Class JpaRbacManager
- java.lang.Object
-
- org.apache.archiva.redback.rbac.AbstractRBACManager
-
- org.apache.archiva.redback.rbac.jpa.JpaRbacManager
-
- All Implemented Interfaces:
RBACManager
@Service("rbacManager#jpa") public class JpaRbacManager extends AbstractRBACManager
Created by martin on 20.09.16.
-
-
Field Summary
-
Fields inherited from class org.apache.archiva.redback.rbac.AbstractRBACManager
log
-
-
Constructor Summary
Constructors Constructor Description JpaRbacManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addChildRole(Role role, Role childRole)
Adds a child to a role.Operation
createOperation(String name)
Permission
createPermission(String name)
Creates an implementation specificPermission
, or return an existingPermission
, depending on the providedname
parameter.Permission
createPermission(String name, String operationName, String resourceIdentifier)
Resource
createResource(String identifier)
Role
createRole(String id, String name)
Creates a new role with the given id and role name.UserAssignment
createUserAssignment(String principal)
Creates an implementation specificUserAssignment
, or return an existingUserAssignment
, depending on the providedidentifier
parameter.void
eraseDatabase()
List<? extends Operation>
getAllOperations()
List<? extends Permission>
getAllPermissions()
List<? extends Resource>
getAllResources()
List<? extends Role>
getAllRoles()
Returns all roles defined in the datastore.List<? extends UserAssignment>
getAllUserAssignments()
Returns all user assignments definedMap<String,List<? extends Permission>>
getAssignedPermissionMap(String principal)
returns a map of assigned permissions keyed off of operationsMap<String,? extends Role>
getChildRoleIds(Role role)
Returns all the child roles of a given role as (role id, role) pairs.Map<String,? extends Role>
getChildRoleNames(Role role)
Returns all the child roles of a given role as (name, role) pairs.String
getDescriptionKey()
Resource
getGlobalResource()
Returns the global resource objectOperation
getOperation(String operationName)
Permission
getPermission(String permissionName)
Resource
getResource(String resourceIdentifier)
Role
getRole(String roleName)
Returns the role identified by the given nameRole
getRoleById(String id)
Returns the role identified by the given IDUserAssignment
getUserAssignment(String principal)
List<? extends UserAssignment>
getUserAssignmentsForRoles(Collection<String> roleIds)
Returns the assignments for the given rolesboolean
isFinalImplementation()
boolean
isReadOnly()
Is the RBACManager read only? if so then create and modify actions are to be disabledvoid
removeOperation(Operation operation)
void
removePermission(Permission permission)
void
removeResource(Resource resource)
void
removeRole(Role role)
Removes the given role from the datastore.void
removeUserAssignment(UserAssignment userAssignment)
Method removeAssignmentboolean
roleExists(String name)
Tests for the existence of a Role.boolean
roleExists(Role role)
Returns true, if the given role exists.boolean
roleExistsById(String id)
Returnstrue
, if a role with the given id exists.Operation
saveOperation(Operation operation)
Save the new or existing operation to the store.Permission
savePermission(Permission permission)
Resource
saveResource(Resource resource)
Role
saveRole(Role role)
Persists the given role to the backend datastore.void
saveRoles(Collection<Role> roles)
Persists all of the given roles to the backend datastore.UserAssignment
saveUserAssignment(UserAssignment userAssignment)
Method saveUserAssignmentvoid
setEntityManager(javax.persistence.EntityManager em)
-
Methods inherited from class org.apache.archiva.redback.rbac.AbstractRBACManager
addListener, createRole, fireRbacInit, fireRbacPermissionRemoved, fireRbacPermissionSaved, fireRbacRoleRemoved, fireRbacRoleSaved, fireRbacUserAssignmentRemoved, fireRbacUserAssignmentSaved, getAllAssignableRoles, getAssignedPermissions, getAssignedRoles, getAssignedRoles, getEffectivelyAssignedRoles, getEffectivelyAssignedRoles, getEffectivelyUnassignedRoles, getEffectiveRoles, getParentRoleIds, getParentRoleNames, getRoles, getUnassignedRoles, initialize, operationExists, operationExists, permissionExists, permissionExists, removeListener, removeOperation, removePermission, removeResource, removeRole, removeRoleById, removeUserAssignment, resourceExists, resourceExists, userAssignmentExists, userAssignmentExists
-
-
-
-
Constructor Detail
-
JpaRbacManager
public JpaRbacManager()
-
-
Method Detail
-
setEntityManager
public void setEntityManager(javax.persistence.EntityManager em)
-
createRole
public Role createRole(String id, String name)
Description copied from interface:RBACManager
Creates a new role with the given id and role name.- Parameters:
id
- the role identifier, which must be uniquename
- the role name, which must be unique- Returns:
- the new role instance
-
roleExistsById
public boolean roleExistsById(String id) throws RbacManagerException
Description copied from interface:RBACManager
Returnstrue
, if a role with the given id exists.- Specified by:
roleExistsById
in interfaceRBACManager
- Overrides:
roleExistsById
in classAbstractRBACManager
- Parameters:
id
- the role id- Returns:
true
, if the role with the given id exists, otherwisefalse
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
roleExists
public boolean roleExists(String name) throws RbacManagerException
Description copied from interface:RBACManager
Tests for the existence of a Role.- Specified by:
roleExists
in interfaceRBACManager
- Overrides:
roleExists
in classAbstractRBACManager
- Returns:
- true if role exists in store.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
roleExists
public boolean roleExists(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns true, if the given role exists.- Specified by:
roleExists
in interfaceRBACManager
- Overrides:
roleExists
in classAbstractRBACManager
- Parameters:
role
- the role to check- Returns:
true
, if the role exists, otherwisefalse
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
saveRole
public Role saveRole(Role role) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Persists the given role to the backend datastore.- Parameters:
role
- the role to save- Returns:
- the persisted role, if the method was successful
- Throws:
RbacObjectInvalidException
- if the given role object was not validRbacManagerException
- if the access to the backend datastore failed
-
getAssignedPermissionMap
public Map<String,List<? extends Permission>> getAssignedPermissionMap(String principal) throws RbacManagerException
Description copied from class:AbstractRBACManager
returns a map of assigned permissions keyed off of operations- Specified by:
getAssignedPermissionMap
in interfaceRBACManager
- Overrides:
getAssignedPermissionMap
in classAbstractRBACManager
- Parameters:
principal
- the user principal name- Returns:
- the map of (operation,permission list) pairs
- Throws:
RbacObjectNotFoundException
- if the user with the given principal was not foundRbacManagerException
- if the access to the backend datastore failed
-
getChildRoleNames
public Map<String,? extends Role> getChildRoleNames(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the child roles of a given role as (name, role) pairs.- Specified by:
getChildRoleNames
in interfaceRBACManager
- Overrides:
getChildRoleNames
in classAbstractRBACManager
- Parameters:
role
- the parent role- Returns:
- the list of child roles
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getChildRoleIds
public Map<String,? extends Role> getChildRoleIds(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the child roles of a given role as (role id, role) pairs.- Specified by:
getChildRoleIds
in interfaceRBACManager
- Overrides:
getChildRoleIds
in classAbstractRBACManager
- Parameters:
role
- the parent role- Returns:
- the map of child roles as (role id, role) pairs
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
addChildRole
public void addChildRole(Role role, Role childRole) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Adds a child to a role.- Specified by:
addChildRole
in interfaceRBACManager
- Overrides:
addChildRole
in classAbstractRBACManager
- Parameters:
role
- the parent rolechildRole
- the child role, that is added to the parent role- Throws:
RbacObjectInvalidException
- if one of the role objects was not validRbacManagerException
- if the access to the backend datastore failed
-
saveRoles
public void saveRoles(Collection<Role> roles) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Persists all of the given roles to the backend datastore. Implementations should try to save all role instances and throw exceptions afterwards.- Parameters:
roles
- the list of roles to save- Throws:
RbacObjectInvalidException
- if one of the given role objects was not validRbacManagerException
- if the access to the backend datastore failed
-
getRole
public Role getRole(String roleName) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Returns the role identified by the given name- Parameters:
roleName
- the role name- Returns:
- the role instance, if a role by this name was found
- Throws:
RbacObjectNotFoundException
- if not role was found with the given nameRbacManagerException
- if the access to the underlying datastore failed
-
getRoleById
public Role getRoleById(String id) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Returns the role identified by the given ID- Parameters:
id
- the role id- Returns:
- the role object, if the role with the given id exists
- Throws:
RbacObjectNotFoundException
- if no role was found with the given idRbacManagerException
- if the access to the underlying datastore failed
-
getAllRoles
public List<? extends Role> getAllRoles() throws RbacManagerException
Description copied from interface:RBACManager
Returns all roles defined in the datastore.- Returns:
- the list of roles defined in the datastore
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
removeRole
public void removeRole(Role role) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Removes the given role from the datastore.- Parameters:
role
- the role to remove- Throws:
RbacObjectNotFoundException
- if the given role was not foundRbacObjectInvalidException
- if the given role has invalid dataRbacManagerException
- if the access to the backend datastore failed
-
createPermission
public Permission createPermission(String name) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificPermission
, or return an existingPermission
, depending on the providedname
parameter. Note: Be sure to useRBACManager.savePermission(Permission)
in order to persist any changes to the Role.- Parameters:
name
- the name.- Returns:
- the new Permission.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
createPermission
public Permission createPermission(String name, String operationName, String resourceIdentifier) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificPermission
with specifiedOperation
, andResource
identifiers. Note: Be sure to useRBACManager.savePermission(Permission)
in order to persist any changes to the Role.- Parameters:
name
- the name.operationName
- theOperation.setName(String)
valueresourceIdentifier
- theResource.setIdentifier(String)
value- Returns:
- the new Permission.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
savePermission
public Permission savePermission(Permission permission) throws RbacObjectInvalidException, RbacManagerException
-
getPermission
public Permission getPermission(String permissionName) throws RbacObjectNotFoundException, RbacManagerException
-
getAllPermissions
public List<? extends Permission> getAllPermissions() throws RbacManagerException
- Throws:
RbacManagerException
-
removePermission
public void removePermission(Permission permission) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
-
createOperation
public Operation createOperation(String name) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificOperation
, or return an existingOperation
, depending on the providedname
parameter. Note: Be sure to useRBACManager.saveOperation(Operation)
in order to persist any changes to the Role.- Parameters:
name
- the name.- Returns:
- the new Operation.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
saveOperation
public Operation saveOperation(Operation operation) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Save the new or existing operation to the store.- Parameters:
operation
- the operation to save (new or existing)- Returns:
- the Operation that was saved.
- Throws:
RbacObjectInvalidException
- if the object is not valid and cannot be savedRbacManagerException
- if the access to the backend datastore failed
-
getOperation
public Operation getOperation(String operationName) throws RbacObjectNotFoundException, RbacManagerException
-
getAllOperations
public List<? extends Operation> getAllOperations() throws RbacManagerException
- Throws:
RbacManagerException
-
removeOperation
public void removeOperation(Operation operation) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
-
createResource
public Resource createResource(String identifier) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificResource
, or return an existingResource
, depending on the providedidentifier
parameter. Note: Be sure to useRBACManager.saveResource(Resource)
in order to persist any changes to the Role.- Parameters:
identifier
- the identifier.- Returns:
- the new Resource.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
saveResource
public Resource saveResource(Resource resource) throws RbacObjectInvalidException, RbacManagerException
-
getGlobalResource
public Resource getGlobalResource() throws RbacManagerException
Description copied from interface:RBACManager
Returns the global resource object- Specified by:
getGlobalResource
in interfaceRBACManager
- Overrides:
getGlobalResource
in classAbstractRBACManager
- Returns:
- the global resource object
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getResource
public Resource getResource(String resourceIdentifier) throws RbacObjectNotFoundException, RbacManagerException
-
getAllResources
public List<? extends Resource> getAllResources() throws RbacManagerException
- Throws:
RbacManagerException
-
removeResource
public void removeResource(Resource resource) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
-
createUserAssignment
public UserAssignment createUserAssignment(String principal) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificUserAssignment
, or return an existingUserAssignment
, depending on the providedidentifier
parameter. Note: Be sure to useRBACManager.saveUserAssignment(UserAssignment)
in order to persist any changes to the Role.- Parameters:
principal
- the principal reference to the user.- Returns:
- the new UserAssignment object.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
saveUserAssignment
public UserAssignment saveUserAssignment(UserAssignment userAssignment) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Method saveUserAssignment- Parameters:
userAssignment
- the user assignment instance to save- Throws:
RbacObjectInvalidException
- if the instance has invalid data and cannot be savedRbacManagerException
- if the access to the backend datastore failed
-
getUserAssignment
public UserAssignment getUserAssignment(String principal) throws RbacObjectNotFoundException, RbacManagerException
-
getAllUserAssignments
public List<? extends UserAssignment> getAllUserAssignments() throws RbacManagerException
Description copied from interface:RBACManager
Returns all user assignments defined- Returns:
- list of assignments
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getUserAssignmentsForRoles
public List<? extends UserAssignment> getUserAssignmentsForRoles(Collection<String> roleIds) throws RbacManagerException
Description copied from interface:RBACManager
Returns the assignments for the given roles- Parameters:
roleIds
- collection of role names- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
removeUserAssignment
public void removeUserAssignment(UserAssignment userAssignment) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Method removeAssignment- Parameters:
userAssignment
- the assignment to remove- Throws:
RbacObjectNotFoundException
- if the assignment was not foundRbacObjectInvalidException
- if the provided assignment instance has invalid dataRbacManagerException
- if the access to the backend datastore failed
-
eraseDatabase
public void eraseDatabase()
-
getDescriptionKey
public String getDescriptionKey()
- Returns:
- a key to be able to customize label in UI
-
isReadOnly
public boolean isReadOnly()
Description copied from interface:RBACManager
Is the RBACManager read only? if so then create and modify actions are to be disabled- Returns:
- boolean true if user manager is read only
-
isFinalImplementation
public boolean isFinalImplementation()
- Specified by:
isFinalImplementation
in interfaceRBACManager
- Overrides:
isFinalImplementation
in classAbstractRBACManager
- Returns:
- true if this implementation is a final one and not a wrapper (configurable, cached)
-
-