Examples of org.sonatype.security.authorization.Role

• org.sonatype.security.authorization.Role
  A simple bean that represents a security Role. @author Brian Demers

    return roles;
  }

  private Role toRole(String roleId) {
    Role role = new Role();
    role.setRoleId(roleId);
    role.setSource(this.getSource());
    role.setName("Role " + roleId);
    role.setReadOnly(true);

    return role;
  }

    return resource;
  }

  public Role restToSecurityModel(Role role, RoleResource resource) {
    if (role == null) {
      role = new Role();
    }

    role.setRoleId(resource.getId());

    role.setDescription(resource.getDescription());

      RoleTreeResourceResponse responseResource = new RoleTreeResourceResponse();

      AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager("default");

      if (Boolean.parseBoolean(request.getResourceRef().getQueryAsForm().getFirstValue("isRole"))) {
        Role role = authzManager.getRole(userId);

        handleRole(role, authzManager, responseResource, null);
      }
      else {
        User user = getSecuritySystem().getUser(userId);

  }

  protected void handleUser(User user, AuthorizationManager authzManager, RoleTreeResourceResponse response) {
    for (RoleIdentifier roleIdentifier : user.getRoles()) {
      try {
        Role role = authzManager.getRole(roleIdentifier.getRoleId());

        RoleTreeResource resource = new RoleTreeResource();
        resource.setId(role.getRoleId());
        resource.setName(role.getName());
        resource.setType("role");
        response.addData(resource);

        handleRole(role, authzManager, response, resource);
      }

  protected void handleRole(Role role, AuthorizationManager authzManager, RoleTreeResourceResponse response,
                            RoleTreeResource resource)
  {
    for (String roleId : role.getRoles()) {
      try {
        Role childRole = authzManager.getRole(roleId);
        RoleTreeResource childResource = new RoleTreeResource();
        childResource.setId(childRole.getRoleId());
        childResource.setName(childRole.getName());
        childResource.setType("role");
        if (resource != null) {
          resource.addChildren(childResource);
        }
        else {

    }
    catch (NoSuchAuthorizationManagerException e) {
      throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Invalid source id '" + sourceId + "'", e);
    }

    final Role role;
    try {
      role = source.getRole(roleId);
    }
    catch (NoSuchRoleException e) {
      throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, "Invalid role id '" + roleId + "' on realm '"
          + sourceId + "'", e);
    }

    Role defaultRole;
    try {
      defaultRole = getSecuritySystem().getAuthorizationManager(SecurityXmlUserManager.SOURCE).getRole(roleId);
    }
    catch (NoSuchRoleException e) {
      defaultRole = null;

    if (resourceRequest != null) {
      RoleResource resource = resourceRequest.getData();

      try {
        AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager(ROLE_SOURCE);
        Role role = restToSecurityModel(authzManager.getRole(resource.getId()), resource);

        validateRoleContainment(role);

        authzManager.updateRole(role);

        resourceResponse = new RoleResourceResponse();

        resourceResponse.setData(resourceRequest.getData());

        resourceResponse.getData().setUserManaged(!role.isReadOnly());

        resourceResponse.getData().setResourceURI(createChildReference(request, resource.getId()).toString());

      }
      catch (NoSuchRoleException e) {

    RoleResourceResponse result = null;

    if (resourceRequest != null) {
      RoleResource resource = resourceRequest.getData();

      Role role = restToSecurityModel(null, resource);

      try {
        validateRoleContainment(role);

        AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager(ROLE_SOURCE);
        role = authzManager.addRole(role);

        result = new RoleResourceResponse();

        resource.setId(role.getRoleId());

        resource.setUserManaged(true);

        resource.setResourceURI(createChildReference(request, resource.getId()).toString());

  @Override
  public Set<Role> listRoles() {
    Set<Role> result = new TreeSet<Role>();
    try {
      for (String roleId : ldapManager.getAllGroups()) {
        Role role = new Role();
        role.setName(roleId);
        role.setRoleId(roleId);
        role.setSource(this.getSource());
        result.add(role);
      }
    }
    catch (LdapDAOException e) {
      this.logger.debug("Problem getting list of LDAP Groups: " + e.getMessage(), e);

      if (roleName == null) {
        throw new NoSuchRoleException("Role: " + roleId + " was not found in LDAP.");
      }

      Role role = new Role();
      role.setName(roleId);
      role.setRoleId(roleId);
      role.setSource(this.getSource());

      return role;
    }
    catch (LdapDAOException e) {
      throw new NoSuchRoleException("Role: " + roleId + " was not found in LDAP.", e);