| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| TurbineSecurity | 
 | 
 | 1.0;1 | 
| 1 |  package org.apache.turbine.services.security; | |
| 2 | ||
| 3 |  /* | |
| 4 |   * Licensed to the Apache Software Foundation (ASF) under one | |
| 5 |   * or more contributor license agreements.  See the NOTICE file | |
| 6 |   * distributed with this work for additional information | |
| 7 |   * regarding copyright ownership.  The ASF licenses this file | |
| 8 |   * to you under the Apache License, Version 2.0 (the | |
| 9 |   * "License"); you may not use this file except in compliance | |
| 10 |   * with the License.  You may obtain a copy of the License at | |
| 11 |   * | |
| 12 |   *   http://www.apache.org/licenses/LICENSE-2.0 | |
| 13 |   * | |
| 14 |   * Unless required by applicable law or agreed to in writing, | |
| 15 |   * software distributed under the License is distributed on an | |
| 16 |   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
| 17 |   * KIND, either express or implied.  See the License for the | |
| 18 |   * specific language governing permissions and limitations | |
| 19 |   * under the License. | |
| 20 |   */ | |
| 21 | ||
| 22 | ||
| 23 |  import org.apache.turbine.om.security.Group; | |
| 24 |  import org.apache.turbine.om.security.Permission; | |
| 25 |  import org.apache.turbine.om.security.Role; | |
| 26 |  import org.apache.turbine.om.security.User; | |
| 27 |  import org.apache.turbine.services.TurbineServices; | |
| 28 |  import org.apache.turbine.util.security.AccessControlList; | |
| 29 |  import org.apache.turbine.util.security.DataBackendException; | |
| 30 |  import org.apache.turbine.util.security.EntityExistsException; | |
| 31 |  import org.apache.turbine.util.security.GroupSet; | |
| 32 |  import org.apache.turbine.util.security.PasswordMismatchException; | |
| 33 |  import org.apache.turbine.util.security.PermissionSet; | |
| 34 |  import org.apache.turbine.util.security.RoleSet; | |
| 35 |  import org.apache.turbine.util.security.TurbineSecurityException; | |
| 36 |  import org.apache.turbine.util.security.UnknownEntityException; | |
| 37 | ||
| 38 |  /** | |
| 39 |   * This is a Facade class for SecurityService. | |
| 40 |   * | |
| 41 |   * This class provides static methods that call related methods of the | |
| 42 |   * implementation of SecurityService used by the System, according to | |
| 43 |   * the settings in TurbineResources. | |
| 44 |   * <br> | |
| 45 |   * | |
| 46 |   * <a name="global"> | |
| 47 |   * <p> Certain Roles that the Users may have in the system may are not related | |
| 48 |   * to any specific resource nor entity. They are assigned within a special group | |
| 49 |   * named 'global' that can be referenced in the code as | |
| 50 |   * {@link org.apache.turbine.om.security.Group#GLOBAL_GROUP_NAME}. | |
| 51 |   * | |
| 52 |   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a> | |
| 53 |   * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a> | |
| 54 |   * @version $Id: TurbineSecurity.java 1096130 2011-04-23 10:37:19Z ludwig $ | |
| 55 |   */ | |
| 56 | 0 |  public abstract class TurbineSecurity | 
| 57 |  { | |
| 58 |      /** | |
| 59 |       * Retrieves an implementation of SecurityService, base on the settings in | |
| 60 |       * TurbineResources. | |
| 61 |       * | |
| 62 |       * @return an implementation of SecurityService. | |
| 63 |       */ | |
| 64 | public static SecurityService getService() | |
| 65 |      { | |
| 66 | 32 |          return (SecurityService) TurbineServices.getInstance(). | 
| 67 | getService(SecurityService.SERVICE_NAME); | |
| 68 | } | |
| 69 | ||
| 70 |      /*----------------------------------------------------------------------- | |
| 71 |        Management of User objects | |
| 72 |        -----------------------------------------------------------------------*/ | |
| 73 | ||
| 74 |      /** | |
| 75 |       * This method provides client-side encryption of passwords. | |
| 76 |       * | |
| 77 |       * This is an utility method that is used by other classes to maintain | |
| 78 |       * a consistent approach to encrypting password. The behavior of the | |
| 79 |       * method can be configured in service's properties. | |
| 80 |       * | |
| 81 |       * @param password the password to process | |
| 82 |       * @return processed password | |
| 83 |       */ | |
| 84 | public static String encryptPassword(String password) | |
| 85 |      { | |
| 86 | 0 |          return getService().encryptPassword(password); | 
| 87 | } | |
| 88 | ||
| 89 |      /** | |
| 90 |       * This method provides client-side encryption of passwords. | |
| 91 |       * | |
| 92 |       * This is an utility method that is used by other classes to maintain | |
| 93 |       * a consistent approach to encrypting password. The behavior of the | |
| 94 |       * method can be configured in service's properties. | |
| 95 |       * | |
| 96 |       * @param password the password to process | |
| 97 |       * @param salt the supplied salt to encrypt the password | |
| 98 |       * @return processed password | |
| 99 |       */ | |
| 100 | public static String encryptPassword(String password, String salt) | |
| 101 |      { | |
| 102 | 0 |          return getService().encryptPassword(password, salt); | 
| 103 | } | |
| 104 | ||
| 105 |      /** | |
| 106 |       * Checks if a supplied password matches the encrypted password | |
| 107 |       * | |
| 108 |       * @param checkpw      The clear text password supplied by the user | |
| 109 |       * @param encpw        The current, encrypted password | |
| 110 |       * | |
| 111 |       * @return true if the password matches, else false | |
| 112 |       * | |
| 113 |       */ | |
| 114 | ||
| 115 | public static boolean checkPassword(String checkpw, String encpw) | |
| 116 |      { | |
| 117 | 0 |          return getService().checkPassword(checkpw, encpw); | 
| 118 | } | |
| 119 | ||
| 120 |      /*----------------------------------------------------------------------- | |
| 121 |        Getting Object Classes | |
| 122 |        -----------------------------------------------------------------------*/ | |
| 123 | ||
| 124 |      /** | |
| 125 |       * Returns the Class object for the implementation of User interface | |
| 126 |       * used by the system. | |
| 127 |       * | |
| 128 |       * @return the implementation of User interface used by the system. | |
| 129 |       * @throws UnknownEntityException if the system's implementation of User | |
| 130 |       *         interface could not be determined. | |
| 131 |       */ | |
| 132 | public static Class getUserClass() | |
| 133 |              throws UnknownEntityException | |
| 134 |      { | |
| 135 | 0 |          return getService().getUserClass(); | 
| 136 | } | |
| 137 | ||
| 138 |      /** | |
| 139 |       * Returns the Class object for the implementation of Group interface | |
| 140 |       * used by the system. | |
| 141 |       * | |
| 142 |       * @return the implementation of Group interface used by the system. | |
| 143 |       * @throws UnknownEntityException if the system's implementation of Group | |
| 144 |       *         interface could not be determined. | |
| 145 |       */ | |
| 146 | public static Class getGroupClass() | |
| 147 |          throws UnknownEntityException | |
| 148 |      { | |
| 149 | 0 |          return getService().getGroupClass(); | 
| 150 | } | |
| 151 | ||
| 152 |      /** | |
| 153 |       * Returns the Class object for the implementation of Permission interface | |
| 154 |       * used by the system. | |
| 155 |       * | |
| 156 |       * @return the implementation of Permission interface used by the system. | |
| 157 |       * @throws UnknownEntityException if the system's implementation of Permission | |
| 158 |       *         interface could not be determined. | |
| 159 |       */ | |
| 160 | public static Class getPermissionClass() | |
| 161 |          throws UnknownEntityException | |
| 162 |      { | |
| 163 | 0 |          return getService().getPermissionClass(); | 
| 164 | } | |
| 165 | ||
| 166 |      /** | |
| 167 |       * Returns the Class object for the implementation of Role interface | |
| 168 |       * used by the system. | |
| 169 |       * | |
| 170 |       * @return the implementation of Role interface used by the system. | |
| 171 |       * @throws UnknownEntityException if the system's implementation of Role | |
| 172 |       *         interface could not be determined. | |
| 173 |       */ | |
| 174 | public static Class getRoleClass() | |
| 175 |          throws UnknownEntityException | |
| 176 |      { | |
| 177 | 0 |          return getService().getRoleClass(); | 
| 178 | } | |
| 179 | ||
| 180 |      /** | |
| 181 |       * Construct a blank User object. | |
| 182 |       * | |
| 183 |       * This method calls getUserClass, and then creates a new object using | |
| 184 |       * the default constructor. | |
| 185 |       * | |
| 186 |       * @return an object implementing User interface. | |
| 187 |       * @throws UnknownEntityException if the object could not be instantiated. | |
| 188 |       */ | |
| 189 | public static User getUserInstance() | |
| 190 |              throws UnknownEntityException | |
| 191 |      { | |
| 192 | 0 |          return getService().getUserInstance(); | 
| 193 | } | |
| 194 | ||
| 195 |      /** | |
| 196 |       * Returns the configured UserManager. | |
| 197 |       * | |
| 198 |       * @return An UserManager object | |
| 199 |       */ | |
| 200 | public static UserManager getUserManager() | |
| 201 |      { | |
| 202 | 0 |          return getService().getUserManager(); | 
| 203 | } | |
| 204 | ||
| 205 |      /** | |
| 206 |       * Configure a new user Manager. | |
| 207 |       * | |
| 208 |       * @param userManager An UserManager object | |
| 209 |       */ | |
| 210 | public void setUserManager(UserManager userManager) | |
| 211 |      { | |
| 212 | 0 |          getService().setUserManager(userManager); | 
| 213 | 0 |      } | 
| 214 | ||
| 215 |      /** | |
| 216 |       * Check whether a specified user's account exists. | |
| 217 |       * | |
| 218 |       * The login name is used for looking up the account. | |
| 219 |       * | |
| 220 |       * @param user The user to be checked. | |
| 221 |       * @return true if the specified account exists | |
| 222 |       * @throws DataBackendException if there was an error accessing the data | |
| 223 |       *         backend. | |
| 224 |       */ | |
| 225 | public static boolean accountExists(User user) | |
| 226 |              throws DataBackendException | |
| 227 |      { | |
| 228 | 0 |          return getService().accountExists(user); | 
| 229 | } | |
| 230 | ||
| 231 |      /** | |
| 232 |       * Check whether a specified user's account exists. | |
| 233 |       * | |
| 234 |       * The login name is used for looking up the account. | |
| 235 |       * | |
| 236 |       * @param userName The name of the user to be checked. | |
| 237 |       * @return true if the specified account exists | |
| 238 |       * @throws DataBackendException if there was an error accessing the data | |
| 239 |       *         backend. | |
| 240 |       */ | |
| 241 | public static boolean accountExists(String userName) | |
| 242 |              throws DataBackendException | |
| 243 |      { | |
| 244 | 0 |          return getService().accountExists(userName); | 
| 245 | } | |
| 246 | ||
| 247 |      /** | |
| 248 |       * Authenticates an user, and constructs an User object to represent | |
| 249 |       * him/her. | |
| 250 |       * | |
| 251 |       * @param username The user name. | |
| 252 |       * @param password The user password. | |
| 253 |       * @return An authenticated Turbine User. | |
| 254 |       * @throws DataBackendException if there was an error accessing the data | |
| 255 |       *         backend. | |
| 256 |       * @throws UnknownEntityException if user account is not present. | |
| 257 |       * @throws PasswordMismatchException if the supplied password was incorrect. | |
| 258 |       */ | |
| 259 | public static User getAuthenticatedUser(String username, String password) | |
| 260 |              throws DataBackendException, UnknownEntityException, | |
| 261 | PasswordMismatchException | |
| 262 |      { | |
| 263 | 2 |          return getService().getAuthenticatedUser(username, password); | 
| 264 | } | |
| 265 | ||
| 266 |      /** | |
| 267 |       * Constructs an User object to represent a registered user of the | |
| 268 |       * application. | |
| 269 |       * | |
| 270 |       * @param username The user name. | |
| 271 |       * @return A Turbine User. | |
| 272 |       * @throws DataBackendException if there was an error accessing the data | |
| 273 |       *         backend. | |
| 274 |       * @throws UnknownEntityException if user account is not present. | |
| 275 |       */ | |
| 276 | public static User getUser(String username) | |
| 277 |              throws DataBackendException, UnknownEntityException | |
| 278 |      { | |
| 279 | 0 |          return getService().getUser(username); | 
| 280 | } | |
| 281 | ||
| 282 |      /** | |
| 283 |       * Constructs an User object to represent an anonymous user of the | |
| 284 |       * application. | |
| 285 |       * | |
| 286 |       * @return An anonymous Turbine User. | |
| 287 |       * @throws UnknownEntityException if the anonymous User object couldn't be | |
| 288 |       *         constructed. | |
| 289 |       */ | |
| 290 | public static User getAnonymousUser() | |
| 291 |              throws UnknownEntityException | |
| 292 |      { | |
| 293 | 4 |          return getService().getAnonymousUser(); | 
| 294 | } | |
| 295 | ||
| 296 |      /** | |
| 297 |       * Checks whether a passed user object matches the anonymous user pattern | |
| 298 |       * according to the configured service | |
| 299 |       * | |
| 300 |       * @param user A user object | |
| 301 |       * @return True if this is an anonymous user | |
| 302 |       */ | |
| 303 | public static boolean isAnonymousUser(User user) | |
| 304 |      { | |
| 305 | 20 |          return getService().isAnonymousUser(user); | 
| 306 | } | |
| 307 | ||
| 308 |      /** | |
| 309 |       * Saves User's data in the permanent storage. The user account is required | |
| 310 |       * to exist in the storage. | |
| 311 |       * | |
| 312 |       * @param user The User object to save. | |
| 313 |       * @throws UnknownEntityException if the user's account does not | |
| 314 |       *         exist in the database. | |
| 315 |       * @throws DataBackendException if there is a problem accessing the | |
| 316 |       *         storage. | |
| 317 |       */ | |
| 318 | public static void saveUser(User user) | |
| 319 |              throws UnknownEntityException, DataBackendException | |
| 320 |      { | |
| 321 | 0 |          getService().saveUser(user); | 
| 322 | 0 |      } | 
| 323 | ||
| 324 |      /** | |
| 325 |       * Saves User data when the session is unbound. The user account is required | |
| 326 |       * to exist in the storage. | |
| 327 |       * | |
| 328 |       * LastLogin, AccessCounter, persistent pull tools, and any data stored | |
| 329 |       * in the permData hashtable that is not mapped to a column will be saved. | |
| 330 |       * | |
| 331 |       * @exception UnknownEntityException if the user's account does not | |
| 332 |       *            exist in the database. | |
| 333 |       * @exception DataBackendException if there is a problem accessing the | |
| 334 |       *            storage. | |
| 335 |       */ | |
| 336 | public static void saveOnSessionUnbind(User user) | |
| 337 |              throws UnknownEntityException, DataBackendException | |
| 338 |      { | |
| 339 | 0 |          getService().saveOnSessionUnbind(user); | 
| 340 | 0 |      } | 
| 341 | ||
| 342 |      /** | |
| 343 |       * Change the password for an User. | |
| 344 |       * | |
| 345 |       * @param user an User to change password for. | |
| 346 |       * @param oldPassword the current password supplied by the user. | |
| 347 |       * @param newPassword the current password requested by the user. | |
| 348 |       * @throws PasswordMismatchException if the supplied password was | |
| 349 |       *         incorrect. | |
| 350 |       * @throws UnknownEntityException if the user's record does not | |
| 351 |       *         exist in the database. | |
| 352 |       * @throws DataBackendException if there is a problem accessing the | |
| 353 |       *         storage. | |
| 354 |       */ | |
| 355 | public static void changePassword(User user, String oldPassword, | |
| 356 | String newPassword) | |
| 357 |              throws PasswordMismatchException, UnknownEntityException, | |
| 358 | DataBackendException | |
| 359 |      { | |
| 360 | 0 |          getService().changePassword(user, oldPassword, newPassword); | 
| 361 | 0 |      } | 
| 362 | ||
| 363 |      /** | |
| 364 |       * Forcibly sets new password for an User. | |
| 365 |       * | |
| 366 |       * This is supposed by the administrator to change the forgotten or | |
| 367 |       * compromised passwords. Certain implementatations of this feature | |
| 368 |       * would require administrative level access to the authenticating | |
| 369 |       * server / program. | |
| 370 |       * | |
| 371 |       * @param user an User to change password for. | |
| 372 |       * @param password the new password. | |
| 373 |       * @throws UnknownEntityException if the user's record does not | |
| 374 |       *         exist in the database. | |
| 375 |       * @throws DataBackendException if there is a problem accessing the | |
| 376 |       *         storage. | |
| 377 |       */ | |
| 378 | public static void forcePassword(User user, String password) | |
| 379 |              throws UnknownEntityException, DataBackendException | |
| 380 |      { | |
| 381 | 0 |          getService().forcePassword(user, password); | 
| 382 | 0 |      } | 
| 383 | ||
| 384 |      /*----------------------------------------------------------------------- | |
| 385 |        Creation of AccessControlLists | |
| 386 |        -----------------------------------------------------------------------*/ | |
| 387 | ||
| 388 |      /** | |
| 389 |       * Constructs an AccessControlList for a specific user. | |
| 390 |       * | |
| 391 |       * @param user the user for whom the AccessControlList are to be retrieved | |
| 392 |       * @return The AccessControList object constructed from the user object. | |
| 393 |       * @throws DataBackendException if there was an error accessing the data | |
| 394 |       *         backend. | |
| 395 |       * @throws UnknownEntityException if user account is not present. | |
| 396 |       */ | |
| 397 | public static AccessControlList getACL(User user) | |
| 398 |              throws DataBackendException, UnknownEntityException | |
| 399 |      { | |
| 400 | 2 |          return getService().getACL(user); | 
| 401 | } | |
| 402 | ||
| 403 |      /*----------------------------------------------------------------------- | |
| 404 |        Security management | |
| 405 |        -----------------------------------------------------------------------*/ | |
| 406 | ||
| 407 |      /** | |
| 408 |       * Grant an User a Role in a Group. | |
| 409 |       * | |
| 410 |       * @param user the user. | |
| 411 |       * @param group the group. | |
| 412 |       * @param role the role. | |
| 413 |       * @throws DataBackendException if there was an error accessing the data | |
| 414 |       *         backend. | |
| 415 |       * @throws UnknownEntityException if user account, group or role is not | |
| 416 |       *         present. | |
| 417 |       */ | |
| 418 | public static void grant(User user, Group group, Role role) | |
| 419 |              throws DataBackendException, UnknownEntityException | |
| 420 |      { | |
| 421 | 0 |          getService().grant(user, group, role); | 
| 422 | 0 |      } | 
| 423 | ||
| 424 |      /** | |
| 425 |       * Revoke a Role in a Group from an User. | |
| 426 |       * | |
| 427 |       * @param user the user. | |
| 428 |       * @param group the group. | |
| 429 |       * @param role the role. | |
| 430 |       * @throws DataBackendException if there was an error accessing the data | |
| 431 |       *         backend. | |
| 432 |       * @throws UnknownEntityException if user account, group or role is not | |
| 433 |       *         present. | |
| 434 |       */ | |
| 435 | public static void revoke(User user, Group group, Role role) | |
| 436 |              throws DataBackendException, UnknownEntityException | |
| 437 |      { | |
| 438 | 0 |          getService().revoke(user, group, role); | 
| 439 | 0 |      } | 
| 440 | ||
| 441 |      /** | |
| 442 |       * Revokes all roles from an User. | |
| 443 |       * | |
| 444 |       * This method is used when deleting an account. | |
| 445 |       * | |
| 446 |       * @param user the User. | |
| 447 |       * @throws DataBackendException if there was an error accessing the data | |
| 448 |       *         backend. | |
| 449 |       * @throws UnknownEntityException if the account is not present. | |
| 450 |       */ | |
| 451 | public static void revokeAll(User user) | |
| 452 |              throws DataBackendException, UnknownEntityException | |
| 453 |      { | |
| 454 | 0 |          getService().revokeAll(user); | 
| 455 | 0 |      } | 
| 456 | ||
| 457 |      /** | |
| 458 |       * Grants a Role a Permission | |
| 459 |       * | |
| 460 |       * @param role the Role. | |
| 461 |       * @param permission the Permission. | |
| 462 |       * @throws DataBackendException if there was an error accessing the data | |
| 463 |       *         backend. | |
| 464 |       * @throws UnknownEntityException if role or permission is not present. | |
| 465 |       */ | |
| 466 | public static void grant(Role role, Permission permission) | |
| 467 |              throws DataBackendException, UnknownEntityException | |
| 468 |      { | |
| 469 | 0 |          getService().grant(role, permission); | 
| 470 | 0 |      } | 
| 471 | ||
| 472 |      /** | |
| 473 |       * Revokes a Permission from a Role. | |
| 474 |       * | |
| 475 |       * @param role the Role. | |
| 476 |       * @param permission the Permission. | |
| 477 |       * @throws DataBackendException if there was an error accessing the data | |
| 478 |       *         backend. | |
| 479 |       * @throws UnknownEntityException if role or permission is not present. | |
| 480 |       */ | |
| 481 | public static void revoke(Role role, Permission permission) | |
| 482 |              throws DataBackendException, UnknownEntityException | |
| 483 |      { | |
| 484 | 0 |          getService().revoke(role, permission); | 
| 485 | 0 |      } | 
| 486 | ||
| 487 |      /** | |
| 488 |       * Revokes all permissions from a Role. | |
| 489 |       * | |
| 490 |       * This method is user when deleting a Role. | |
| 491 |       * | |
| 492 |       * @param role the Role | |
| 493 |       * @throws DataBackendException if there was an error accessing the data | |
| 494 |       *         backend. | |
| 495 |       * @throws  UnknownEntityException if the Role is not present. | |
| 496 |       */ | |
| 497 | public static void revokeAll(Role role) | |
| 498 |              throws DataBackendException, UnknownEntityException | |
| 499 |      { | |
| 500 | 0 |          getService().revokeAll(role); | 
| 501 | 0 |      } | 
| 502 | ||
| 503 |      /*----------------------------------------------------------------------- | |
| 504 |        Account management | |
| 505 |        -----------------------------------------------------------------------*/ | |
| 506 | ||
| 507 |      /** | |
| 508 |       * Creates new user account with specified attributes. | |
| 509 |       * | |
| 510 |       * <strong>TODO</strong> throw more specific exception<br> | |
| 511 |       * | |
| 512 |       * @param user the object describing account to be created. | |
| 513 |       * @param password password for the new user | |
| 514 |       * @throws DataBackendException if there was an error accessing the data | |
| 515 |       *         backend. | |
| 516 |       * @throws EntityExistsException if the user account already exists. | |
| 517 |       */ | |
| 518 | public static void addUser(User user, String password) | |
| 519 |              throws DataBackendException, EntityExistsException | |
| 520 |      { | |
| 521 | 0 |          getService().addUser(user, password); | 
| 522 | 0 |      } | 
| 523 | ||
| 524 |      /** | |
| 525 |       * Removes an user account from the system. | |
| 526 |       * | |
| 527 |       * <strong>TODO</strong> throw more specific exception<br> | |
| 528 |       * | |
| 529 |       * @param user the object describing the account to be removed. | |
| 530 |       * @throws DataBackendException if there was an error accessing the data | |
| 531 |       *         backend. | |
| 532 |       * @throws UnknownEntityException if the user account is not present. | |
| 533 |       */ | |
| 534 | public static void removeUser(User user) | |
| 535 |              throws DataBackendException, UnknownEntityException | |
| 536 |      { | |
| 537 | 0 |          getService().removeUser(user); | 
| 538 | 0 |      } | 
| 539 | ||
| 540 |      /*----------------------------------------------------------------------- | |
| 541 |        Group/Role/Permission management | |
| 542 |        -----------------------------------------------------------------------*/ | |
| 543 |      /** | |
| 544 |       * Provides a reference to the Group object that represents the | |
| 545 |       * <a name="global">global group</a>. | |
| 546 |       * | |
| 547 |       * @return a Group object that represents the global group. | |
| 548 |       */ | |
| 549 | public static Group getGlobalGroup() | |
| 550 |      { | |
| 551 | 0 |          return getService().getGlobalGroup(); | 
| 552 | } | |
| 553 | ||
| 554 |      /** | |
| 555 |       * Creates a new Group in the system. This is a convenience | |
| 556 |       * method. | |
| 557 |       * | |
| 558 |       * @param name The name of the new Group. | |
| 559 |       * @return An object representing the new Group. | |
| 560 |       * @throws TurbineSecurityException if the Group could not be created. | |
| 561 |       */ | |
| 562 | public static Group createGroup(String name) | |
| 563 |              throws TurbineSecurityException | |
| 564 |      { | |
| 565 | 0 |          return getService().addGroup(getGroupInstance(name)); | 
| 566 | } | |
| 567 | ||
| 568 |      /** | |
| 569 |       * Creates a new Permission in the system. This is a convenience | |
| 570 |       * method. | |
| 571 |       * | |
| 572 |       * @param name The name of the new Permission. | |
| 573 |       * @return An object representing the new Permission. | |
| 574 |       * @throws TurbineSecurityException if the Permission could not be created. | |
| 575 |       */ | |
| 576 | public static Permission createPermission(String name) | |
| 577 |              throws TurbineSecurityException | |
| 578 |      { | |
| 579 | 0 |          return getService().addPermission(getPermissionInstance(name)); | 
| 580 | } | |
| 581 | ||
| 582 |      /** | |
| 583 |       * Creates a new Role in the system. This is a convenience | |
| 584 |       * method. | |
| 585 |       * | |
| 586 |       * @param name The name of the Role. | |
| 587 |       * | |
| 588 |       * @return An object representing the new Role. | |
| 589 |       * | |
| 590 |       * @throws TurbineSecurityException if the Role could not be created. | |
| 591 |       */ | |
| 592 | public static Role createRole(String name) | |
| 593 |          throws TurbineSecurityException | |
| 594 |      { | |
| 595 | 0 |          return getService().addRole(getRoleInstance(name)); | 
| 596 | } | |
| 597 | ||
| 598 |      /** | |
| 599 |       * Retrieve a Group object with specified name. | |
| 600 |       * | |
| 601 |       * @param groupName The name of the Group to be retrieved. | |
| 602 |       * @return an object representing the Group with specified name. | |
| 603 |       * @throws DataBackendException if there was an error accessing the data | |
| 604 |       *         backend. | |
| 605 |       * @throws UnknownEntityException if the Group is not present. | |
| 606 |       */ | |
| 607 | public static Group getGroupByName(String groupName) | |
| 608 |              throws DataBackendException, UnknownEntityException | |
| 609 |      { | |
| 610 | 0 |          return getService().getGroupByName(groupName); | 
| 611 | } | |
| 612 | ||
| 613 |      /** | |
| 614 |       * Retrieve a Group object with specified Id. | |
| 615 |       * | |
| 616 |       * @param name the name of the Group. | |
| 617 |       * | |
| 618 |       * @return an object representing the Group with specified name. | |
| 619 |       * | |
| 620 |       * @exception UnknownEntityException if the permission does not | |
| 621 |       *            exist in the database. | |
| 622 |       * @exception DataBackendException if there is a problem accessing the | |
| 623 |       *            storage. | |
| 624 |       */ | |
| 625 | public static Group getGroupById(int groupId) | |
| 626 |              throws DataBackendException, | |
| 627 | UnknownEntityException | |
| 628 |      { | |
| 629 | 0 |          return getService().getGroupById(groupId); | 
| 630 | } | |
| 631 | ||
| 632 |      /** | |
| 633 |       * Construct a blank Group object. | |
| 634 |       * | |
| 635 |       * This method calls getGroupClass, and then creates a new object using | |
| 636 |       * the default constructor. | |
| 637 |       * | |
| 638 |       * @param groupName The name of the Group | |
| 639 |       * | |
| 640 |       * @return an object implementing Group interface. | |
| 641 |       * | |
| 642 |       * @throws UnknownEntityException if the object could not be instantiated. | |
| 643 |       */ | |
| 644 | public static Group getGroupInstance(String groupName) | |
| 645 |              throws UnknownEntityException | |
| 646 |      { | |
| 647 | 0 |          return getService().getGroupInstance(groupName); | 
| 648 | } | |
| 649 | ||
| 650 |      /** | |
| 651 |       * Construct a blank Role object. | |
| 652 |       * | |
| 653 |       * This method calls getRoleClass, and then creates a new object using | |
| 654 |       * the default constructor. | |
| 655 |       * | |
| 656 |       * @param roleName The name of the role. | |
| 657 |       * | |
| 658 |       * @return an object implementing Role interface. | |
| 659 |       * | |
| 660 |       * @throws UnknownEntityException if the object could not be instantiated. | |
| 661 |       */ | |
| 662 | public static Role getRoleInstance(String roleName) | |
| 663 |              throws UnknownEntityException | |
| 664 |      { | |
| 665 | 0 |          return getService().getRoleInstance(roleName); | 
| 666 | } | |
| 667 | ||
| 668 |      /** | |
| 669 |       * Construct a blank Permission object. | |
| 670 |       * | |
| 671 |       * This method calls getPermissionClass, and then creates a new object using | |
| 672 |       * the default constructor. | |
| 673 |       * | |
| 674 |       * @param permName The name of the permission. | |
| 675 |       * | |
| 676 |       * @return an object implementing Permission interface. | |
| 677 |       * @throws UnknownEntityException if the object could not be instantiated. | |
| 678 |       */ | |
| 679 | public static Permission getPermissionInstance(String permName) | |
| 680 |              throws UnknownEntityException | |
| 681 |      { | |
| 682 | 0 |          return getService().getPermissionInstance(permName); | 
| 683 | } | |
| 684 | ||
| 685 |      /** | |
| 686 |       * Retrieve a Role object with specified name. | |
| 687 |       * | |
| 688 |       * @param roleName The name of the Role to be retrieved. | |
| 689 |       * @return an object representing the Role with specified name. | |
| 690 |       * @throws DataBackendException if there was an error accessing the data | |
| 691 |       *         backend. | |
| 692 |       * @throws UnknownEntityException if the Role is not present. | |
| 693 |       */ | |
| 694 | public static Role getRoleByName(String roleName) | |
| 695 |              throws DataBackendException, UnknownEntityException | |
| 696 |      { | |
| 697 | 0 |          return getService().getRoleByName(roleName); | 
| 698 | } | |
| 699 | ||
| 700 |      /** | |
| 701 |       * Retrieve a Role object with specified Id. | |
| 702 |       * | |
| 703 |       * @param name the name of the Role. | |
| 704 |       * | |
| 705 |       * @return an object representing the Role with specified name. | |
| 706 |       * | |
| 707 |       * @exception UnknownEntityException if the permission does not | |
| 708 |       *            exist in the database. | |
| 709 |       * @exception DataBackendException if there is a problem accessing the | |
| 710 |       *            storage. | |
| 711 |       */ | |
| 712 | public static Role getRoleById(int roleId) | |
| 713 |              throws DataBackendException, | |
| 714 | UnknownEntityException | |
| 715 |      { | |
| 716 | 0 |          return getService().getRoleById(roleId); | 
| 717 | } | |
| 718 | ||
| 719 |      /** | |
| 720 |       * Retrieve a Permission object with specified name. | |
| 721 |       * | |
| 722 |       * @param permissionName The name of the Permission to be retrieved. | |
| 723 |       * @return an object representing the Permission with specified name. | |
| 724 |       * @throws DataBackendException if there was an error accessing the data | |
| 725 |       *         backend. | |
| 726 |       * @throws UnknownEntityException if the Permission is not present. | |
| 727 |       */ | |
| 728 | public static Permission getPermissionByName(String permissionName) | |
| 729 |              throws DataBackendException, UnknownEntityException | |
| 730 |      { | |
| 731 | 0 |          return getService().getPermissionByName(permissionName); | 
| 732 | } | |
| 733 | ||
| 734 |      /** | |
| 735 |       * Retrieve a Permission object with specified Id. | |
| 736 |       * | |
| 737 |       * @param name the name of the Permission. | |
| 738 |       * | |
| 739 |       * @return an object representing the Permission with specified name. | |
| 740 |       * | |
| 741 |       * @exception UnknownEntityException if the permission does not | |
| 742 |       *            exist in the database. | |
| 743 |       * @exception DataBackendException if there is a problem accessing the | |
| 744 |       *            storage. | |
| 745 |       */ | |
| 746 | public static Permission getPermissionById(int permissionId) | |
| 747 |              throws DataBackendException, | |
| 748 | UnknownEntityException | |
| 749 |      { | |
| 750 | 0 |          return getService().getPermissionById(permissionId); | 
| 751 | } | |
| 752 | ||
| 753 |      /** | |
| 754 |       * Retrieve a set of Groups that meet the specified Criteria. | |
| 755 |       * | |
| 756 |       * @param criteria A Criteria of Group selection. | |
| 757 |       * @return a set of Groups that meet the specified Criteria. | |
| 758 |       * @throws DataBackendException if there was an error accessing the data | |
| 759 |       *         backend. | |
| 760 |       */ | |
| 761 | public static GroupSet getGroups(Object criteria) | |
| 762 |              throws DataBackendException | |
| 763 |      { | |
| 764 | 0 |          return getService().getGroups(criteria); | 
| 765 | } | |
| 766 | ||
| 767 |      /** | |
| 768 |       * Retrieve a set of Roles that meet the specified Criteria. | |
| 769 |       * | |
| 770 |       * @param criteria a Criteria of Roles selection. | |
| 771 |       * @return a set of Roles that meet the specified Criteria. | |
| 772 |       * @throws DataBackendException if there was an error accessing the data | |
| 773 |       *         backend. | |
| 774 |       */ | |
| 775 | public static RoleSet getRoles(Object criteria) | |
| 776 |              throws DataBackendException | |
| 777 |      { | |
| 778 | 0 |          return getService().getRoles(criteria); | 
| 779 | } | |
| 780 | ||
| 781 |      /** | |
| 782 |       * Retrieve a set of Permissions that meet the specified Criteria. | |
| 783 |       * | |
| 784 |       * @param criteria a Criteria of Permissions selection. | |
| 785 |       * @return a set of Permissions that meet the specified Criteria. | |
| 786 |       * @throws DataBackendException if there was an error accessing the data | |
| 787 |       *         backend. | |
| 788 |       */ | |
| 789 | public static PermissionSet getPermissions(Object criteria) | |
| 790 |              throws DataBackendException | |
| 791 |      { | |
| 792 | 0 |          return getService().getPermissions(criteria); | 
| 793 | } | |
| 794 | ||
| 795 |      /** | |
| 796 |       * Retrieves all groups defined in the system. | |
| 797 |       * | |
| 798 |       * @return the names of all groups defined in the system. | |
| 799 |       * @throws DataBackendException if there was an error accessing the data | |
| 800 |       *         backend. | |
| 801 |       */ | |
| 802 | public static GroupSet getAllGroups() | |
| 803 |              throws DataBackendException | |
| 804 |      { | |
| 805 | 0 |          return getService().getAllGroups(); | 
| 806 | } | |
| 807 | ||
| 808 |      /** | |
| 809 |       * Retrieves all roles defined in the system. | |
| 810 |       * | |
| 811 |       * @return the names of all roles defined in the system. | |
| 812 |       * @throws DataBackendException if there was an error accessing the data | |
| 813 |       *         backend. | |
| 814 |       */ | |
| 815 | public static RoleSet getAllRoles() | |
| 816 |              throws DataBackendException | |
| 817 |      { | |
| 818 | 0 |          return getService().getAllRoles(); | 
| 819 | } | |
| 820 | ||
| 821 |      /** | |
| 822 |       * Retrieves all permissions defined in the system. | |
| 823 |       * | |
| 824 |       * @return the names of all roles defined in the system. | |
| 825 |       * @throws DataBackendException if there was an error accessing the data | |
| 826 |       *         backend. | |
| 827 |       */ | |
| 828 | public static PermissionSet getAllPermissions() | |
| 829 |              throws DataBackendException | |
| 830 |      { | |
| 831 | 0 |          return getService().getAllPermissions(); | 
| 832 | } | |
| 833 | ||
| 834 |      /** | |
| 835 |       * Retrieves all permissions associated with a role. | |
| 836 |       * | |
| 837 |       * @param role the role name, for which the permissions are to be retrieved. | |
| 838 |       * @return the Permissions for the specified role | |
| 839 |       * @throws DataBackendException if there was an error accessing the data | |
| 840 |       *         backend. | |
| 841 |       * @throws UnknownEntityException if the role is not present. | |
| 842 |       */ | |
| 843 | public static PermissionSet getPermissions(Role role) | |
| 844 |              throws DataBackendException, UnknownEntityException | |
| 845 |      { | |
| 846 | 0 |          return getService().getPermissions(role); | 
| 847 | } | |
| 848 | ||
| 849 |      /** | |
| 850 |       * Stores Group's attributes. The Groups is required to exist in the system. | |
| 851 |       * | |
| 852 |       * @param group The Group to be stored. | |
| 853 |       * @throws DataBackendException if there was an error accessing the data | |
| 854 |       *         backend. | |
| 855 |       * @throws UnknownEntityException if the group does not exist. | |
| 856 |       */ | |
| 857 | public static void saveGroup(Group group) | |
| 858 |              throws DataBackendException, UnknownEntityException | |
| 859 |      { | |
| 860 | 0 |          getService().saveGroup(group); | 
| 861 | 0 |      } | 
| 862 | ||
| 863 |      /** | |
| 864 |       * Stores Role's attributes. The Roles is required to exist in the system. | |
| 865 |       * | |
| 866 |       * @param role The Role to be stored. | |
| 867 |       * @throws DataBackendException if there was an error accessing the data | |
| 868 |       *         backend. | |
| 869 |       * @throws UnknownEntityException if the role does not exist. | |
| 870 |       */ | |
| 871 | public static void saveRole(Role role) | |
| 872 |              throws DataBackendException, UnknownEntityException | |
| 873 |      { | |
| 874 | 0 |          getService().saveRole(role); | 
| 875 | 0 |      } | 
| 876 | ||
| 877 |      /** | |
| 878 |       * Stores Permission's attributes. The Permissions is required to exist in | |
| 879 |       * the system. | |
| 880 |       * | |
| 881 |       * @param permission The Permission to be stored. | |
| 882 |       * @throws DataBackendException if there was an error accessing the data | |
| 883 |       *         backend. | |
| 884 |       * @throws UnknownEntityException if the permission does not exist. | |
| 885 |       */ | |
| 886 | public static void savePermission(Permission permission) | |
| 887 |              throws DataBackendException, UnknownEntityException | |
| 888 |      { | |
| 889 | 0 |          getService().savePermission(permission); | 
| 890 | 0 |      } | 
| 891 | ||
| 892 |      /** | |
| 893 |       * Creates a new group with specified attributes. | |
| 894 |       * | |
| 895 |       * @param group the object describing the group to be created. | |
| 896 |       * @throws DataBackendException if there was an error accessing the data | |
| 897 |       *         backend. | |
| 898 |       * @throws EntityExistsException if the group already exists. | |
| 899 |       */ | |
| 900 | public static void addGroup(Group group) | |
| 901 |              throws DataBackendException, EntityExistsException | |
| 902 |      { | |
| 903 | 0 |          getService().addGroup(group); | 
| 904 | 0 |      } | 
| 905 | ||
| 906 |      /** | |
| 907 |       * Creates a new role with specified attributes. | |
| 908 |       * | |
| 909 |       * @param role the objects describing the role to be created. | |
| 910 |       * @throws DataBackendException if there was an error accessing the data | |
| 911 |       *         backend. | |
| 912 |       * @throws EntityExistsException if the role already exists. | |
| 913 |       */ | |
| 914 | public static void addRole(Role role) | |
| 915 |              throws DataBackendException, EntityExistsException | |
| 916 |      { | |
| 917 | 0 |          getService().addRole(role); | 
| 918 | 0 |      } | 
| 919 | ||
| 920 |      /** | |
| 921 |       * Creates a new permission with specified attributes. | |
| 922 |       * | |
| 923 |       * @param permission the objects describing the permission to be created. | |
| 924 |       * @throws DataBackendException if there was an error accessing the data | |
| 925 |       *         backend. | |
| 926 |       * @throws EntityExistsException if the permission already exists. | |
| 927 |       */ | |
| 928 | public static void addPermission(Permission permission) | |
| 929 |              throws DataBackendException, EntityExistsException | |
| 930 |      { | |
| 931 | 0 |          getService().addPermission(permission); | 
| 932 | 0 |      } | 
| 933 | ||
| 934 |      /** | |
| 935 |       * Removes a Group from the system. | |
| 936 |       * | |
| 937 |       * @param group the object describing group to be removed. | |
| 938 |       * @throws DataBackendException if there was an error accessing the data | |
| 939 |       *         backend. | |
| 940 |       * @throws UnknownEntityException if the group does not exist. | |
| 941 |       */ | |
| 942 | public static void removeGroup(Group group) | |
| 943 |              throws DataBackendException, UnknownEntityException | |
| 944 |      { | |
| 945 | 0 |          getService().removeGroup(group); | 
| 946 | 0 |      } | 
| 947 | ||
| 948 |      /** | |
| 949 |       * Removes a Role from the system. | |
| 950 |       * | |
| 951 |       * @param role The object describing the role to be removed. | |
| 952 |       * @throws DataBackendException if there was an error accessing the data backend. | |
| 953 |       * @throws UnknownEntityException if the role does not exist. | |
| 954 |       */ | |
| 955 | public static void removeRole(Role role) | |
| 956 |              throws DataBackendException, UnknownEntityException | |
| 957 |      { | |
| 958 | 0 |          getService().removeRole(role); | 
| 959 | 0 |      } | 
| 960 | ||
| 961 |      /** | |
| 962 |       * Removes a Permission from the system. | |
| 963 |       * | |
| 964 |       * @param permission The object describing the permission to be removed. | |
| 965 |       * @throws DataBackendException if there was an error accessing the data | |
| 966 |       *         backend. | |
| 967 |       * @throws UnknownEntityException if the permission does not exist. | |
| 968 |       */ | |
| 969 | public static void removePermission(Permission permission) | |
| 970 |              throws DataBackendException, UnknownEntityException | |
| 971 |      { | |
| 972 | 0 |          getService().removePermission(permission); | 
| 973 | 0 |      } | 
| 974 | ||
| 975 |      /** | |
| 976 |       * Renames an existing Group. | |
| 977 |       * | |
| 978 |       * @param group The object describing the group to be renamed. | |
| 979 |       * @param name the new name for the group. | |
| 980 |       * @throws DataBackendException if there was an error accessing the data | |
| 981 |       *         backend. | |
| 982 |       * @throws UnknownEntityException if the group does not exist. | |
| 983 |       */ | |
| 984 | public static void renameGroup(Group group, String name) | |
| 985 |              throws DataBackendException, UnknownEntityException | |
| 986 |      { | |
| 987 | 0 |          getService().renameGroup(group, name); | 
| 988 | 0 |      } | 
| 989 | ||
| 990 |      /** | |
| 991 |       * Renames an existing Role. | |
| 992 |       * | |
| 993 |       * @param role The object describing the role to be renamed. | |
| 994 |       * @param name the new name for the role. | |
| 995 |       * @throws DataBackendException if there was an error accessing the data | |
| 996 |       *         backend. | |
| 997 |       * @throws UnknownEntityException if the role does not exist. | |
| 998 |       */ | |
| 999 | public static void renameRole(Role role, String name) | |
| 1000 |              throws DataBackendException, UnknownEntityException | |
| 1001 |      { | |
| 1002 | 0 |          getService().renameRole(role, name); | 
| 1003 | 0 |      } | 
| 1004 | ||
| 1005 |      /** | |
| 1006 |       * Renames an existing Permission. | |
| 1007 |       * | |
| 1008 |       * @param permission The object describing the permission to be renamed. | |
| 1009 |       * @param name the new name for the permission. | |
| 1010 |       * @throws DataBackendException if there was an error accessing the data | |
| 1011 |       *         backend. | |
| 1012 |       * @throws UnknownEntityException if the permission does not exist. | |
| 1013 |       */ | |
| 1014 | public static void renamePermission(Permission permission, String name) | |
| 1015 |              throws DataBackendException, UnknownEntityException | |
| 1016 |      { | |
| 1017 | 0 |          getService().renamePermission(permission, name); | 
| 1018 | 0 |      } | 
| 1019 | } |