Package org.apache.archiva.redback.rbac
Class AbstractRBACManager
- java.lang.Object
-
- org.apache.archiva.redback.rbac.AbstractRBACManager
-
- All Implemented Interfaces:
RBACManager
- Direct Known Subclasses:
JpaRbacManager
,LdapRbacManager
,MemoryRbacManager
public abstract class AbstractRBACManager extends Object implements RBACManager
AbstractRBACManager- Author:
- Joakim Erdfelt
-
-
Constructor Summary
Constructors Constructor Description AbstractRBACManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addChildRole(Role role, Role childRole)
Adds a child to a role.void
addListener(RBACManagerListener listener)
Role
createRole(String name)
void
fireRbacInit(boolean freshdb)
void
fireRbacPermissionRemoved(Permission permission)
void
fireRbacPermissionSaved(Permission permission)
void
fireRbacRoleRemoved(Role role)
void
fireRbacRoleSaved(Role role)
void
fireRbacUserAssignmentRemoved(UserAssignment userAssignment)
void
fireRbacUserAssignmentSaved(UserAssignment userAssignment)
List<Role>
getAllAssignableRoles()
Returns a list of all assignable rolesMap<String,List<? extends Permission>>
getAssignedPermissionMap(String principal)
returns a map of assigned permissions keyed off of operationsSet<? extends Permission>
getAssignedPermissions(String principal)
returns a set of all permissions that are in all active roles for a given principalCollection<Role>
getAssignedRoles(String principal)
returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then usegetAssignedPermissions(String principal)
Collection<Role>
getAssignedRoles(UserAssignment ua)
returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.Map<String,? extends Role>
getChildRoleIds(Role role)
Returns all the child roles of a given role as (role id, role) pairs.Map<String,? extends Role>
getChildRoleNames(Role role)
Returns all the child roles of a given role as (name, role) pairs.Collection<Role>
getEffectivelyAssignedRoles(String principal)
Get a list of the effectively assigned roles to the specified user, this includes child rolesCollection<Role>
getEffectivelyAssignedRoles(UserAssignment ua)
Collection<Role>
getEffectivelyUnassignedRoles(String principal)
Get a list of all assignable roles that are currently not effectively assigned to the specific user, meaning, not a child of any already granted roleSet<? extends Role>
getEffectiveRoles(Role role)
Returns all effective roles.Resource
getGlobalResource()
Returns the global resource objectMap<String,? extends Role>
getParentRoleIds(Role role)
Returns all the parent roles of a given role as map of (id, role) elements.Map<String,? extends Role>
getParentRoleNames(Role role)
Returns all the parent roles of a given role as map of (name, role) elements.Map<String,? extends Role>
getRoles(Collection<String> roleNames)
Returns the role instances for the given role names.Collection<Role>
getUnassignedRoles(String principal)
Get a list of all assignable roles that are currently not assigned to the specific user.void
initialize()
consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.boolean
isFinalImplementation()
boolean
operationExists(String name)
boolean
operationExists(Operation operation)
boolean
permissionExists(String name)
Tests for the existence of a permission.boolean
permissionExists(Permission permission)
void
removeListener(RBACManagerListener listener)
void
removeOperation(String operationName)
void
removePermission(String permissionName)
void
removeResource(String resourceIdentifier)
void
removeRole(String roleName)
Removes the role with the given name from the datastore.void
removeRoleById(String id)
Removes the role with the given id from the datastore.void
removeUserAssignment(String principal)
Method removeAssignmentboolean
resourceExists(String identifier)
boolean
resourceExists(Resource resource)
boolean
roleExists(String name)
Tests for the existence of a Role.boolean
roleExists(Role role)
Returns true, if the given role exists.boolean
roleExistsById(String id)
Returnstrue
, if a role with the given id exists.boolean
userAssignmentExists(String principal)
boolean
userAssignmentExists(UserAssignment assignment)
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.archiva.redback.rbac.RBACManager
createOperation, createPermission, createPermission, createResource, createRole, createUserAssignment, eraseDatabase, getAllOperations, getAllPermissions, getAllResources, getAllRoles, getAllUserAssignments, getDescriptionKey, getOperation, getPermission, getResource, getRole, getRoleById, getUserAssignment, getUserAssignmentsForRoles, isReadOnly, removeOperation, removePermission, removeResource, removeRole, removeUserAssignment, saveOperation, savePermission, saveResource, saveRole, saveRoles, saveUserAssignment
-
-
-
-
Constructor Detail
-
AbstractRBACManager
public AbstractRBACManager()
-
-
Method Detail
-
initialize
@PostConstruct public void initialize()
Description copied from interface:RBACManager
consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.- Specified by:
initialize
in interfaceRBACManager
-
isFinalImplementation
public boolean isFinalImplementation()
- Specified by:
isFinalImplementation
in interfaceRBACManager
- Returns:
- true if this implementation is a final one and not a wrapper (configurable, cached)
-
addListener
public void addListener(RBACManagerListener listener)
- Specified by:
addListener
in interfaceRBACManager
-
removeListener
public void removeListener(RBACManagerListener listener)
- Specified by:
removeListener
in interfaceRBACManager
-
fireRbacInit
public void fireRbacInit(boolean freshdb)
-
fireRbacRoleSaved
public void fireRbacRoleSaved(Role role)
-
fireRbacRoleRemoved
public void fireRbacRoleRemoved(Role role)
-
fireRbacPermissionSaved
public void fireRbacPermissionSaved(Permission permission)
-
fireRbacPermissionRemoved
public void fireRbacPermissionRemoved(Permission permission)
-
fireRbacUserAssignmentSaved
public void fireRbacUserAssignmentSaved(UserAssignment userAssignment)
-
fireRbacUserAssignmentRemoved
public void fireRbacUserAssignmentRemoved(UserAssignment userAssignment)
-
createRole
public Role createRole(String name)
Description copied from interface:RBACManager
Creates an implementation specificRole
, or return an existingRole
, depending on the providedname
parameter. Note: Be sure to useRBACManager.saveRole(Role)
in order to persist any changes to the Role.- Specified by:
createRole
in interfaceRBACManager
- Parameters:
name
- the name.- Returns:
- the new
Role
object.
-
removeRole
public void removeRole(String roleName) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Removes the role with the given name from the datastore.- Specified by:
removeRole
in interfaceRBACManager
- Parameters:
roleName
- the role name- Throws:
RbacObjectNotFoundException
- if the role with the given name was not foundRbacManagerException
- if the access to the backend datastore failed
-
removeRoleById
public void removeRoleById(String id) throws RbacManagerException
Description copied from interface:RBACManager
Removes the role with the given id from the datastore.- Specified by:
removeRoleById
in interfaceRBACManager
- Parameters:
id
- the role id- Throws:
RbacObjectNotFoundException
- if no role with the given id was foundRbacManagerException
- if the access to the backend datastore failed
-
removePermission
public void removePermission(String permissionName) throws RbacObjectNotFoundException, RbacManagerException
- Specified by:
removePermission
in interfaceRBACManager
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
removeOperation
public void removeOperation(String operationName) throws RbacObjectNotFoundException, RbacManagerException
- Specified by:
removeOperation
in interfaceRBACManager
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
removeResource
public void removeResource(String resourceIdentifier) throws RbacObjectNotFoundException, RbacManagerException
- Specified by:
removeResource
in interfaceRBACManager
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
removeUserAssignment
public void removeUserAssignment(String principal) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Method removeAssignment- Specified by:
removeUserAssignment
in interfaceRBACManager
- Parameters:
principal
- the principal for which the assignment should be removed- Throws:
RbacObjectNotFoundException
- if the user with the given principal name was not foundRbacObjectInvalidException
- if the principal string was invalidRbacManagerException
- if the access to the backend datastore failed
-
resourceExists
public boolean resourceExists(Resource resource)
- Specified by:
resourceExists
in interfaceRBACManager
-
resourceExists
public boolean resourceExists(String identifier)
- Specified by:
resourceExists
in interfaceRBACManager
-
operationExists
public boolean operationExists(Operation operation)
- Specified by:
operationExists
in interfaceRBACManager
-
operationExists
public boolean operationExists(String name)
- Specified by:
operationExists
in interfaceRBACManager
-
permissionExists
public boolean permissionExists(Permission permission)
- Specified by:
permissionExists
in interfaceRBACManager
-
permissionExists
public boolean permissionExists(String name)
Description copied from interface:RBACManager
Tests for the existence of a permission.- Specified by:
permissionExists
in interfaceRBACManager
- Parameters:
name
- the name to test for.- Returns:
- true if permission exists.
-
roleExists
public boolean roleExists(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns true, if the given role exists.- Specified by:
roleExists
in interfaceRBACManager
- Parameters:
role
- the role to check- Returns:
true
, if the role exists, otherwisefalse
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
roleExists
public boolean roleExists(String name) throws RbacManagerException
Description copied from interface:RBACManager
Tests for the existence of a Role.- Specified by:
roleExists
in interfaceRBACManager
- Returns:
- true if role exists in store.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
roleExistsById
public boolean roleExistsById(String id) throws RbacManagerException
Description copied from interface:RBACManager
Returnstrue
, if a role with the given id exists.- Specified by:
roleExistsById
in interfaceRBACManager
- Parameters:
id
- the role id- Returns:
true
, if the role with the given id exists, otherwisefalse
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
userAssignmentExists
public boolean userAssignmentExists(String principal)
- Specified by:
userAssignmentExists
in interfaceRBACManager
-
userAssignmentExists
public boolean userAssignmentExists(UserAssignment assignment)
- Specified by:
userAssignmentExists
in interfaceRBACManager
-
getAssignedPermissions
public Set<? extends Permission> getAssignedPermissions(String principal) throws RbacObjectNotFoundException, RbacManagerException
returns a set of all permissions that are in all active roles for a given principal- Specified by:
getAssignedPermissions
in interfaceRBACManager
- Parameters:
principal
-- Returns:
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
getAssignedPermissionMap
public Map<String,List<? extends Permission>> getAssignedPermissionMap(String principal) throws RbacObjectNotFoundException, RbacManagerException
returns a map of assigned permissions keyed off of operations- Specified by:
getAssignedPermissionMap
in interfaceRBACManager
- Parameters:
principal
-- Returns:
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
getAllAssignableRoles
public List<Role> getAllAssignableRoles() throws RbacManagerException, RbacObjectNotFoundException
Description copied from interface:RBACManager
Returns a list of all assignable roles- Specified by:
getAllAssignableRoles
in interfaceRBACManager
- Returns:
- list of assignable roles
- Throws:
RbacManagerException
- if the access to the backend datastore failedRbacObjectNotFoundException
-
getAssignedRoles
public Collection<Role> getAssignedRoles(String principal) throws RbacObjectNotFoundException, RbacManagerException
returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then usegetAssignedPermissions(String principal)
- Specified by:
getAssignedRoles
in interfaceRBACManager
- Parameters:
principal
-- Returns:
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
getAssignedRoles
public Collection<Role> getAssignedRoles(UserAssignment ua) throws RbacObjectNotFoundException, RbacManagerException
returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.- Specified by:
getAssignedRoles
in interfaceRBACManager
- Parameters:
ua
-- Returns:
- Throws:
RbacObjectNotFoundException
RbacManagerException
-
getEffectivelyAssignedRoles
public Collection<Role> getEffectivelyAssignedRoles(String principal) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Get a list of the effectively assigned roles to the specified user, this includes child roles- Specified by:
getEffectivelyAssignedRoles
in interfaceRBACManager
- Parameters:
principal
- the user principal- Returns:
- the list of roles effectively assigned to the given user
- Throws:
RbacObjectNotFoundException
- if the user with the given principal was not foundRbacManagerException
- if the access to the backend datastore failed
-
getEffectivelyAssignedRoles
public Collection<Role> getEffectivelyAssignedRoles(UserAssignment ua) throws RbacObjectNotFoundException, RbacManagerException
-
getEffectivelyUnassignedRoles
public Collection<Role> getEffectivelyUnassignedRoles(String principal) throws RbacManagerException, RbacObjectNotFoundException
Description copied from interface:RBACManager
Get a list of all assignable roles that are currently not effectively assigned to the specific user, meaning, not a child of any already granted role- Specified by:
getEffectivelyUnassignedRoles
in interfaceRBACManager
- Parameters:
principal
-- Returns:
- Throws:
RbacManagerException
RbacObjectNotFoundException
-
getUnassignedRoles
public Collection<Role> getUnassignedRoles(String principal) throws RbacManagerException, RbacObjectNotFoundException
Description copied from interface:RBACManager
Get a list of all assignable roles that are currently not assigned to the specific user.- Specified by:
getUnassignedRoles
in interfaceRBACManager
- Parameters:
principal
-- Returns:
- Throws:
RbacManagerException
RbacObjectNotFoundException
-
getGlobalResource
public Resource getGlobalResource() throws RbacManagerException
Description copied from interface:RBACManager
Returns the global resource object- Specified by:
getGlobalResource
in interfaceRBACManager
- Returns:
- the global resource object
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
addChildRole
public void addChildRole(Role role, Role childRole) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Adds a child to a role.- Specified by:
addChildRole
in interfaceRBACManager
- Parameters:
role
- the parent rolechildRole
- the child role, that is added to the parent role- Throws:
RbacObjectInvalidException
- if one of the role objects was not validRbacManagerException
- if the access to the backend datastore failed
-
getChildRoleNames
public Map<String,? extends Role> getChildRoleNames(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the child roles of a given role as (name, role) pairs.- Specified by:
getChildRoleNames
in interfaceRBACManager
- Parameters:
role
- the parent role- Returns:
- the list of child roles
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getChildRoleIds
public Map<String,? extends Role> getChildRoleIds(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the child roles of a given role as (role id, role) pairs.- Specified by:
getChildRoleIds
in interfaceRBACManager
- Parameters:
role
- the parent role- Returns:
- the map of child roles as (role id, role) pairs
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getParentRoleNames
public Map<String,? extends Role> getParentRoleNames(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the parent roles of a given role as map of (name, role) elements.- Specified by:
getParentRoleNames
in interfaceRBACManager
- Parameters:
role
- the role to check for parent roles- Returns:
- the list of parent roles that have
role
als child - Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getParentRoleIds
public Map<String,? extends Role> getParentRoleIds(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the parent roles of a given role as map of (id, role) elements.- Specified by:
getParentRoleIds
in interfaceRBACManager
- Parameters:
role
- the role to check for parents roles- Returns:
- a map of (role id, role) pairs that have
role
as child - Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getEffectiveRoles
public Set<? extends Role> getEffectiveRoles(Role role) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Returns all effective roles. Which means a list with the current role and all child roles recursively.- Specified by:
getEffectiveRoles
in interfaceRBACManager
- Parameters:
role
- the role to use as starting point- Returns:
- the set of roles that are found as children of the given role
- Throws:
RbacObjectNotFoundException
- if the given role was not foundRbacManagerException
- if the access to the backend datastore failed
-
getRoles
public Map<String,? extends Role> getRoles(Collection<String> roleNames) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Returns the role instances for the given role names.- Specified by:
getRoles
in interfaceRBACManager
- Parameters:
roleNames
- the list of role names.- Returns:
- a map of (name,role) pairs
- Throws:
RbacObjectNotFoundException
- if one of the given roles was not foundRbacManagerException
- if the access to the backend datastore failed
-
-