org.glite.security.voms.admin.operations.groups.CreateGroupOperation.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.glite.security.voms.admin.operations.groups.CreateGroupOperation.java

Introduction

Here is the source code for org.glite.security.voms.admin.operations.groups.CreateGroupOperation.java

Source

/**
 * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2006-2016
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.glite.security.voms.admin.operations.groups;

import java.util.Iterator;
import java.util.List;

import org.apache.commons.lang.builder.ToStringBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.glite.security.voms.admin.event.EventManager;
import org.glite.security.voms.admin.event.vo.acl.ACLCreatedEvent;
import org.glite.security.voms.admin.event.vo.group.GroupCreatedEvent;
import org.glite.security.voms.admin.operations.BaseVomsOperation;
import org.glite.security.voms.admin.operations.VOMSContext;
import org.glite.security.voms.admin.operations.VOMSPermission;
import org.glite.security.voms.admin.operations.roles.ListRolesOperation;
import org.glite.security.voms.admin.persistence.HibernateFactory;
import org.glite.security.voms.admin.persistence.dao.VOMSGroupDAO;
import org.glite.security.voms.admin.persistence.model.VOMSGroup;
import org.glite.security.voms.admin.persistence.model.VOMSRole;
import org.glite.security.voms.admin.util.PathNamingScheme;

public class CreateGroupOperation extends BaseVomsOperation {

    private static final Logger log = LoggerFactory.getLogger(CreateGroupOperation.class);

    String groupName;
    String groupDescription;
    Boolean restricted;

    private CreateGroupOperation(String name, String groupDescription, Boolean restricted) {

        this.groupName = name;
        this.groupDescription = groupDescription;
        this.restricted = restricted;

    }

    private CreateGroupOperation(String name) {

        groupName = name;
    }

    private void setupACLs(VOMSGroup g) {

        log.debug("Setting up acls for group '{}'", g);

        // Setup the ACL for the newly created group starting from the
        // parent's default ACL, if exists, or from the parent's ACL.
        if (g.getParent().getDefaultACL() != null)
            g.importACL(g.getParent().getDefaultACL());
        else
            g.importACL(g.getParent().getACL());

        // Create ACLs for existing roles
        List roles = (List) ListRolesOperation.instance().execute();

        Iterator rolesIter = roles.iterator();

        while (rolesIter.hasNext()) {

            VOMSRole r = (VOMSRole) rolesIter.next();
            log.debug("Importing group '{}' acl in role '{}'.", g, r);

            r.importACL(g);
            HibernateFactory.getSession().save(r);

        }

    }

    protected Object doExecute() {

        VOMSGroup g = VOMSGroupDAO.instance().create(groupName, groupDescription, restricted);

        setupACLs(g);

        HibernateFactory.getSession().save(g);

        EventManager.instance().dispatch(new GroupCreatedEvent(g));
        EventManager.instance().dispatch(new ACLCreatedEvent(g.getACL()));

        return g;
    }

    public static CreateGroupOperation instance(String groupName) {

        return new CreateGroupOperation(groupName);
    }

    public static CreateGroupOperation instance(String groupName, String groupDescription, Boolean isRestricted) {

        return new CreateGroupOperation(groupName, groupDescription, isRestricted);
    }

    protected void setupPermissions() {

        String parentGroupName = PathNamingScheme.getParentGroupName(groupName);

        VOMSGroup parentGroup = VOMSGroupDAO.instance().findByName(parentGroupName);

        // Add CONTAINER_READ permissions on the path from the root group to
        // the grandfather of the group that is being created
        addRequiredPermissionsOnPath(parentGroup, VOMSPermission.getContainerReadPermission());

        // Add CONTAINER_WRITE permissions on the parent group of the group that
        // is
        // being created
        addRequiredPermission(VOMSContext.instance(parentGroup), VOMSPermission.getContainerRWPermissions());

        if (!parentGroup.isRootGroup()) {
            addRequiredPermission(VOMSContext.getVoContext(), VOMSPermission.getContainerRWPermissions());
        }

        if (log.isDebugEnabled())
            logRequiredPermissions();
    }

    protected String logArgs() {

        return ToStringBuilder.reflectionToString(this);
    }
}