Package org.apache.archiva.redback.rbac

Class AbstractRBACManager

java.lang.Object

org.apache.archiva.redback.rbac.AbstractRBACManager

All Implemented Interfaces:

RBACManager

Direct Known Subclasses:

JpaRbacManager, LdapRbacManager, MemoryRbacManager

public abstract class AbstractRBACManager
extends Object
implements RBACManager

AbstractRBACManager

Author:

Joakim Erdfelt

Field Summary

Fields

Modifier and Type	Field	Description
protected Logger	log

Constructor Summary

Constructors

Constructor	Description
AbstractRBACManager()

Method Summary

Modifier and Type	Method	Description
void	addChildRole(Role role, Role childRole)	Adds a child to a role.
void	addListener(RBACManagerListener listener)
Role	createRole(String name)	Creates an implementation specific Role, or return an existing Role, depending on the provided name parameter.
void	fireRbacInit(boolean freshdb)
void	fireRbacPermissionRemoved(Permission permission)
void	fireRbacPermissionSaved(Permission permission)
void	fireRbacRoleRemoved(Role role)
void	fireRbacRoleSaved(Role role)
void	fireRbacUserAssignmentRemoved(UserAssignment userAssignment)
void	fireRbacUserAssignmentSaved(UserAssignment userAssignment)
List<Role>	getAllAssignableRoles()	Returns a list of all assignable roles
Map<String,List<? extends Permission>>	getAssignedPermissionMap(String principal)	returns a map of assigned permissions keyed off of operations
Set<? extends Permission>	getAssignedPermissions(String principal)	returns a set of all permissions that are in all active roles for a given principal
Collection<Role>	getAssignedRoles(String principal)	returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then use getAssignedPermissions(String principal)
Collection<Role>	getAssignedRoles(UserAssignment ua)	returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.
Map<String,? extends Role>	getChildRoleIds(Role role)	Returns all the child roles of a given role as (role id, role) pairs.
Map<String,? extends Role>	getChildRoleNames(Role role)	Returns all the child roles of a given role as (name, role) pairs.
Collection<Role>	getEffectivelyAssignedRoles(String principal)	Get a list of the effectively assigned roles to the specified user, this includes child roles
Collection<Role>	getEffectivelyAssignedRoles(UserAssignment ua)
Collection<Role>	getEffectivelyUnassignedRoles(String principal)	Get a list of all assignable roles that are currently not effectively assigned to the specific user, meaning, not a child of any already granted role
Set<? extends Role>	getEffectiveRoles(Role role)	Returns all effective roles.
Resource	getGlobalResource()	Returns the global resource object
Map<String,? extends Role>	getParentRoleIds(Role role)	Returns all the parent roles of a given role as map of (id, role) elements.
Map<String,? extends Role>	getParentRoleNames(Role role)	Returns all the parent roles of a given role as map of (name, role) elements.
Map<String,? extends Role>	getRoles(Collection<String> roleNames)	Returns the role instances for the given role names.
Collection<Role>	getUnassignedRoles(String principal)	Get a list of all assignable roles that are currently not assigned to the specific user.
void	initialize()	consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.
boolean	isFinalImplementation()
boolean	operationExists(String name)
boolean	operationExists(Operation operation)
boolean	permissionExists(String name)	Tests for the existence of a permission.
boolean	permissionExists(Permission permission)
void	removeListener(RBACManagerListener listener)
void	removeOperation(String operationName)
void	removePermission(String permissionName)
void	removeResource(String resourceIdentifier)
void	removeRole(String roleName)	Removes the role with the given name from the datastore.
void	removeRoleById(String id)	Removes the role with the given id from the datastore.
void	removeUserAssignment(String principal)	Method removeAssignment
boolean	resourceExists(String identifier)
boolean	resourceExists(Resource resource)
boolean	roleExists(String name)	Tests for the existence of a Role.
boolean	roleExists(Role role)	Returns true, if the given role exists.
boolean	roleExistsById(String id)	Returns true, if a role with the given id exists.
boolean	userAssignmentExists(String principal)
boolean	userAssignmentExists(UserAssignment assignment)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.archiva.redback.rbac.RBACManager

createOperation, createPermission, createPermission, createResource, createRole, createUserAssignment, eraseDatabase, getAllOperations, getAllPermissions, getAllResources, getAllRoles, getAllUserAssignments, getDescriptionKey, getOperation, getPermission, getResource, getRole, getRoleById, getUserAssignment, getUserAssignmentsForRoles, isReadOnly, removeOperation, removePermission, removeResource, removeRole, removeUserAssignment, saveOperation, savePermission, saveResource, saveRole, saveRoles, saveUserAssignment

Field Detail

log

protected Logger log

Constructor Detail

AbstractRBACManager

public AbstractRBACManager()

Method Detail

initialize

@PostConstruct
public void initialize()

Description copied from interface: RBACManager

consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.

Specified by:

initialize in interface RBACManager

isFinalImplementation

public boolean isFinalImplementation()

Specified by:

isFinalImplementation in interface RBACManager

Returns:

true if this implementation is a final one and not a wrapper (configurable, cached)

addListener

public void addListener(RBACManagerListener listener)

Specified by:

addListener in interface RBACManager

removeListener

public void removeListener(RBACManagerListener listener)

Specified by:

removeListener in interface RBACManager

fireRbacInit

public void fireRbacInit(boolean freshdb)

fireRbacRoleSaved

public void fireRbacRoleSaved(Role role)

fireRbacRoleRemoved

public void fireRbacRoleRemoved(Role role)

fireRbacPermissionSaved

public void fireRbacPermissionSaved(Permission permission)

fireRbacPermissionRemoved

public void fireRbacPermissionRemoved(Permission permission)

fireRbacUserAssignmentSaved

public void fireRbacUserAssignmentSaved(UserAssignment userAssignment)

fireRbacUserAssignmentRemoved

public void fireRbacUserAssignmentRemoved(UserAssignment userAssignment)

createRole

public Role createRole(String name)

Description copied from interface: RBACManager

Creates an implementation specific Role, or return an existing Role, depending on the provided name parameter. Note: Be sure to use RBACManager.saveRole(Role) in order to persist any changes to the Role.

Specified by:

createRole in interface RBACManager

Parameters:

name - the name.

Returns:

the new Role object.

removeRole

public void removeRole(String roleName)
                throws RbacObjectNotFoundException,
                       RbacManagerException

Description copied from interface: RBACManager

Removes the role with the given name from the datastore.

Specified by:

removeRole in interface RBACManager

Parameters:

roleName - the role name

Throws:

RbacObjectNotFoundException - if the role with the given name was not found

RbacManagerException - if the access to the backend datastore failed

removeRoleById

public void removeRoleById(String id)
                    throws RbacManagerException

Description copied from interface: RBACManager

Removes the role with the given id from the datastore.

Specified by:

removeRoleById in interface RBACManager

Parameters:

id - the role id

Throws:

RbacObjectNotFoundException - if no role with the given id was found

RbacManagerException - if the access to the backend datastore failed

removePermission

public void removePermission(String permissionName)
                      throws RbacObjectNotFoundException,
                             RbacManagerException

Specified by:

removePermission in interface RBACManager

Throws:

RbacObjectNotFoundException

RbacManagerException

removeOperation

public void removeOperation(String operationName)
                     throws RbacObjectNotFoundException,
                            RbacManagerException

Specified by:

removeOperation in interface RBACManager

Throws:

RbacObjectNotFoundException

RbacManagerException

removeResource

public void removeResource(String resourceIdentifier)
                    throws RbacObjectNotFoundException,
                           RbacManagerException

Specified by:

removeResource in interface RBACManager

Throws:

RbacObjectNotFoundException

RbacManagerException

removeUserAssignment

public void removeUserAssignment(String principal)
                          throws RbacObjectNotFoundException,
                                 RbacManagerException

Description copied from interface: RBACManager

Method removeAssignment

Specified by:

removeUserAssignment in interface RBACManager

Parameters:

principal - the principal for which the assignment should be removed

Throws:

RbacObjectNotFoundException - if the user with the given principal name was not found

RbacObjectInvalidException - if the principal string was invalid

RbacManagerException - if the access to the backend datastore failed

resourceExists

public boolean resourceExists(Resource resource)

Specified by:

resourceExists in interface RBACManager

resourceExists

public boolean resourceExists(String identifier)

Specified by:

resourceExists in interface RBACManager

operationExists

public boolean operationExists(Operation operation)

Specified by:

operationExists in interface RBACManager

operationExists

public boolean operationExists(String name)

Specified by:

operationExists in interface RBACManager

permissionExists

public boolean permissionExists(Permission permission)

Specified by:

permissionExists in interface RBACManager

permissionExists

public boolean permissionExists(String name)

Description copied from interface: RBACManager

Tests for the existence of a permission.

Specified by:

permissionExists in interface RBACManager

Parameters:

name - the name to test for.

Returns:

true if permission exists.

roleExists

public boolean roleExists(Role role)
                   throws RbacManagerException

Description copied from interface: RBACManager

Returns true, if the given role exists.

Specified by:

roleExists in interface RBACManager

Parameters:

role - the role to check

Returns:

true, if the role exists, otherwise false

Throws:

RbacManagerException - if the access to the backend datastore failed

roleExists

public boolean roleExists(String name)
                   throws RbacManagerException

Description copied from interface: RBACManager

Tests for the existence of a Role.

Specified by:

roleExists in interface RBACManager

Returns:

true if role exists in store.

Throws:

RbacManagerException - if the access to the backend datastore failed

roleExistsById

public boolean roleExistsById(String id)
                       throws RbacManagerException

Description copied from interface: RBACManager

Returns true, if a role with the given id exists.

Specified by:

roleExistsById in interface RBACManager

Parameters:

id - the role id

Returns:

true, if the role with the given id exists, otherwise false

Throws:

RbacManagerException - if the access to the backend datastore failed

userAssignmentExists

public boolean userAssignmentExists(String principal)

Specified by:

userAssignmentExists in interface RBACManager

userAssignmentExists

public boolean userAssignmentExists(UserAssignment assignment)

Specified by:

userAssignmentExists in interface RBACManager

getAssignedPermissions

public Set<? extends Permission> getAssignedPermissions(String principal)
                                                 throws RbacObjectNotFoundException,
                                                        RbacManagerException

returns a set of all permissions that are in all active roles for a given principal

Specified by:

getAssignedPermissions in interface RBACManager

Parameters:

principal -

Returns:

Throws:

RbacObjectNotFoundException

RbacManagerException

getAssignedPermissionMap

public Map<String,List<? extends Permission>> getAssignedPermissionMap(String principal)
                                                                      throws RbacObjectNotFoundException,
                                                                             RbacManagerException

returns a map of assigned permissions keyed off of operations

Specified by:

getAssignedPermissionMap in interface RBACManager

Parameters:

principal -

Returns:

Throws:

RbacObjectNotFoundException

RbacManagerException

getAllAssignableRoles

public List<Role> getAllAssignableRoles()
                                 throws RbacManagerException,
                                        RbacObjectNotFoundException

Description copied from interface: RBACManager

Returns a list of all assignable roles

Specified by:

getAllAssignableRoles in interface RBACManager

Returns:

list of assignable roles

Throws:

RbacManagerException - if the access to the backend datastore failed

RbacObjectNotFoundException

getAssignedRoles

public Collection<Role> getAssignedRoles(String principal)
                                  throws RbacObjectNotFoundException,
                                         RbacManagerException

returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then use getAssignedPermissions(String principal)

Specified by:

getAssignedRoles in interface RBACManager

Parameters:

principal -

Returns:

Throws:

RbacObjectNotFoundException

RbacManagerException

getAssignedRoles

public Collection<Role> getAssignedRoles(UserAssignment ua)
                                  throws RbacObjectNotFoundException,
                                         RbacManagerException

returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.

Specified by:

getAssignedRoles in interface RBACManager

Parameters:

ua -

Returns:

Throws:

RbacObjectNotFoundException

RbacManagerException

getEffectivelyAssignedRoles

public Collection<Role> getEffectivelyAssignedRoles(String principal)
                                             throws RbacObjectNotFoundException,
                                                    RbacManagerException

Description copied from interface: RBACManager

Get a list of the effectively assigned roles to the specified user, this includes child roles

Specified by:

getEffectivelyAssignedRoles in interface RBACManager

Parameters:

principal - the user principal

Returns:

the list of roles effectively assigned to the given user

Throws:

RbacObjectNotFoundException - if the user with the given principal was not found

RbacManagerException - if the access to the backend datastore failed

getEffectivelyAssignedRoles

public Collection<Role> getEffectivelyAssignedRoles(UserAssignment ua)
                                             throws RbacObjectNotFoundException,
                                                    RbacManagerException

Throws:

RbacObjectNotFoundException

RbacManagerException

getEffectivelyUnassignedRoles

public Collection<Role> getEffectivelyUnassignedRoles(String principal)
                                               throws RbacManagerException,
                                                      RbacObjectNotFoundException

Description copied from interface: RBACManager

Get a list of all assignable roles that are currently not effectively assigned to the specific user, meaning, not a child of any already granted role

Specified by:

getEffectivelyUnassignedRoles in interface RBACManager

Parameters:

principal -

Returns:

Throws:

RbacManagerException

RbacObjectNotFoundException

getUnassignedRoles

public Collection<Role> getUnassignedRoles(String principal)
                                    throws RbacManagerException,
                                           RbacObjectNotFoundException

Description copied from interface: RBACManager

Get a list of all assignable roles that are currently not assigned to the specific user.

Specified by:

getUnassignedRoles in interface RBACManager

Parameters:

principal -

Returns:

Throws:

RbacManagerException

RbacObjectNotFoundException

getGlobalResource

public Resource getGlobalResource()
                           throws RbacManagerException

Description copied from interface: RBACManager

Returns the global resource object

Specified by:

getGlobalResource in interface RBACManager

Returns:

the global resource object

Throws:

RbacManagerException - if the access to the backend datastore failed

addChildRole

public void addChildRole(Role role,
                         Role childRole)
                  throws RbacObjectInvalidException,
                         RbacManagerException

Description copied from interface: RBACManager

Adds a child to a role.

Specified by:

addChildRole in interface RBACManager

Parameters:

role - the parent role

childRole - the child role, that is added to the parent role

Throws:

RbacObjectInvalidException - if one of the role objects was not valid

RbacManagerException - if the access to the backend datastore failed

getChildRoleNames

public Map<String,? extends Role> getChildRoleNames(Role role)
                                                   throws RbacManagerException

Description copied from interface: RBACManager

Returns all the child roles of a given role as (name, role) pairs.

Specified by:

getChildRoleNames in interface RBACManager

Parameters:

role - the parent role

Returns:

the list of child roles

Throws:

RbacManagerException - if the access to the backend datastore failed

getChildRoleIds

public Map<String,? extends Role> getChildRoleIds(Role role)
                                                 throws RbacManagerException

Description copied from interface: RBACManager

Returns all the child roles of a given role as (role id, role) pairs.

Specified by:

getChildRoleIds in interface RBACManager

Parameters:

role - the parent role

Returns:

the map of child roles as (role id, role) pairs

Throws:

RbacManagerException - if the access to the backend datastore failed

getParentRoleNames

public Map<String,? extends Role> getParentRoleNames(Role role)
                                                    throws RbacManagerException

Description copied from interface: RBACManager

Returns all the parent roles of a given role as map of (name, role) elements.

Specified by:

getParentRoleNames in interface RBACManager

Parameters:

role - the role to check for parent roles

Returns:

the list of parent roles that have role als child

Throws:

RbacManagerException - if the access to the backend datastore failed

getParentRoleIds

public Map<String,? extends Role> getParentRoleIds(Role role)
                                                  throws RbacManagerException

Description copied from interface: RBACManager

Returns all the parent roles of a given role as map of (id, role) elements.

Specified by:

getParentRoleIds in interface RBACManager

Parameters:

role - the role to check for parents roles

Returns:

a map of (role id, role) pairs that have role as child

Throws:

RbacManagerException - if the access to the backend datastore failed

getEffectiveRoles

public Set<? extends Role> getEffectiveRoles(Role role)
                                      throws RbacObjectNotFoundException,
                                             RbacManagerException

Description copied from interface: RBACManager

Returns all effective roles. Which means a list with the current role and all child roles recursively.

Specified by:

getEffectiveRoles in interface RBACManager

Parameters:

role - the role to use as starting point

Returns:

the set of roles that are found as children of the given role

Throws:

RbacObjectNotFoundException - if the given role was not found

RbacManagerException - if the access to the backend datastore failed

getRoles

public Map<String,? extends Role> getRoles(Collection<String> roleNames)
                                          throws RbacObjectNotFoundException,
                                                 RbacManagerException

Description copied from interface: RBACManager

Returns the role instances for the given role names.

Specified by:

getRoles in interface RBACManager

Parameters:

roleNames - the list of role names.

Returns:

a map of (name,role) pairs

Throws:

RbacObjectNotFoundException - if one of the given roles was not found

RbacManagerException - if the access to the backend datastore failed