public void privilegeRemoved( EnhancedConfiguration configuration, String privilegeId ) { logger.debug( "Cleaning privilege id {} from roles.", privilegeId ); List<CRole> roles = configuration.getRoles(); for ( CRole role : roles ) { if ( role.getPrivileges().contains( privilegeId ) ) { logger.debug( "removing privilege {} from role {}", privilegeId, role.getId() ); role.getPrivileges().remove( privilegeId ); configuration.removeRoleById( role.getId() ); configuration.addRole( role ); } } }
public CPrivilege getPrivilegeById( final String id ) { return getPrivilegeById( id, true ); }
public List<CPrivilege> listPrivileges() { return Collections.unmodifiableList( getConfiguration().getPrivileges() ); }
public void roleRemoved( EnhancedConfiguration configuration, String roleId ) { logger.debug( "Cleaning role id {} from users and roles.", roleId ); List<CRole> roles = configuration.getRoles(); for ( CRole role : roles ) { if ( role.getRoles().contains( roleId ) ) { logger.debug( "removing ref to role {} from role {}", roleId, role.getId() ); role.getRoles().remove( roleId ); configuration.removeRoleById( role.getId() ); configuration.addRole( role ); } } List<CUserRoleMapping> mappings = configuration.getUserRoleMappings(); for ( CUserRoleMapping mapping : mappings ) { if ( mapping.getRoles().contains( roleId ) ) { logger.debug( "removing ref to role {} from user {}", mapping.getUserId() ); mapping.removeRole( roleId ); configuration.removeUserRoleMappingByUserId( mapping.getUserId(), mapping.getSource() ); configuration.addUserRoleMapping( mapping ); } } } }
public CRole getRoleById( final String id ) { return getRoleById( id, true ); }
public CUser getUserById( final String id ) { return getUserById( id, true ); }
private void createOrUpdateUserRoleMapping( CUserRoleMapping roleMapping ) { // delete first, ask questions later // we are always updating, its possible that this object could have already existed, because we cannot fully // sync with external realms. try { deleteUserRoleMapping( roleMapping.getUserId(), roleMapping.getSource() ); } catch ( NoSuchRoleMappingException e ) { // it didn't exist, thats ok. } // now add it getConfiguration().addUserRoleMapping( roleMapping ); }
public List<CRole> listRoles() { return Collections.unmodifiableList( getConfiguration().getRoles() ); }
public void createPrivilege( CPrivilege privilege, SecurityValidationContext context ) throws InvalidConfigurationException { if ( context == null ) { context = initializeContext(); } ValidationResponse vr = validator.validatePrivilege( context, privilege, false ); if ( vr.isValid() ) { getConfiguration().addPrivilege( privilege ); logValidationWarnings( vr ); } else { throw new InvalidConfigurationException( vr ); } }
public void createRole( CRole role, SecurityValidationContext context ) throws InvalidConfigurationException { if ( context == null ) { context = initializeContext(); } ValidationResponse vr = validator.validateRole( context, role, false ); if ( vr.isValid() ) { getConfiguration().addRole( role ); logValidationWarnings( vr ); } else { throw new InvalidConfigurationException( vr ); } }
public void createUser( CUser user, String password, Set<String> roles, SecurityValidationContext context ) throws InvalidConfigurationException { if ( context == null ) { context = initializeContext(); } // set the password if its not null if ( password != null && password.trim().length() > 0 ) { user.setPassword(this.passwordService.encryptPassword(password)); } ValidationResponse vr = validator.validateUser( context, user, roles, false ); if ( vr.isValid() ) { getConfiguration().addUser( user ); createOrUpdateUserRoleMapping( buildUserRoleMapping( user.getId(), roles ) ); logValidationWarnings( vr ); } else { throw new InvalidConfigurationException( vr ); } }
protected EnhancedConfiguration getConfiguration() { // Assign configuration to local variable first, as calls to clearCache can null it out at any time EnhancedConfiguration configuration = this.configurationCache; if ( configuration == null || shouldRebuildConifuguration() ) { synchronized ( this ) { // double-checked locking of volatile is apparently OK with java5+ // http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html configuration = this.configurationCache; if ( configuration == null || shouldRebuildConifuguration() ) { configuration = new EnhancedConfiguration( doGetConfiguration() ); this.configurationCache = configuration; } } } return configuration; }
public boolean removeRoleById( final String id ) { final CRole role = getRoleById( id, false ); if ( role != null ) { delegate.removeRole( role ); return id2roles.remove( id ) != null; } else { return false; } }
public boolean removeUserById( final String id ) { final CUser user = getUserById( id, false ); if ( user != null ) { delegate.removeUser( user ); return id2users.remove( id ) != null; } else { return false; } }
public void createUserRoleMapping( CUserRoleMapping userRoleMapping, SecurityValidationContext context ) throws InvalidConfigurationException { if ( context == null ) { context = this.initializeContext(); } try { // this will throw a NoSuchRoleMappingException, if there isn't one readUserRoleMapping( userRoleMapping.getUserId(), userRoleMapping.getSource() ); ValidationResponse vr = new ValidationResponse(); vr.addValidationError( new ValidationMessage( "*", "User Role Mapping for user '" + userRoleMapping.getUserId() + "' already exists." ) ); throw new InvalidConfigurationException( vr ); } catch ( NoSuchRoleMappingException e ) { // expected } ValidationResponse vr = validator.validateUserRoleMapping( context, userRoleMapping, false ); if ( vr.getValidationErrors().size() > 0 ) { throw new InvalidConfigurationException( vr ); } getConfiguration().addUserRoleMapping( userRoleMapping ); logValidationWarnings( vr ); }
public List<CRole> listRoles() { List<CRole> list = new ArrayList<CRole>( manager.listRoles() ); for ( CRole item : (List<CRole>) getConfiguration().getRoles() ) { CRole role = item; // ALL roles that come from StaticSecurityResources are NOT editable // only roles defined in the security.xml can be updated. item.setReadOnly( true ); list.add( role ); } return list; }
public void updatePrivilege( CPrivilege privilege, SecurityValidationContext context ) throws InvalidConfigurationException, NoSuchPrivilegeException { if ( context == null ) { context = initializeContext(); } ValidationResponse vr = validator.validatePrivilege( context, privilege, true ); if ( vr.isValid() ) { deletePrivilege( privilege.getId(), false ); getConfiguration().addPrivilege( privilege ); logValidationWarnings( vr ); } else { throw new InvalidConfigurationException( vr ); } }
public void updateRole( CRole role, SecurityValidationContext context ) throws InvalidConfigurationException, NoSuchRoleException { if ( context == null ) { context = initializeContext(); } ValidationResponse vr = validator.validateRole( context, role, true ); if ( vr.isValid() ) { deleteRole( role.getId(), false ); getConfiguration().addRole( role ); logValidationWarnings( vr ); } else { throw new InvalidConfigurationException( vr ); } }
public void updateUser( CUser user, Set<String> roles, SecurityValidationContext context ) throws InvalidConfigurationException, UserNotFoundException { if ( context == null ) { context = initializeContext(); } ValidationResponse vr = validator.validateUser( context, user, roles, true ); if ( vr.isValid() ) { deleteUser( user.getId() ); getConfiguration().addUser( user ); this.createOrUpdateUserRoleMapping( this.buildUserRoleMapping( user.getId(), roles ) ); logValidationWarnings( vr ); } else { throw new InvalidConfigurationException( vr ); } }
public CRole readRole( String id ) throws NoSuchRoleException { CRole role = getConfiguration().getRoleById( id ); if ( role != null ) { return role; } else { throw new NoSuchRoleException( id ); } }