Examples of org.jboss.seam.security.permission.PermissionMetadata.ActionSet

• org.jboss.seam.security.permission.PermissionMetadata.ActionSet

            List<?> permissions = createPermissionQuery(resource, null, identity).getResultList();

            if (permissions.isEmpty()) {
                if (!set) return true;

                ActionSet actionSet = metadata.createActionSet(resource.getClass(), null);
                for (String action : actions) {
                    actionSet.add(action);
                }

                Object instance = identityPermissionClass.newInstance();
                resourceProperty.setValue(instance, identifierPolicy.getIdentifier(resource));
                permissionProperty.setValue(instance, actionSet.toString());
                identityProperty.setValue(instance, resolveIdentityEntity(identity));

                lookupEntityManager().persist(instance);
                return true;
            }

            Object instance = permissions.get(0);

            ActionSet actionSet = metadata.createActionSet(resource.getClass(),
                    permissionProperty.getValue(instance).toString());

            for (String action : actions) {
                if (set) {
                    actionSet.add(action);
                } else {
                    actionSet.remove(action);
                }
            }

            if (permissions.size() > 1) {
                // Same as with roles, consolidate the records if there is more than one
                for (Object p : permissions) {
                    actionSet.addMembers(permissionProperty.getValue(p).toString());
                    if (!p.equals(instance)) {
                        lookupEntityManager().remove(p);
                    }
                }
            }

            if (!actionSet.isEmpty()) {
                permissionProperty.setValue(instance, actionSet.toString());
                lookupEntityManager().merge(instance);
            } else {
                // No actions remaining in set, so just remove the record
                lookupEntityManager().remove(instance);
            }

                identifierCache.put(identifierPolicy.getIdentifier(t), t);
            }
        }

        for (Object permission : userPermissions) {
            ActionSet actionSet = null;

            if (targets != null) {
                //target = identifierCache.get(targetProperty.getValue(permission));
                if (resource != null) {
                    //actionSet = metadata.createActionSet(target.getClass(),
                    // actionProperty.getValue(permission).toString());
                }
            } else {
                //actionSet = metadata.createActionSet(target.getClass(),
                //    actionProperty.getValue(permission).toString());
            }

            if (resource != null && (action == null || (actionSet != null && actionSet.contains(action)))) {
                // FIXME
                IdentityObject identity = null; //lookupPrincipal(principalCache, permission);

                if (action != null) {
                    permissions.add(new Permission(resource, action, identity));
                } else {
                    for (String a : actionSet.members()) {
                        permissions.add(new Permission(resource, a, identity));
                    }
                }
            }
        }

               if (permissions.isEmpty())
               {
                  if (!set) return true;

                  ActionSet actionSet = metadata.createActionSet(target.getClass(), null);
                  for (String action : actions)
                  {
                     actionSet.add(action);
                  }

                  Object instance = rolePermissionClass.newInstance();
                  roleTargetProperty.setValue(instance, identifierPolicy.getIdentifier(target));
                  roleActionProperty.setValue(instance, actionSet.toString());
                  roleProperty.setValue(instance, resolvePrincipalEntity(recipient));
                  lookupEntityManager().persist(instance);
                  return true;
               }

               Object instance = permissions.get(0);

               ActionSet actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(instance).toString());

               for (String action : actions)
               {
                  if (set)
                  {
                     actionSet.add(action);
                  }
                  else
                  {
                     actionSet.remove(action);
                  }
               }

               if (permissions.size() > 1)
               {
                  // This is where it gets a little messy.. if there is more than one permission
                  // record, then we need to consolidate them all into just the first one
                  for (Object p : permissions)
                  {
                     actionSet.addMembers(roleActionProperty.getValue(p).toString());
                     if (!p.equals(instance))
                     {
                        lookupEntityManager().remove(p);
                     }
                  }
               }

               if (!actionSet.isEmpty())
               {
                  roleActionProperty.setValue(instance, actionSet.toString());
                  lookupEntityManager().merge(instance);
               }
               else
               {
                  // No actions remaining in set, so just remove the record
                  lookupEntityManager().remove(instance);
               }

               return true;
            }

            if (!discriminatorProperty.isSet())
            {
               throw new RuntimeException("Could not grant permission, rolePermissionClass not set");
            }
         }

         if (userPermissionClass == null)
         {
            throw new RuntimeException("Could not grant permission, userPermissionClass not set");
         }

         List permissions = createPermissionQuery(target, null, recipient, recipientIsRole ?
               Discrimination.role : Discrimination.user).getResultList();

         if (permissions.isEmpty())
         {
            if (!set) return true;

            ActionSet actionSet = metadata.createActionSet(target.getClass(), null);
            for (String action : actions)
            {
               actionSet.add(action);
            }

            Object instance = userPermissionClass.newInstance();
            targetProperty.setValue(instance, identifierPolicy.getIdentifier(target));
            actionProperty.setValue(instance, actionSet.toString());

            if (recipientIsRole)
            {
               roleProperty.setValue(instance, resolvePrincipalEntity(recipient));
            }
            else
            {
               userProperty.setValue(instance, resolvePrincipalEntity(recipient));
            }

            if (discriminatorProperty.isSet())
            {
               PermissionDiscriminator discriminator = discriminatorProperty.getAnnotation();
               discriminatorProperty.setValue(instance, recipientIsRole ? discriminator.roleValue() :
                  discriminator.userValue());
            }

            lookupEntityManager().persist(instance);
            return true;
         }

         Object instance = permissions.get(0);

         ActionSet actionSet = metadata.createActionSet(target.getClass(),
               actionProperty.getValue(instance).toString());

         for (String action : actions)
         {
            if (set)
            {
               actionSet.add(action);
            }
            else
            {
               actionSet.remove(action);
            }
         }

         if (permissions.size() > 1)
         {
            // Same as with roles, consolidate the records if there is more than one
            for (Object p : permissions)
            {
               actionSet.addMembers(actionProperty.getValue(p).toString());
               if (!p.equals(instance))
               {
                  lookupEntityManager().remove(p);
               }
            }
         }

         if (!actionSet.isEmpty())
         {
            actionProperty.setValue(instance, actionSet.toString());
            lookupEntityManager().merge(instance);
         }
         else
         {
            // No actions remaining in set, so just remove the record

         }
      }

      for (Object permission : userPermissions)
      {
         ActionSet actionSet = null;

         if (targets != null)
         {
            target = identifierCache.get(targetProperty.getValue(permission));
            if (target != null)
            {
               actionSet = metadata.createActionSet(target.getClass(),
                  actionProperty.getValue(permission).toString());
            }
         }
         else
         {
            actionSet = metadata.createActionSet(target.getClass(),
                  actionProperty.getValue(permission).toString());
         }

         if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
         {
            boolean isUser = true;

            if (useDiscriminator &&
               discriminatorProperty.getAnnotation().roleValue().equals(
                     discriminatorProperty.getValue(permission)))
            {
               isUser = false;
            }

            Principal principal = lookupPrincipal(principalCache, permission, isUser);

            if (action != null)
            {
               permissions.add(new Permission(target, action, principal));
            }
            else
            {
               for (String a : actionSet.members())
               {
                  permissions.add(new Permission(target, a, principal));
               }
            }
         }
      }

      // If we have a separate class for role permissions, then query them now
      if (rolePermissionClass != null)
      {
         permissionQuery = targets != null ?
               createPermissionQuery(null, targets, null, Discrimination.role) :
               createPermissionQuery(target, null, null, Discrimination.role);
         List rolePermissions = permissionQuery.getResultList();

         for (Object permission : rolePermissions)
         {
            ActionSet actionSet = null;

            if (targets != null)
            {
               target = identifierCache.get(roleTargetProperty.getValue(permission));
               if (target != null)
               {
                  actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(permission).toString());
               }
            }
            else
            {
               actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(permission).toString());
            }

            if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
            {
               Principal principal = lookupPrincipal(principalCache, permission, false);

               if (action != null)
               {
                  permissions.add(new Permission(target, action, principal));
               }
               else
               {
                  for (String a : actionSet.members())
                  {
                     permissions.add(new Permission(target, a, principal));
                  }
               }
            }

               if (permissions.isEmpty())
               {
                  if (!set) return true;

                  ActionSet actionSet = metadata.createActionSet(target.getClass(), null);
                  for (String action : actions)
                  {
                     actionSet.add(action);
                  }

                  Object instance = rolePermissionClass.newInstance();
                  roleTargetProperty.setValue(instance, identifierPolicy.getIdentifier(target));
                  roleActionProperty.setValue(instance, actionSet.toString());
                  roleProperty.setValue(instance, resolvePrincipalEntity(recipient));
                  lookupEntityManager().persist(instance);
                  return true;
               }

               Object instance = permissions.get(0);

               ActionSet actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(instance).toString());

               for (String action : actions)
               {
                  if (set)
                  {
                     actionSet.add(action);
                  }
                  else
                  {
                     actionSet.remove(action);
                  }
               }

               if (permissions.size() > 1)
               {
                  // This is where it gets a little messy.. if there is more than one permission
                  // record, then we need to consolidate them all into just the first one
                  for (Object p : permissions)
                  {
                     actionSet.addMembers(roleActionProperty.getValue(p).toString());
                     if (!p.equals(instance))
                     {
                        lookupEntityManager().remove(p);
                     }
                  }
               }

               if (!actionSet.isEmpty())
               {
                  roleActionProperty.setValue(instance, actionSet.toString());
                  lookupEntityManager().merge(instance);
               }
               else
               {
                  // No actions remaining in set, so just remove the record
                  lookupEntityManager().remove(instance);
               }

               return true;
            }

            if (!discriminatorProperty.isSet())
            {
               throw new RuntimeException("Could not grant permission, rolePermissionClass not set");
            }
         }

         if (userPermissionClass == null)
         {
            throw new RuntimeException("Could not grant permission, userPermissionClass not set");
         }

         List permissions = createPermissionQuery(target, null, recipient, recipientIsRole ?
               Discrimination.role : Discrimination.user).getResultList();

         if (permissions.isEmpty())
         {
            if (!set) return true;

            ActionSet actionSet = metadata.createActionSet(target.getClass(), null);
            for (String action : actions)
            {
               actionSet.add(action);
            }

            Object instance = userPermissionClass.newInstance();
            targetProperty.setValue(instance, identifierPolicy.getIdentifier(target));
            actionProperty.setValue(instance, actionSet.toString());
            userProperty.setValue(instance, resolvePrincipalEntity(recipient));

            if (discriminatorProperty.isSet())
            {
               PermissionDiscriminator discriminator = discriminatorProperty.getAnnotation();
               discriminatorProperty.setValue(instance, recipientIsRole ? discriminator.roleValue() :
                  discriminator.userValue());
            }

            lookupEntityManager().persist(instance);
            return true;
         }

         Object instance = permissions.get(0);

         ActionSet actionSet = metadata.createActionSet(target.getClass(),
               actionProperty.getValue(instance).toString());

         for (String action : actions)
         {
            if (set)
            {
               actionSet.add(action);
            }
            else
            {
               actionSet.remove(action);
            }
         }

         if (permissions.size() > 1)
         {
            // Same as with roles, consolidate the records if there is more than one
            for (Object p : permissions)
            {
               actionSet.addMembers(actionProperty.getValue(p).toString());
               if (!p.equals(instance))
               {
                  lookupEntityManager().remove(p);
               }
            }
         }

         if (!actionSet.isEmpty())
         {
            actionProperty.setValue(instance, actionSet.toString());
            lookupEntityManager().merge(instance);
         }
         else
         {
            // No actions remaining in set, so just remove the record

         }
      }

      for (Object permission : userPermissions)
      {
         ActionSet actionSet = null;

         if (targets != null)
         {
            target = identifierCache.get(targetProperty.getValue(permission));
            if (target != null)
            {
               actionSet = metadata.createActionSet(target.getClass(),
                  actionProperty.getValue(permission).toString());
            }
         }
         else
         {
            actionSet = metadata.createActionSet(target.getClass(),
                  actionProperty.getValue(permission).toString());
         }

         if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
         {
            boolean isUser = true;

            if (useDiscriminator &&
               discriminatorProperty.getAnnotation().roleValue().equals(
                     discriminatorProperty.getValue(permission)))
            {
               isUser = false;
            }

            Principal principal = lookupPrincipal(principalCache, permission, isUser);

            if (action != null)
            {
               permissions.add(new Permission(target, action, principal));
            }
            else
            {
               for (String a : actionSet.members())
               {
                  permissions.add(new Permission(target, a, principal));
               }
            }
         }
      }

      // If we have a separate class for role permissions, then query them now
      if (rolePermissionClass != null)
      {
         permissionQuery = targets != null ?
               createPermissionQuery(null, targets, null, Discrimination.role) :
               createPermissionQuery(target, null, null, Discrimination.role);
         List rolePermissions = permissionQuery.getResultList();

         for (Object permission : rolePermissions)
         {
            ActionSet actionSet = null;

            if (targets != null)
            {
               target = identifierCache.get(roleTargetProperty.getValue(permission));
               if (target != null)
               {
                  actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(permission).toString());
               }
            }
            else
            {
               actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(permission).toString());
            }

            if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
            {
               Principal principal = lookupPrincipal(principalCache, permission, false);

               if (action != null)
               {
                  permissions.add(new Permission(target, action, principal));
               }
               else
               {
                  for (String a : actionSet.members())
                  {
                     permissions.add(new Permission(target, a, principal));
                  }
               }
            }

         if (permissions.isEmpty())
         {
            if (!set) return true;

            ActionSet actionSet = metadata.createActionSet(resource.getClass(), null);
            for (String action : actions)
            {
               actionSet.add(action);
            }

            Object instance = identityPermissionClass.newInstance();
            resourceProperty.setValue(instance, identifierPolicy.getIdentifier(resource));
            permissionProperty.setValue(instance, actionSet.toString());
            identityProperty.setValue(instance, resolveIdentityEntity(identity));

            lookupEntityManager().persist(instance);
            return true;
         }

         Object instance = permissions.get(0);

         ActionSet actionSet = metadata.createActionSet(resource.getClass(),
               permissionProperty.getValue(instance).toString());

         for (String action : actions)
         {
            if (set)
            {
               actionSet.add(action);
            }
            else
            {
               actionSet.remove(action);
            }
         }

         if (permissions.size() > 1)
         {
            // Same as with roles, consolidate the records if there is more than one
            for (Object p : permissions)
            {
               actionSet.addMembers(permissionProperty.getValue(p).toString());
               if (!p.equals(instance))
               {
                  lookupEntityManager().remove(p);
               }
            }
         }

         if (!actionSet.isEmpty())
         {
            permissionProperty.setValue(instance, actionSet.toString());
            lookupEntityManager().merge(instance);
         }
         else
         {
            // No actions remaining in set, so just remove the record

         }
      }

      for (Object permission : userPermissions)
      {
         ActionSet actionSet = null;

         if (targets != null)
         {
            //target = identifierCache.get(targetProperty.getValue(permission));
            if (resource != null)
            {
               //actionSet = metadata.createActionSet(target.getClass(),
                 // actionProperty.getValue(permission).toString());
            }
         }
         else
         {
            //actionSet = metadata.createActionSet(target.getClass(),
              //    actionProperty.getValue(permission).toString());
         }

         if (resource != null && (action == null || (actionSet != null && actionSet.contains(action))))
         {
            // FIXME
            IdentityObject identity = null; //lookupPrincipal(principalCache, permission);

            if (action != null)
            {
               permissions.add(new Permission(resource, action, identity));
            }
            else
            {
               for (String a : actionSet.members())
               {
                  permissions.add(new Permission(resource, a, identity));
               }
            }
         }

               if (permissions.isEmpty())
               {
                  if (!set) return true;

                  ActionSet actionSet = metadata.createActionSet(target.getClass(), null);
                  for (String action : actions)
                  {
                     actionSet.add(action);
                  }

                  Object instance = rolePermissionClass.newInstance();
                  roleTargetProperty.setValue(instance, identifierPolicy.getIdentifier(target));
                  roleActionProperty.setValue(instance, actionSet.toString());
                  roleProperty.setValue(instance, resolvePrincipalEntity(recipient));
                  lookupEntityManager().persist(instance);
                  return true;
               }

               Object instance = permissions.get(0);

               ActionSet actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(instance).toString());

               for (String action : actions)
               {
                  if (set)
                  {
                     actionSet.add(action);
                  }
                  else
                  {
                     actionSet.remove(action);
                  }
               }

               if (permissions.size() > 1)
               {
                  // This is where it gets a little messy.. if there is more than one permission
                  // record, then we need to consolidate them all into just the first one
                  for (Object p : permissions)
                  {
                     actionSet.addMembers(roleActionProperty.getValue(p).toString());
                     if (!p.equals(instance))
                     {
                        lookupEntityManager().remove(p);
                     }
                  }
               }

               if (!actionSet.isEmpty())
               {
                  roleActionProperty.setValue(instance, actionSet.toString());
                  lookupEntityManager().merge(instance);
               }
               else
               {
                  // No actions remaining in set, so just remove the record
                  lookupEntityManager().remove(instance);
               }

               return true;
            }

            if (!discriminatorProperty.isSet())
            {
               throw new RuntimeException("Could not grant permission, rolePermissionClass not set");
            }
         }

         if (userPermissionClass == null)
         {
            throw new RuntimeException("Could not grant permission, userPermissionClass not set");
         }

         List permissions = createPermissionQuery(target, null, recipient, recipientIsRole ?
               Discrimination.role : Discrimination.user).getResultList();

         if (permissions.isEmpty())
         {
            if (!set) return true;

            ActionSet actionSet = metadata.createActionSet(target.getClass(), null);
            for (String action : actions)
            {
               actionSet.add(action);
            }

            Object instance = userPermissionClass.newInstance();
            targetProperty.setValue(instance, identifierPolicy.getIdentifier(target));
            actionProperty.setValue(instance, actionSet.toString());

            if (recipientIsRole)
            {
               roleProperty.setValue(instance, resolvePrincipalEntity(recipient));
            }
            else
            {
               userProperty.setValue(instance, resolvePrincipalEntity(recipient));
            }

            if (discriminatorProperty.isSet())
            {
               PermissionDiscriminator discriminator = discriminatorProperty.getAnnotation();
               discriminatorProperty.setValue(instance, recipientIsRole ? discriminator.roleValue() :
                  discriminator.userValue());
            }

            lookupEntityManager().persist(instance);
            return true;
         }

         Object instance = permissions.get(0);

         ActionSet actionSet = metadata.createActionSet(target.getClass(),
               actionProperty.getValue(instance).toString());

         for (String action : actions)
         {
            if (set)
            {
               actionSet.add(action);
            }
            else
            {
               actionSet.remove(action);
            }
         }

         if (permissions.size() > 1)
         {
            // Same as with roles, consolidate the records if there is more than one
            for (Object p : permissions)
            {
               actionSet.addMembers(actionProperty.getValue(p).toString());
               if (!p.equals(instance))
               {
                  lookupEntityManager().remove(p);
               }
            }
         }

         if (!actionSet.isEmpty())
         {
            actionProperty.setValue(instance, actionSet.toString());
            lookupEntityManager().merge(instance);
         }
         else
         {
            // No actions remaining in set, so just remove the record

         }
      }

      for (Object permission : userPermissions)
      {
         ActionSet actionSet = null;

         if (targets != null)
         {
            target = identifierCache.get(targetProperty.getValue(permission));
            if (target != null)
            {
               actionSet = metadata.createActionSet(target.getClass(),
                  actionProperty.getValue(permission).toString());
            }
         }
         else
         {
            actionSet = metadata.createActionSet(target.getClass(),
                  actionProperty.getValue(permission).toString());
         }

         if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
         {
            boolean isUser = true;

            if (useDiscriminator &&
               discriminatorProperty.getAnnotation().roleValue().equals(
                     discriminatorProperty.getValue(permission)))
            {
               isUser = false;
            }

            Principal principal = lookupPrincipal(principalCache, permission, isUser);

            if (action != null)
            {
               permissions.add(new Permission(target, action, principal));
            }
            else
            {
               for (String a : actionSet.members())
               {
                  permissions.add(new Permission(target, a, principal));
               }
            }
         }
      }

      // If we have a separate class for role permissions, then query them now
      if (rolePermissionClass != null)
      {
         permissionQuery = targets != null ?
               createPermissionQuery(null, targets, null, Discrimination.role) :
               createPermissionQuery(target, null, null, Discrimination.role);
         List rolePermissions = permissionQuery.getResultList();

         for (Object permission : rolePermissions)
         {
            ActionSet actionSet = null;

            if (targets != null)
            {
               target = identifierCache.get(roleTargetProperty.getValue(permission));
               if (target != null)
               {
                  actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(permission).toString());
               }
            }
            else
            {
               actionSet = metadata.createActionSet(target.getClass(),
                     roleActionProperty.getValue(permission).toString());
            }

            if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
            {
               Principal principal = lookupPrincipal(principalCache, permission, false);

               if (action != null)
               {
                  permissions.add(new Permission(target, action, principal));
               }
               else
               {
                  for (String a : actionSet.members())
                  {
                     permissions.add(new Permission(target, a, principal));
                  }
               }
            }