PermGroup xref

View Javadoc

1   /* ====================================================================
2    * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
3    *
4    * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
5    *
6    * Redistribution and use in source and binary forms, with or without
7    * modification, are permitted provided that the following conditions
8    * are met:
9    *
10   * 1. Redistributions of source code must retain the above copyright
11   *    notice, this list of conditions and the following disclaimer.
12   *
13   * 2. Redistributions in binary form must reproduce the above copyright
14   *    notice, this list of conditions and the following disclaimer in
15   *    the documentation and/or other materials provided with the
16   *    distribution.
17   *
18   * 3. The end-user documentation included with the redistribution,
19   *    if any, must include the following acknowledgment:
20   *       "This product includes software developed by Jcorporate Ltd.
21   *        (http://www.jcorporate.com/)."
22   *    Alternately, this acknowledgment may appear in the software itself,
23   *    if and wherever such third-party acknowledgments normally appear.
24   *
25   * 4. "Jcorporate" and product names such as "Expresso" must
26   *    not be used to endorse or promote products derived from this
27   *    software without prior written permission. For written permission,
28   *    please contact info@jcorporate.com.
29   *
30   * 5. Products derived from this software may not be called "Expresso",
31   *    or other Jcorporate product names; nor may "Expresso" or other
32   *    Jcorporate product names appear in their name, without prior
33   *    written permission of Jcorporate Ltd.
34   *
35   * 6. No product derived from this software may compete in the same
36   *    market space, i.e. framework, without prior written permission
37   *    of Jcorporate Ltd. For written permission, please contact
38   *    partners@jcorporate.com.
39   *
40   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
41   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
42   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
43   * DISCLAIMED.  IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
44   * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
45   * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
46   * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
47   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
48   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
49   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
50   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51   * SUCH DAMAGE.
52   * ====================================================================
53   *
54   * This software consists of voluntary contributions made by many
55   * individuals on behalf of the Jcorporate Ltd. Contributions back
56   * to the project(s) are encouraged when you make modifications.
57   * Please send them to support@jcorporate.com. For more information
58   * on Jcorporate Ltd. and its products, please see
59   * <http://www.jcorporate.com/>.
60   *
61   * Portions of this software are based upon other open source
62   * products and are subject to their respective licenses.
63   */
64  
65  package com.sri.common.util;
66  
67  import com.jcorporate.expresso.core.cache.CacheManager;
68  import com.jcorporate.expresso.core.controller.ControllerRequest;
69  import com.jcorporate.expresso.core.controller.DBController;
70  import com.jcorporate.expresso.core.controller.Transition;
71  import com.jcorporate.expresso.core.db.DBConnection;
72  import com.jcorporate.expresso.core.db.DBException;
73  import com.jcorporate.expresso.core.dbobj.RowSecuredDBObject;
74  import com.jcorporate.expresso.core.dbobj.SecuredDBObject;
75  import com.jcorporate.expresso.core.security.SuperUser;
76  import com.jcorporate.expresso.services.dbobj.ControllerSecurity;
77  import com.jcorporate.expresso.services.dbobj.DBObjSecurity;
78  import com.jcorporate.expresso.services.dbobj.GroupMembers;
79  import com.jcorporate.expresso.services.dbobj.GroupNest;
80  import com.jcorporate.expresso.services.dbobj.JobSecurity;
81  import com.jcorporate.expresso.services.dbobj.RowGroupPerms;
82  import com.jcorporate.expresso.services.dbobj.RowPermissions;
83  import com.jcorporate.expresso.services.dbobj.UserGroup;
84  import com.sri.emo.controller.PermissionController;
85  import com.sri.emo.dbobj.IViewable;
86  
87  import java.util.Iterator;
88  import java.util.Vector;
89  
90  /***
91   * Version of UserGroup which has RowSecuredDBObject as superclass.
92   * Group is a grouping of a number of users for security purposes.
93   * UserGroups are equivalent to 'roles' in other terminology.
94   *
95   * @author Larry Hamel
96   * @see UserGroup
97   */
98  public class PermGroup extends RowSecuredDBObject implements IViewable {
99  
100     /***
101 	 * 
102 	 */
103 	private static final long serialVersionUID = 1L;
104 	public static final String GROUP_NAME_FIELD = "GroupName";
105     public static final String GROUP_DESCRIPTION = "Descrip";
106     public static final int GROUP_NAME_MAX_LEN = 10;
107     public static final int GROUP_DESCRIP_MAX_LEN = 80;
108 
109     /***
110      * Used as default group for all
111      * users who register and their reg domain has no other group set.
112      *
113      * @see com.jcorporate.expresso.services.controller.SimpleRegistration
114      */
115     public static final String ALL_USERS_GROUP = "Everybody";
116     public static final String DEMO_GROUP = "Demo";
117 
118     /***
119      * Groups created as part of DBTool.setupSecurity bootstrap.
120      */
121     public static final String UNKNOWN_USERS_GROUP = "Nobody";
122     public static final String NOT_REG_USERS_GROUP = "NotReg";
123     public static final String ADMIN_GROUP = "Admin";
124 
125 
126     /***
127      * Construct object with superuser privileges.
128      *
129      * @throws DBException upon construction error
130      * @see com.jcorporate.expresso.core.dbobj.SecuredDBObject
131      */
132     public PermGroup() throws DBException {
133     } /* PermGroup() */
134 
135     /***
136      * For using DBObjects within Controllers.  Initializes based upon the current
137      * user and the requested db. [Of course this can be modified later].
138      *
139      * @param request - The controller request handed to you by the framework.
140      * @throws DBException upon construction error
141      */
142     public PermGroup(final ControllerRequest request) throws DBException {
143         super(request);
144     }
145 
146     /***
147      * Constructor for db transactions; object will have superuser privileges unless you separately call setRequestingUid().
148      *
149      * @param localConnection the connection which should be used, typically because of an ongoing transaction
150      * @throws DBException upon construction error
151      */
152     public PermGroup(final DBConnection localConnection) throws DBException {
153         if (localConnection != null) {
154             setConnection(localConnection);
155         }
156     }
157 
158     /***
159      * Check referential integrity of objects referring to this object.
160      *
161      * @throws com.jcorporate.expresso.core.db.DBException
162      *          If the integrity cannot be verified
163      */
164     protected void checkAllReferredToBy()
165             throws DBException {
166         referredToBy(new DBObjSecurity(SuperUser.INSTANCE),
167                 GROUP_NAME_FIELD,
168                 "This Group (" + getField(GROUP_NAME_FIELD) +
169                         ") is in use by a Database Object security entry");
170         referredToBy(new ControllerSecurity(SuperUser.INSTANCE),
171                 GROUP_NAME_FIELD,
172                 "This Group (" + getField(GROUP_NAME_FIELD) +
173                         ") is in use by a Controller security entry");
174         referredToBy(new JobSecurity(SuperUser.INSTANCE),
175                 GROUP_NAME_FIELD,
176                 "This Group (" + getField(GROUP_NAME_FIELD) +
177                         ") is in use by a Job security entry");
178         referredToBy(new GroupMembers(SuperUser.INSTANCE),
179                 GROUP_NAME_FIELD,
180                 "This Group (" + getField(GROUP_NAME_FIELD) +
181                         ") still has members ");
182         referredToBy(new GroupNest(SuperUser.INSTANCE),
183                 GroupNest.FLD_GROUPNAME,
184                 "This Group (" + getField(GROUP_NAME_FIELD) +
185                         ") is in use by a Group Member Nesting entry");
186         referredToBy(new GroupNest(SuperUser.INSTANCE),
187                 GroupNest.FLD_MEMBEROF,
188                 "This Group (" + getField(GROUP_NAME_FIELD) +
189                         ") is in use by a Group Member Nesting entry");
190     } /* checkAllReferredToBy() */
191 
192 
193     /***
194      * Extend the super.delete() method to first delete the GroupMembers
195      * elements that refer to the group being deleted
196      *
197      * @throws DBException upon delete error.
198      */
199     public void delete()
200             throws DBException {
201         GroupMembers groupMList = new GroupMembers(SuperUser.INSTANCE);
202         groupMList.setDataContext(getDataContext());
203         groupMList.setField(GROUP_NAME_FIELD, getField(GROUP_NAME_FIELD));
204 
205         GroupMembers groupM = null;
206 
207         for (Iterator e = groupMList.searchAndRetrieveList().iterator();
208              e.hasNext();) {
209             groupM = (GroupMembers) e.next();
210             groupM.delete();
211         }
212 
213         super.delete();
214     } /* delete() */
215 
216 
217     /***
218      * @throws DBException upon setup error.
219      * @see com.jcorporate.expresso.core.dbobj.SecuredDBObject
220      */
221     protected synchronized void setupFields()
222             throws DBException {
223         setTargetTable("USERROLES");
224         setDescription("PermGroup");
225         setCharset("ISO-8859-1");
226         addField(GROUP_NAME_FIELD, "char", GROUP_NAME_MAX_LEN, false, "groupName");
227         addField(GROUP_DESCRIPTION, "varchar", GROUP_DESCRIP_MAX_LEN, true, "groupDescrip");
228         addField("LoginEvent", "char", 30, true, "loginEvent");
229         setStringFilter(GROUP_NAME_FIELD, "stripFilter");
230         setStringFilter("LoginEvent", "stripFilter");
231         setStringFilter(GROUP_DESCRIPTION, "standardFilter");
232         addKey(GROUP_NAME_FIELD);
233         setLookupObject("LoginEvent",
234                 com.jcorporate.expresso.services.dbobj.Event.class.getName());
235         addDetail("com.jcorporate.expresso.services.dbobj.GroupMembers",
236                 GROUP_NAME_FIELD, GROUP_NAME_FIELD);
237 
238 
239         CacheManager.addListener(SecuredDBObject.CACHE_NAME, PermGroup.class.getName());
240         /***
241          * @todo Latest CVS of Expresso made this constant public
242          */
243         CacheManager.addListener(DBController.class + "securityCache", PermGroup.class.getName());
244 
245     } /* setupFields() */
246 
247 
248     /***
249      * Gets the valid values, specifically it returns a map of GroupNames
250      * to GroupDescriptions
251      *
252      * @return a vector of valid values.
253      * @throws DBException upon database access error.
254      */
255     public Vector getValues()
256             throws DBException {
257         return getValuesDefault(GROUP_NAME_FIELD, GROUP_DESCRIPTION);
258     } /* getValues() */
259 
260     /***
261      * convenience method
262      *
263      * @return name of group
264      * @throws com.jcorporate.expresso.core.db.DBException
265      *          upon error
266      */
267     public String getGroupName() throws DBException {
268         return getField(GROUP_NAME_FIELD);
269     }
270 
271     /***
272      * convenience method
273      *
274      * @param groupName the new gropu name
275      * @throws com.jcorporate.expresso.core.db.DBException
276      *          upon error
277      */
278     public void setGroupName(final String groupName) throws DBException {
279         setField(GROUP_NAME_FIELD, groupName);
280     }
281 
282     /***
283      * @param groupname the new group name
284      * @return group for this name, or null if not found; uses "default" dbcontext
285      * @throws com.jcorporate.expresso.core.db.DBException
286      *          upon error
287      */
288     public static PermGroup getGroup(final String groupname) throws DBException {
289         PermGroup result = null;
290         if (groupname != null && groupname.length() > 0) {
291             PermGroup oneGroup = new PermGroup();
292             oneGroup.setDBName(DBConnection.DEFAULT_DB_CONTEXT_NAME);
293             oneGroup.setGroupName(groupname);
294             if (oneGroup.find()) {
295                 result = oneGroup;
296             }
297         }
298 
299         return result;
300     }
301 
302     /***
303      * convenience method
304      *
305      * @return java.lang.String the group description
306      * @throws com.jcorporate.expresso.core.db.DBException
307      *          upon error
308      */
309     public String getGroupDescription() throws DBException {
310         return getField(GROUP_DESCRIPTION);
311     }
312 
313 ////////////////////////////////////////////////////////////////////////////////////////
314 ////////////////////////////////////////////////////////////////////////////////////////
315 ////////////////////////////////////////////////////////////////////////////////////////
316 ////////////////////////////////////////////////////////////////////////////////////////
317 
318     /***
319      * Provide a transition for viewing this object, suitable for creating an
320      * HTTP link.
321      *
322      * @return transtion for viewing, including label for name of object; never null
323      * @throws DBException upon database access error.
324      */
325     public Transition getViewTrans() throws DBException {
326         Transition result = new Transition("Group: " + getGroupName(), PermissionController.class,
327                 PermissionController.PROMPT_EDIT_GROUP);
328         result.addParam(UserGroup.GROUP_NAME_FIELD, getGroupName());
329         return result;
330     }
331 
332     /***
333      * Add rowsecured privileges for built-in groups.
334      *
335      * @throws DBException upon population error.
336      */
337     public synchronized void populateDefaultValues()
338             throws DBException {
339 
340         // add rowsecured privileges for built-in groups
341         PermGroup gp = new PermGroup();
342         gp.setGroupName(UserGroup.ALL_USERS_GROUP);
343         gp.retrieve();
344         RowGroupPerms grpperms = new RowGroupPerms(UserGroup.TABLE_NAME, gp.getKey(), UserGroup.ALL_USERS_GROUP);
345         if (!grpperms.find()) {
346             grpperms.permissions(RowPermissions.OWNER_WRITES_GROUP_AND_OTHERS_READ_ONLY_PERMISSIONS);
347             grpperms.add();
348         }
349     } /* populateDefaultValues() */
350 
351 } /* PermGroup */