accessing the data
 649  
      *         backend.
 650  
      * @throws UnknownEntityException if the role does not exist.
 651  
      */
 652  
     public void saveRole(Role role)
 653  
         throws DataBackendException, UnknownEntityException
 654  
     {
 655  4
         boolean roleExists = false;
 656  
         try
 657  
         {
 658  4
             roleExists = checkExists(role);
 659  4
             if (roleExists)
 660  
             {
 661  2
                 Criteria criteria = RolePeerManager.buildCriteria(role);
 662  2
                 RolePeerManager.doUpdate(criteria);
 663  2
                 return;
 664  
             }
 665  1
         }
 666  0
         catch (Exception e)
 667  
         {
 668  0
             throw new DataBackendException("saveRole(Role) failed", e);
 669  1
         }
 670  2
         throw new UnknownEntityException("Unknown role '" + role + "'");
 671  
     }
 672  
 
 673  
     /**
 674  
      * Stores Permission's attributes. The Permissions is required to exist in
 675  
      * the system.
 676  
      *
 677  
      * @param permission The Permission to be stored.
 678  
      * @throws DataBackendException if there was an error accessing the data
 679  
      *         backend.
 680  
      * @throws UnknownEntityException if the permission does not exist.
 681  
      */
 682  
     public void savePermission(Permission permission)
 683  
         throws DataBackendException, UnknownEntityException
 684  
     {
 685  4
         boolean permissionExists = false;
 686  
         try
 687  
         {
 688  4
             permissionExists = checkExists(permission);
 689  4
             if (permissionExists)
 690  
             {
 691  2
                 Criteria criteria = PermissionPeerManager.buildCriteria(permission);
 692  2
                 PermissionPeerManager.doUpdate(criteria);
 693  2
                 return;
 694  
             }
 695  1
         }
 696  0
         catch (Exception e)
 697  
         {
 698  0
             throw new DataBackendException(
 699  
                 "savePermission(Permission) failed", e);
 700  1
         }
 701  2
         throw new UnknownEntityException("Unknown permission '"
 702  
                                          + permission + "'");
 703  
     }
 704  
 
 705  
     /**
 706  
      * Creates a new group with specified attributes.
 707  
      *
 708  
      * @param group the object describing the group to be created.
 709  
      * @return a new Group object that has id set up properly.
 710  
      * @throws DataBackendException if there was an error accessing the data
 711  
      *         backend.
 712  
      * @throws EntityExistsException if the group already exists.
 713  
      */
 714  
     public synchronized Group addGroup(Group group)
 715  
         throws DataBackendException,
 716  
                EntityExistsException
 717  
     {
 718  8
         boolean groupExists = false;
 719  
 
 720  8
         if (StringUtils.isEmpty(group.getName()))
 721  
         {
 722  2
             throw new DataBackendException("Could not create "
 723  
                                            + "a group with empty name!");
 724  
         }
 725  
 
 726  
         try
 727  
         {
 728  6
             lockExclusive();
 729  6
             groupExists = checkExists(group);
 730  6
             if (!groupExists)
 731  
             {
 732  
                 // add a row to the table
 733  4
                 Criteria criteria = GroupPeerManager.buildCriteria(group);
 734  4
                 GroupPeerManager.doInsert(criteria);
 735  
                 // try to get the object back using the name as key.
 736  4
                 criteria = new Criteria();
 737  4
                 criteria.add(GroupPeerManager.getNameColumn(),
 738  
                              group.getName());
 739  4
                 List results = GroupPeerManager.doSelect(criteria);
 740  4
                 if (results.size() != 1)
 741  
                 {
 742  0
                     throw new DataBackendException(
 743  
                         "Internal error - query returned "
 744  
                         + results.size() + " rows");
 745  
                 }
 746  4
                 Group newGroup = (Group) results.get(0);
 747  
                 // add the group to system-wide cache
 748  4
                 getAllGroups().add(newGroup);
 749  
                 // return the object with correct id
 750  4
                 return newGroup;
 751  
             }
 752  1
         }
 753  0
         catch (Exception e)
 754  
         {
 755  0
             throw new DataBackendException("addGroup(Group) failed", e);
 756  
         }
 757  
         finally
 758  
         {
 759  2
             unlockExclusive();
 760  1
         }
 761  
         // the only way we could get here without return/throw tirggered
 762  
         // is that the groupExists was true.
 763  2
         throw new EntityExistsException("Group '" + group + "' already exists");
 764  
     }
 765  
 
 766  
     /**
 767  
      * Creates a new role with specified attributes.
 768  
      *
 769  
      * @param role the object describing the role to be created.
 770  
      * @return a new Role object that has id set up properly.
 771  
      * @throws DataBackendException if there was an error accessing the data
 772  
      *         backend.
 773  
      * @throws EntityExistsException if the role already exists.
 774  
      */
 775  
     public synchronized Role addRole(Role role)
 776  
         throws DataBackendException, EntityExistsException
 777  
     {
 778  8
         boolean roleExists = false;
 779  
 
 780  8
         if (StringUtils.isEmpty(role.getName()))
 781  
         {
 782  2
             throw new DataBackendException("Could not create "
 783  
                                            + "a role with empty name!");
 784  
         }
 785  
 
 786  
         try
 787  
         {
 788  6
             lockExclusive();
 789  6
             roleExists = checkExists(role);
 790  6
             if (!roleExists)
 791  
             {
 792  
                 // add a row to the table
 793  4
                 Criteria criteria = RolePeerManager.buildCriteria(role);
 794  4
                 RolePeerManager.doInsert(criteria);
 795  
                 // try to get the object back using the name as key.
 796  4
                 criteria = new Criteria();
 797  4
                 criteria.add(RolePeerManager.getNameColumn(), role.getName());
 798  4
                 List results = RolePeerManager.doSelect(criteria);
 799  4
                 if (results.size() != 1)
 800  
                 {
 801  0
                     throw new DataBackendException(
 802  
                         "Internal error - query returned "
 803  
                         + results.size() + " rows");
 804  
                 }
 805  4
                 Role newRole = (Role) results.get(0);
 806  
                 // add the role to system-wide cache
 807  4
                 getAllRoles().add(newRole);
 808  
                 // return the object with correct id
 809  4
                 return newRole;
 810  
             }
 811  1
         }
 812  0
         catch (Exception e)
 813  
         {
 814  0
             throw new DataBackendException("addRole(Role) failed", e);
 815  
         }
 816  
         finally
 817  
         {
 818  2
             unlockExclusive();
 819  1
         }
 820  
         // the only way we could get here without return/throw tirggered
 821  
         // is that the roleExists was true.
 822  2
         throw new EntityExistsException("Role '" + role + "' already exists");
 823  
     }
 824  
 
 825  
     /**
 826  
      * Creates a new permission with specified attributes.
 827  
      *
 828  
      * @param permission the object describing the permission to be created.
 829  
      * @return a new Permission object that has id set up properly.
 830  
      * @throws DataBackendException if there was an error accessing the data
 831  
      *         backend.
 832  
      * @throws EntityExistsException if the permission already exists.
 833  
      */
 834  
     public synchronized Permission addPermission(Permission permission)
 835  
         throws DataBackendException, EntityExistsException
 836  
     {
 837  8
         boolean permissionExists = false;
 838  
 
 839  8
         if (StringUtils.isEmpty(permission.getName()))
 840  
         {
 841  2
             throw new DataBackendException("Could not create "
 842  
                                            + "a permission with empty name!");
 843  
         }
 844  
 
 845  
         try
 846  
         {
 847  6
             lockExclusive();
 848  6
             permissionExists = checkExists(permission);
 849  6
             if (!permissionExists)
 850  
             {
 851  
                 // add a row to the table
 852  4
                 Criteria criteria = PermissionPeerManager.buildCriteria(permission);
 853  4
                 PermissionPeerManager.doInsert(criteria);
 854  
                 // try to get the object back using the name as key.
 855  4
                 criteria = new Criteria();
 856  4
                 criteria.add(PermissionPeerManager.getNameColumn(),
 857  
                              permission.getName());
 858  4
                 List results = PermissionPeerManager.doSelect(criteria);
 859  4
                 if (results.size() != 1)
 860  
                 {
 861  0
                     throw new DataBackendException(
 862  
                         "Internal error - query returned "
 863  
                         + results.size() + " rows");
 864  
                 }
 865  4
                 Permission newPermission = (Permission) results.get(0);
 866  
                 // add the permission to system-wide cache
 867  4
                 getAllPermissions().add(newPermission);
 868  
                 // return the object with correct id
 869  4
                 return newPermission;
 870  
             }
 871  1
         }
 872  0
         catch (Exception e)
 873  
         {
 874  0
             throw new DataBackendException(
 875  
                 "addPermission(Permission) failed", e);
 876  
         }
 877  
         finally
 878  
         {
 879  2
             unlockExclusive();
 880  1
         }
 881  
         // the only way we could get here without return/throw tirggered
 882  
         // is that the permissionExists was true.
 883  2
         throw new EntityExistsException("Permission '" + permission
 884  
                                         + "' already exists");
 885  
     }
 886  
 
 887  
     /**
 888  
      * Removes a Group from the system.
 889  
      *
 890  
      * @param group The object describing the group to be removed.
 891  
      * @throws DataBackendException if there was an error accessing the data
 892  
      *         backend.
 893  
      * @throws UnknownEntityException if the group does not exist.
 894  
      */
 895  
     public synchronized void removeGroup(Group group)
 896  
         throws DataBackendException, UnknownEntityException
 897  
     {
 898  4
         boolean groupExists = false;
 899  
         try
 900  
         {
 901  4
             lockExclusive();
 902  4
             groupExists = checkExists(group);
 903  4
             if (groupExists)
 904  
             {
 905  2
                 Criteria criteria = GroupPeerManager.buildCriteria(group);
 906  2
                 GroupPeerManager.doDelete(criteria);
 907  2
                 getAllGroups().remove(group);
 908  1
                 return;
 909  
             }
 910  1
         }
 911  0
         catch (Exception e)
 912  
         {
 913  0
             log.error("Failed to delete a Group");
 914  0
             log.error(e);
 915  0
             throw new DataBackendException("removeGroup(Group) failed", e);
 916  
         }
 917  
         finally
 918  
         {
 919  1
             unlockExclusive();
 920  1
         }
 921  2
         throw new UnknownEntityException("Unknown group '" + group + "'");
 922  
     }
 923  
 
 924  
     /**
 925  
      * Removes a Role from the system.
 926  
      *
 927  
      * @param role The object describing the role to be removed.
 928  
      * @throws DataBackendException if there was an error accessing the data
 929  
      *         backend.
 930  
      * @throws UnknownEntityException if the role does not exist.
 931  
      */
 932  
     public synchronized void removeRole(Role role)
 933  
         throws DataBackendException, UnknownEntityException
 934  
     {
 935  4
         boolean roleExists = false;
 936  
         try
 937  
         {
 938  4
             lockExclusive();
 939  4
             roleExists = checkExists(role);
 940  4
             if (roleExists)
 941  
             {
 942  
                 // revoke all permissions from the role to be deleted
 943  2
                 revokeAll(role);
 944  2
                 Criteria criteria = RolePeerManager.buildCriteria(role);
 945  2
                 RolePeerManager.doDelete(criteria);
 946  2
                 getAllRoles().remove(role);
 947  1
                 return;
 948  
             }
 949  1
         }
 950  0
         catch (Exception e)
 951  
         {
 952  0
             throw new DataBackendException("removeRole(Role)", e);
 953  
         }
 954  
         finally
 955  
         {
 956  1
             unlockExclusive();
 957  1
         }
 958  2
         throw new UnknownEntityException("Unknown role '" + role + "'");
 959  
     }
 960  
 
 961  
     /**
 962  
      * Removes a Permission from the system.
 963  
      *
 964  
      * @param permission The object describing the permission to be removed.
 965  
      * @throws DataBackendException if there was an error accessing the data
 966  
      *         backend.
 967  
      * @throws UnknownEntityException if the permission does not exist.
 968  
      */
 969  
     public synchronized void removePermission(Permission permission)
 970  
         throws DataBackendException, UnknownEntityException
 971  
     {
 972  4
         boolean permissionExists = false;
 973  
         try
 974  
         {
 975  4
             lockExclusive();
 976  4
             permissionExists = checkExists(permission);
 977  4
             if (permissionExists)
 978  
             {
 979  2
                 Criteria criteria = PermissionPeerManager.buildCriteria(permission);
 980  2
                 PermissionPeerManager.doDelete(criteria);
 981  2
                 getAllPermissions().remove(permission);
 982  1
                 return;
 983  
             }
 984  1
         }
 985  0
         catch (Exception e)
 986  
         {
 987  0
             throw new DataBackendException("removePermission(Permission)", e);
 988  
         }
 989  
         finally
 990  
         {
 991  1
             unlockExclusive();
 992  1
         }
 993  2
         throw new UnknownEntityException("Unknown permission '"
 994  
                                          + permission + "'");
 995  
     }
 996  
 
 997  
     /**
 998  
      * Renames an existing Group.
 999  
      *
 1000  
      * @param group The object describing the group to be renamed.
 1001  
      * @param name the new name for the group.
 1002  
      * @throws DataBackendException if there was an error accessing the data
 1003  
      *         backend.
 1004  
      * @throws UnknownEntityException if the group does not exist.
 1005  
      */
 1006  
     public synchronized void renameGroup(Group group, String name)
 1007  
         throws DataBackendException, UnknownEntityException
 1008  
     {
 1009  2
         boolean groupExists = false;
 1010  
         try
 1011  
         {
 1012  2
             lockExclusive();
 1013  2
             groupExists = checkExists(group);
 1014  2
             if (groupExists)
 1015  
             {
 1016  2
                 group.setName(name);
 1017  2
                 Criteria criteria = GroupPeerManager.buildCriteria(group);
 1018  2
                 GroupPeerManager.doUpdate(criteria);
 1019  1
                 return;
 1020  
             }
 1021  
         }
 1022  0
         catch (Exception e)
 1023  
         {
 1024  0
             throw new DataBackendException("renameGroup(Group,String)", e);
 1025  
         }
 1026  
         finally
 1027  
         {
 1028  1
             unlockExclusive();
 1029  0
         }
 1030  0
         throw new UnknownEntityException("Unknown group '" + group + "'");
 1031  
     }
 1032  
 
 1033  
     /**
 1034  
      * Renames an existing Role.
 1035  
      *
 1036  
      * @param role The object describing the role to be renamed.
 1037  
      * @param name the new name for the role.
 1038  
      * @throws DataBackendException if there was an error accessing the data
 1039  
      *         backend.
 1040  
      * @throws UnknownEntityException if the role does not exist.
 1041  
      */
 1042  
     public synchronized void renameRole(Role role, String name)
 1043  
         throws DataBackendException, UnknownEntityException
 1044  
     {
 1045  2
         boolean roleExists = false;
 1046  
         try
 1047  
         {
 1048  2
             lockExclusive();
 1049  2
             roleExists = checkExists(role);
 1050  2
             if (roleExists)
 1051  
             {
 1052  2
                 role.setName(name);
 1053  2
                 Criteria criteria = RolePeerManager.buildCriteria(role);
 1054  2
                 RolePeerManager.doUpdate(criteria);
 1055  1
                 return;
 1056  
             }
 1057  
         }
 1058  0
         catch (Exception e)
 1059  
         {
 1060  0
             throw new DataBackendException("renameRole(Role,String)", e);
 1061  
         }
 1062  
         finally
 1063  
         {
 1064  1
             unlockExclusive();
 1065  0
         }
 1066  0
         throw new UnknownEntityException("Unknown role '" + role + "'");
 1067  
     }
 1068  
 
 1069  
     /**
 1070  
      * Renames an existing Permission.
 1071  
      *
 1072  
      * @param permission The object describing the permission to be renamed.
 1073  
      * @param name the new name for the permission.
 1074  
      * @throws DataBackendException if there was an error accessing the data
 1075  
      *         backend.
 1076  
      * @throws UnknownEntityException if the permission does not exist.
 1077  
      */
 1078  
     public synchronized void renamePermission(Permission permission,
 1079  
                                               String name)
 1080  
         throws DataBackendException, UnknownEntityException
 1081  
     {
 1082  2
         boolean permissionExists = false;
 1083  
         try
 1084  
         {
 1085  2
             lockExclusive();
 1086  2
             permissionExists = checkExists(permission);
 1087  2
             if (permissionExists)
 1088  
             {
 1089  2
                 permission.setName(name);
 1090  2
                 Criteria criteria = PermissionPeerManager.buildCriteria(permission);
 1091  2
                 PermissionPeerManager.doUpdate(criteria);
 1092  1
                 return;
 1093  
             }
 1094  
         }
 1095  0
         catch (Exception e)
 1096  
         {
 1097  0
             throw new DataBackendException(
 1098  
                 "renamePermission(Permission,name)", e);
 1099  
         }
 1100  
         finally
 1101  
         {
 1102  1
             unlockExclusive();
 1103  0
         }
 1104  0
         throw new UnknownEntityException("Unknown permission '"
 1105  
                                          + permission + "'");
 1106  
     }
 1107  
 
 1108  
     /* Service specific implementation methods */
 1109  
 
 1110  
     /**
 1111  
      * Determines if the <code>Group</code> exists in the security system.
 1112  
      *
 1113  
      * @param group a <code>Group</code> value
 1114  
      * @return true if the group exists in the system, false otherwise
 1115  
      * @throws DataBackendException when more than one Group with
 1116  
      *         the same name exists.
 1117  
      * @throws Exception A generic exception.
 1118  
      */
 1119  
     protected boolean checkExists(Group group)
 1120  
         throws DataBackendException, Exception
 1121  
     {
 1122  30
         return GroupPeerManager.checkExists(group);
 1123  
     }
 1124  
 
 1125  
     /**
 1126  
      * Determines if the <code>Role</code> exists in the security system.
 1127  
      *
 1128  
      * @param role a <code>Role</code> value
 1129  
      * @return true if the role exists in the system, false otherwise
 1130  
      * @throws DataBackendException when more than one Role with
 1131  
      *         the same name exists.
 1132  
      * @throws Exception A generic exception.
 1133  
      */
 1134  
     protected boolean checkExists(Role role)
 1135  
         throws DataBackendException, Exception
 1136  
     {
 1137  94
         return RolePeerManager.checkExists(role);
 1138  
     }
 1139  
 
 1140  
     /**
 1141  
      * Determines if the <code>Permission</code> exists in the security system.
 1142  
      *
 1143  
      * @param permission a <code>Permission</code> value
 1144  
      * @return true if the permission exists in the system, false otherwise
 1145  
      * @throws DataBackendException when more than one Permission with
 1146  
      *         the same name exists.
 1147  
      * @throws Exception A generic exception.
 1148  
      */
 1149  
     protected boolean checkExists(Permission permission)
 1150  
         throws DataBackendException, Exception
 1151  
     {
 1152  26
         return PermissionPeerManager.checkExists(permission);
 1153  
     }
 1154  
 
 1155  
 }

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.