package com.dbxml.db.common.security;
/*
* dbXML - Native XML Database
* Copyright (c) 1999-2006 The dbXML Group, L.L.C.
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* $Id: AccessManager.java,v 1.4 2006/02/02 18:53:52 bradford Exp $
*/
import com.dbxml.db.core.security.*;
import com.dbxml.db.core.Collection;
import com.dbxml.db.core.DBException;
import com.dbxml.db.core.Database;
import com.dbxml.db.core.extension.SimpleExtension;
import java.util.HashMap;
import java.util.Map;
/**
* AccessManager is a proxy facade that is used to expose AccessManager
* functionality via Labrador.
*/
public final class AccessManager extends SimpleExtension {
private AccessUtils utils;
public AccessManager() {
}
public void setCollection(Collection collection) {
super.setCollection(collection);
Database database = collection.getDatabase();
utils = new AccessUtils(database);
}
AccessUtils getAccessUtils() {
return utils;
}
// User methods
public String[] listUsers() throws DBException {
return utils.listUsers();
}
public static final String[] PARAMS_addUser = {"userID"};
public void addUser(String userID) throws DBException {
User user = null;
try {
user = utils.readUser(userID);
throw new InvalidUserException("User '"+userID+"' already exists");
}
catch ( DBException e ) {
user = new User();
user.setId(userID);
utils.storeUser(user);
}
}
public static final String[] PARAMS_setUserPassword = {"userID", "password"};
public void setUserPassword(String userID, String password) throws DBException {
User user = utils.readUser(userID);
user.setPassword(password);
utils.storeUser(user);
}
public static final String[] PARAMS_listRolesForUser = {"userID"};
public String[] listRolesForUser(String userID) throws DBException {
User user = utils.readUser(userID);
return user.listRoles();
}
public static final String[] PARAMS_addRoleToUser = {"userID", "roleID"};
public void addRoleToUser(String userID, String roleID) throws DBException {
User user = utils.readUser(userID);
Role role = utils.readRole(roleID);
user.addRole(role);
utils.storeUser(user);
}
public static final String[] PARAMS_removeRoleFromUser = {"userID", "roleID"};
public void removeRoleFromUser(String userID, String roleID) throws DBException {
User user = utils.readUser(userID);
Role role = utils.readRole(roleID);
user.removeRole(role);
utils.storeUser(user);
}
public static final String[] PARAMS_removeUser = {"userID"};
public void removeUser(String userID) throws DBException {
User user = utils.readUser(userID);
utils.removeUser(user);
}
// Role methods
public String[] listRoles() throws DBException {
return utils.listRoles();
}
public static final String[] PARAMS_listUsersForRole = {"roleID"};
public String[] listUsersForRole(String roleID) throws DBException {
return utils.listUsersForRole(roleID);
}
public static final String[] PARAMS_addRole = {"roleID"};
public void addRole(String roleID) throws DBException {
Role role = null;
try {
role = utils.readRole(roleID);
throw new InvalidRoleException("Role '"+roleID+"' already exists");
}
catch ( DBException e ) {
role = new Role();
role.setId(roleID);
utils.storeRole(role);
}
}
public static final String[] PARAMS_removeRole = {"roleID"};
public void removeRole(String roleID) throws DBException {
Role role = utils.readRole(roleID);
utils.removeRole(role);
}
// Access methods
public static final String[] PARAMS_listAccessControl = {"path"};
public Map listAccessControl(String path) throws DBException {
Access access = utils.readAccess(path);
Map data = new HashMap();
String[] roles = access.listRoles();
for ( int i = 0; i < roles.length; i++ ) {
String roleID = roles[i];
Role role = utils.readRole(roleID);
int permissions = access.getPermissions(role);
data.put(roleID, new Integer(permissions));
}
return data;
}
public static final String[] PARAMS_grant = {"path", "roleID", "permissions"};
public void grant(String path, String roleID, int permissions) throws DBException {
Access access = utils.readAccess(path);
Role role = utils.readRole(roleID);
int oldPermissions = access.getPermissions(role);
access.setPermissions(role, oldPermissions | permissions);
utils.storeAccess(access);
}
public static final String[] PARAMS_revoke = {"path", "roleID", "permissions"};
public void revoke(String path, String roleID, int permissions) throws DBException {
Access access = utils.readAccess(path);
Role role = utils.readRole(roleID);
int oldPermissions = access.getPermissions(role);
access.setPermissions(role, oldPermissions & ~permissions);
utils.storeAccess(access);
}
}