Package org.apache.archiva.redback.rbac.jpa

Class JpaRbacManager

java.lang.Object

org.apache.archiva.redback.rbac.AbstractRBACManager

org.apache.archiva.redback.rbac.jpa.JpaRbacManager

All Implemented Interfaces:

RBACManager

@Service("rbacManager#jpa")
public class JpaRbacManager
extends AbstractRBACManager

Created by martin on 20.09.16.

Field Summary

Fields inherited from class org.apache.archiva.redback.rbac.AbstractRBACManager

log

Constructor Summary

Constructors

Constructor	Description
JpaRbacManager()

Method Summary

Modifier and Type	Method	Description
void	addChildRole(Role role, Role childRole)	Adds a child to a role.
Operation	createOperation(String name)	Creates an implementation specific Operation, or return an existing Operation, depending on the provided name parameter.
Permission	createPermission(String name)	Creates an implementation specific Permission, or return an existing Permission, depending on the provided name parameter.
Permission	createPermission(String name, String operationName, String resourceIdentifier)	Creates an implementation specific Permission with specified Operation, and Resource identifiers.
Resource	createResource(String identifier)	Creates an implementation specific Resource, or return an existing Resource, depending on the provided identifier parameter.
Role	createRole(String id, String name)	Creates a new role with the given id and role name.
UserAssignment	createUserAssignment(String principal)	Creates an implementation specific UserAssignment, or return an existing UserAssignment, depending on the provided identifier parameter.
void	eraseDatabase()
List<? extends Operation>	getAllOperations()
List<? extends Permission>	getAllPermissions()
List<? extends Resource>	getAllResources()
List<? extends Role>	getAllRoles()	Returns all roles defined in the datastore.
List<? extends UserAssignment>	getAllUserAssignments()	Returns all user assignments defined
Map<String,List<? extends Permission>>	getAssignedPermissionMap(String principal)	returns a map of assigned permissions keyed off of operations
Map<String,? extends Role>	getChildRoleIds(Role role)	Returns all the child roles of a given role as (role id, role) pairs.
Map<String,? extends Role>	getChildRoleNames(Role role)	Returns all the child roles of a given role as (name, role) pairs.
String	getDescriptionKey()
Resource	getGlobalResource()	Returns the global resource object
Operation	getOperation(String operationName)
Permission	getPermission(String permissionName)
Resource	getResource(String resourceIdentifier)
Role	getRole(String roleName)	Returns the role identified by the given name
Role	getRoleById(String id)	Returns the role identified by the given ID
UserAssignment	getUserAssignment(String principal)
List<? extends UserAssignment>	getUserAssignmentsForRoles(Collection<String> roleIds)	Returns the assignments for the given roles
boolean	isFinalImplementation()
boolean	isReadOnly()	Is the RBACManager read only? if so then create and modify actions are to be disabled
void	removeOperation(Operation operation)
void	removePermission(Permission permission)
void	removeResource(Resource resource)
void	removeRole(Role role)	Removes the given role from the datastore.
void	removeUserAssignment(UserAssignment userAssignment)	Method removeAssignment
boolean	roleExists(String name)	Tests for the existence of a Role.
boolean	roleExists(Role role)	Returns true, if the given role exists.
boolean	roleExistsById(String id)	Returns true, if a role with the given id exists.
Operation	saveOperation(Operation operation)	Save the new or existing operation to the store.
Permission	savePermission(Permission permission)
Resource	saveResource(Resource resource)
Role	saveRole(Role role)	Persists the given role to the backend datastore.
void	saveRoles(Collection<Role> roles)	Persists all of the given roles to the backend datastore.
UserAssignment	saveUserAssignment(UserAssignment userAssignment)	Method saveUserAssignment
void	setEntityManager(javax.persistence.EntityManager em)

Methods inherited from class org.apache.archiva.redback.rbac.AbstractRBACManager

addListener, createRole, fireRbacInit, fireRbacPermissionRemoved, fireRbacPermissionSaved, fireRbacRoleRemoved, fireRbacRoleSaved, fireRbacUserAssignmentRemoved, fireRbacUserAssignmentSaved, getAllAssignableRoles, getAssignedPermissions, getAssignedRoles, getAssignedRoles, getEffectivelyAssignedRoles, getEffectivelyAssignedRoles, getEffectivelyUnassignedRoles, getEffectiveRoles, getParentRoleIds, getParentRoleNames, getRoles, getUnassignedRoles, initialize, operationExists, operationExists, permissionExists, permissionExists, removeListener, removeOperation, removePermission, removeResource, removeRole, removeRoleById, removeUserAssignment, resourceExists, resourceExists, userAssignmentExists, userAssignmentExists

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JpaRbacManager

public JpaRbacManager()

Method Detail

setEntityManager

public void setEntityManager(javax.persistence.EntityManager em)

createRole

public Role createRole(String id,
                       String name)

Description copied from interface: RBACManager

Creates a new role with the given id and role name.

Parameters:

id - the role identifier, which must be unique

name - the role name, which must be unique

Returns:

the new role instance

roleExistsById

public boolean roleExistsById(String id)
                       throws RbacManagerException

Description copied from interface: RBACManager

Returns true, if a role with the given id exists.

Specified by:

roleExistsById in interface RBACManager

Overrides:

roleExistsById in class AbstractRBACManager

Parameters:

id - the role id

Returns:

true, if the role with the given id exists, otherwise false

Throws:

RbacManagerException - if the access to the backend datastore failed

roleExists

public boolean roleExists(String name)
                   throws RbacManagerException

Description copied from interface: RBACManager

Tests for the existence of a Role.

Specified by:

roleExists in interface RBACManager

Overrides:

roleExists in class AbstractRBACManager

Returns:

true if role exists in store.

Throws:

RbacManagerException - if the access to the backend datastore failed

roleExists

public boolean roleExists(Role role)
                   throws RbacManagerException

Description copied from interface: RBACManager

Returns true, if the given role exists.

Specified by:

roleExists in interface RBACManager

Overrides:

roleExists in class AbstractRBACManager

Parameters:

role - the role to check

Returns:

true, if the role exists, otherwise false

Throws:

RbacManagerException - if the access to the backend datastore failed

saveRole

public Role saveRole(Role role)
              throws RbacObjectInvalidException,
                     RbacManagerException

Description copied from interface: RBACManager

Persists the given role to the backend datastore.

Parameters:

role - the role to save

Returns:

the persisted role, if the method was successful

Throws:

RbacObjectInvalidException - if the given role object was not valid

RbacManagerException - if the access to the backend datastore failed

getAssignedPermissionMap

public Map<String,List<? extends Permission>> getAssignedPermissionMap(String principal)
                                                                      throws RbacManagerException

Description copied from class: AbstractRBACManager

returns a map of assigned permissions keyed off of operations

Specified by:

getAssignedPermissionMap in interface RBACManager

Overrides:

getAssignedPermissionMap in class AbstractRBACManager

Parameters:

principal - the user principal name

Returns:

the map of (operation,permission list) pairs

Throws:

RbacObjectNotFoundException - if the user with the given principal was not found

RbacManagerException - if the access to the backend datastore failed

getChildRoleNames

public Map<String,? extends Role> getChildRoleNames(Role role)
                                                   throws RbacManagerException

Description copied from interface: RBACManager

Returns all the child roles of a given role as (name, role) pairs.

Specified by:

getChildRoleNames in interface RBACManager

Overrides:

getChildRoleNames in class AbstractRBACManager

Parameters:

role - the parent role

Returns:

the list of child roles

Throws:

RbacManagerException - if the access to the backend datastore failed

getChildRoleIds

public Map<String,? extends Role> getChildRoleIds(Role role)
                                                 throws RbacManagerException

Description copied from interface: RBACManager

Returns all the child roles of a given role as (role id, role) pairs.

Specified by:

getChildRoleIds in interface RBACManager

Overrides:

getChildRoleIds in class AbstractRBACManager

Parameters:

role - the parent role

Returns:

the map of child roles as (role id, role) pairs

Throws:

RbacManagerException - if the access to the backend datastore failed

addChildRole

public void addChildRole(Role role,
                         Role childRole)
                  throws RbacObjectInvalidException,
                         RbacManagerException

Description copied from interface: RBACManager

Adds a child to a role.

Specified by:

addChildRole in interface RBACManager

Overrides:

addChildRole in class AbstractRBACManager

Parameters:

role - the parent role

childRole - the child role, that is added to the parent role

Throws:

RbacObjectInvalidException - if one of the role objects was not valid

RbacManagerException - if the access to the backend datastore failed

saveRoles

public void saveRoles(Collection<Role> roles)
               throws RbacObjectInvalidException,
                      RbacManagerException

Description copied from interface: RBACManager

Persists all of the given roles to the backend datastore. Implementations should try to save all role instances and throw exceptions afterwards.

Parameters:

roles - the list of roles to save

Throws:

RbacObjectInvalidException - if one of the given role objects was not valid

RbacManagerException - if the access to the backend datastore failed

getRole

public Role getRole(String roleName)
             throws RbacObjectNotFoundException,
                    RbacManagerException

Description copied from interface: RBACManager

Returns the role identified by the given name

Parameters:

roleName - the role name

Returns:

the role instance, if a role by this name was found

Throws:

RbacObjectNotFoundException - if not role was found with the given name

RbacManagerException - if the access to the underlying datastore failed

getRoleById

public Role getRoleById(String id)
                 throws RbacObjectNotFoundException,
                        RbacManagerException

Description copied from interface: RBACManager

Returns the role identified by the given ID

Parameters:

id - the role id

Returns:

the role object, if the role with the given id exists

Throws:

RbacObjectNotFoundException - if no role was found with the given id

RbacManagerException - if the access to the underlying datastore failed

getAllRoles

public List<? extends Role> getAllRoles()
                                 throws RbacManagerException

Description copied from interface: RBACManager

Returns all roles defined in the datastore.

Returns:

the list of roles defined in the datastore

Throws:

RbacManagerException - if the access to the backend datastore failed

removeRole

public void removeRole(Role role)
                throws RbacObjectNotFoundException,
                       RbacObjectInvalidException,
                       RbacManagerException

Description copied from interface: RBACManager

Removes the given role from the datastore.

Parameters:

role - the role to remove

Throws:

RbacObjectNotFoundException - if the given role was not found

RbacObjectInvalidException - if the given role has invalid data

RbacManagerException - if the access to the backend datastore failed

createPermission

public Permission createPermission(String name)
                            throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Permission, or return an existing Permission, depending on the provided name parameter. Note: Be sure to use RBACManager.savePermission(Permission) in order to persist any changes to the Role.

Parameters:

name - the name.

Returns:

the new Permission.

Throws:

RbacManagerException - if the access to the backend datastore failed

createPermission

public Permission createPermission(String name,
                                   String operationName,
                                   String resourceIdentifier)
                            throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Permission with specified Operation, and Resource identifiers. Note: Be sure to use RBACManager.savePermission(Permission) in order to persist any changes to the Role.

Parameters:

name - the name.

operationName - the Operation.setName(String) value

resourceIdentifier - the Resource.setIdentifier(String) value

Returns:

the new Permission.

Throws:

RbacManagerException - if the access to the backend datastore failed

savePermission

public Permission savePermission(Permission permission)
                          throws RbacObjectInvalidException,
                                 RbacManagerException

Throws:

RbacObjectInvalidException

RbacManagerException

getPermission

public Permission getPermission(String permissionName)
                         throws RbacObjectNotFoundException,
                                RbacManagerException

Throws:

RbacObjectNotFoundException

RbacManagerException

getAllPermissions

public List<? extends Permission> getAllPermissions()
                                             throws RbacManagerException

Throws:

RbacManagerException

removePermission

public void removePermission(Permission permission)
                      throws RbacObjectNotFoundException,
                             RbacObjectInvalidException,
                             RbacManagerException

Throws:

RbacObjectNotFoundException

RbacObjectInvalidException

RbacManagerException

createOperation

public Operation createOperation(String name)
                          throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Operation, or return an existing Operation, depending on the provided name parameter. Note: Be sure to use RBACManager.saveOperation(Operation) in order to persist any changes to the Role.

Parameters:

name - the name.

Returns:

the new Operation.

Throws:

RbacManagerException - if the access to the backend datastore failed

saveOperation

public Operation saveOperation(Operation operation)
                        throws RbacObjectInvalidException,
                               RbacManagerException

Description copied from interface: RBACManager

Save the new or existing operation to the store.

Parameters:

operation - the operation to save (new or existing)

Returns:

the Operation that was saved.

Throws:

RbacObjectInvalidException - if the object is not valid and cannot be saved

RbacManagerException - if the access to the backend datastore failed

getOperation

public Operation getOperation(String operationName)
                       throws RbacObjectNotFoundException,
                              RbacManagerException

Throws:

RbacObjectNotFoundException

RbacManagerException

getAllOperations

public List<? extends Operation> getAllOperations()
                                           throws RbacManagerException

Throws:

RbacManagerException

removeOperation

public void removeOperation(Operation operation)
                     throws RbacObjectNotFoundException,
                            RbacObjectInvalidException,
                            RbacManagerException

Throws:

RbacObjectNotFoundException

RbacObjectInvalidException

RbacManagerException

createResource

public Resource createResource(String identifier)
                        throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Resource, or return an existing Resource, depending on the provided identifier parameter. Note: Be sure to use RBACManager.saveResource(Resource) in order to persist any changes to the Role.

Parameters:

identifier - the identifier.

Returns:

the new Resource.

Throws:

RbacManagerException - if the access to the backend datastore failed

saveResource

public Resource saveResource(Resource resource)
                      throws RbacObjectInvalidException,
                             RbacManagerException

Throws:

RbacObjectInvalidException

RbacManagerException

getGlobalResource

public Resource getGlobalResource()
                           throws RbacManagerException

Description copied from interface: RBACManager

Returns the global resource object

Specified by:

getGlobalResource in interface RBACManager

Overrides:

getGlobalResource in class AbstractRBACManager

Returns:

the global resource object

Throws:

RbacManagerException - if the access to the backend datastore failed

getResource

public Resource getResource(String resourceIdentifier)
                     throws RbacObjectNotFoundException,
                            RbacManagerException

Throws:

RbacObjectNotFoundException

RbacManagerException

getAllResources

public List<? extends Resource> getAllResources()
                                         throws RbacManagerException

Throws:

RbacManagerException

removeResource

public void removeResource(Resource resource)
                    throws RbacObjectNotFoundException,
                           RbacObjectInvalidException,
                           RbacManagerException

Throws:

RbacObjectNotFoundException

RbacObjectInvalidException

RbacManagerException

createUserAssignment

public UserAssignment createUserAssignment(String principal)
                                    throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific UserAssignment, or return an existing UserAssignment, depending on the provided identifier parameter. Note: Be sure to use RBACManager.saveUserAssignment(UserAssignment) in order to persist any changes to the Role.

Parameters:

principal - the principal reference to the user.

Returns:

the new UserAssignment object.

Throws:

RbacManagerException - if the access to the backend datastore failed

saveUserAssignment

public UserAssignment saveUserAssignment(UserAssignment userAssignment)
                                  throws RbacObjectInvalidException,
                                         RbacManagerException

Description copied from interface: RBACManager

Method saveUserAssignment

Parameters:

userAssignment - the user assignment instance to save

Throws:

RbacObjectInvalidException - if the instance has invalid data and cannot be saved

RbacManagerException - if the access to the backend datastore failed

getUserAssignment

public UserAssignment getUserAssignment(String principal)
                                 throws RbacObjectNotFoundException,
                                        RbacManagerException

Throws:

RbacObjectNotFoundException

RbacManagerException

getAllUserAssignments

public List<? extends UserAssignment> getAllUserAssignments()
                                                     throws RbacManagerException

Description copied from interface: RBACManager

Returns all user assignments defined

Returns:

list of assignments

Throws:

RbacManagerException - if the access to the backend datastore failed

getUserAssignmentsForRoles

public List<? extends UserAssignment> getUserAssignmentsForRoles(Collection<String> roleIds)
                                                          throws RbacManagerException

Description copied from interface: RBACManager

Returns the assignments for the given roles

Parameters:

roleIds - collection of role names

Throws:

RbacManagerException - if the access to the backend datastore failed

removeUserAssignment

public void removeUserAssignment(UserAssignment userAssignment)
                          throws RbacObjectNotFoundException,
                                 RbacObjectInvalidException,
                                 RbacManagerException

Description copied from interface: RBACManager

Method removeAssignment

Parameters:

userAssignment - the assignment to remove

Throws:

RbacObjectNotFoundException - if the assignment was not found

RbacObjectInvalidException - if the provided assignment instance has invalid data

RbacManagerException - if the access to the backend datastore failed

eraseDatabase

public void eraseDatabase()

getDescriptionKey

public String getDescriptionKey()

Returns:

a key to be able to customize label in UI

isReadOnly

public boolean isReadOnly()

Description copied from interface: RBACManager

Is the RBACManager read only? if so then create and modify actions are to be disabled

Returns:

boolean true if user manager is read only

isFinalImplementation

public boolean isFinalImplementation()

Specified by:

isFinalImplementation in interface RBACManager

Overrides:

isFinalImplementation in class AbstractRBACManager

Returns:

true if this implementation is a final one and not a wrapper (configurable, cached)