core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/RoleDataBinderImpl.java - syncope - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.syncope.core.provisioning.java.data;

 import java.util.stream.Collectors;
 import org.apache.syncope.common.lib.SyncopeClientException;
 import org.apache.syncope.common.lib.to.RoleTO;
 import org.apache.syncope.common.lib.types.ClientExceptionType;
 import org.apache.syncope.core.persistence.api.dao.ApplicationDAO;
 import org.apache.syncope.core.persistence.api.dao.DynRealmDAO;
 import org.apache.syncope.core.persistence.api.search.SearchCondConverter;
 import org.apache.syncope.core.persistence.api.dao.RealmDAO;
 import org.apache.syncope.core.persistence.api.dao.RoleDAO;
 import org.apache.syncope.core.persistence.api.dao.search.SearchCond;
 import org.apache.syncope.core.persistence.api.entity.DynRealm;
 import org.apache.syncope.core.persistence.api.entity.Entity;
 import org.apache.syncope.core.persistence.api.entity.EntityFactory;
 import org.apache.syncope.core.persistence.api.entity.Privilege;
 import org.apache.syncope.core.persistence.api.entity.Realm;
 import org.apache.syncope.core.persistence.api.entity.Role;
 import org.apache.syncope.core.persistence.api.entity.user.DynRoleMembership;
 import org.apache.syncope.core.persistence.api.search.SearchCondVisitor;
 import org.apache.syncope.core.provisioning.api.data.RoleDataBinder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 public class RoleDataBinderImpl implements RoleDataBinder {

     protected static final Logger LOG = LoggerFactory.getLogger(RoleDataBinder.class);

     protected final RealmDAO realmDAO;

     protected final DynRealmDAO dynRealmDAO;

     protected final RoleDAO roleDAO;

     protected final ApplicationDAO applicationDAO;

     protected final EntityFactory entityFactory;

     protected final SearchCondVisitor searchCondVisitor;

     public RoleDataBinderImpl(
             final RealmDAO realmDAO,
             final DynRealmDAO dynRealmDAO,
             final RoleDAO roleDAO,
             final ApplicationDAO applicationDAO,
             final EntityFactory entityFactory,
             final SearchCondVisitor searchCondVisitor) {

         this.realmDAO = realmDAO;
         this.dynRealmDAO = dynRealmDAO;
         this.roleDAO = roleDAO;
         this.applicationDAO = applicationDAO;
         this.entityFactory = entityFactory;
         this.searchCondVisitor = searchCondVisitor;
     }

     protected void setDynMembership(final Role role, final String dynMembershipFIQL) {
         SearchCond dynMembershipCond = SearchCondConverter.convert(searchCondVisitor, dynMembershipFIQL);
         if (!dynMembershipCond.isValid()) {
             SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidSearchExpression);
             sce.getElements().add(dynMembershipFIQL);
             throw sce;
         }

         DynRoleMembership dynMembership;
         if (role.getDynMembership() == null) {
             dynMembership = entityFactory.newEntity(DynRoleMembership.class);
             dynMembership.setRole(role);
             role.setDynMembership(dynMembership);
         } else {
             dynMembership = role.getDynMembership();
         }
         dynMembership.setFIQLCond(dynMembershipFIQL);
     }

     @Override
     public Role create(final RoleTO roleTO) {
         return update(entityFactory.newEntity(Role.class), roleTO);
     }

     @Override
     public Role update(final Role toBeUpdated, final RoleTO roleTO) {
         toBeUpdated.setKey(roleTO.getKey());
         Role role = roleDAO.save(toBeUpdated);

         role.getEntitlements().clear();
         role.getEntitlements().addAll(roleTO.getEntitlements());

         role.getRealms().clear();
         for (String realmFullPath : roleTO.getRealms()) {
             Realm realm = realmDAO.findByFullPath(realmFullPath);
             if (realm == null) {
                 LOG.debug("Invalid realm full path {}, ignoring", realmFullPath);
             } else {
                 role.add(realm);
             }
         }

         role.getDynRealms().clear();
         for (String key : roleTO.getDynRealms()) {
             DynRealm dynRealm = dynRealmDAO.find(key);
             if (dynRealm == null) {
                 LOG.debug("Invalid dynamic ream {}, ignoring", key);
             } else {
                 role.add(dynRealm);
             }
         }

         role = roleDAO.save(role);

         // dynamic membership
         roleDAO.clearDynMembers(role);
         if (role.getKey() == null && roleTO.getDynMembershipCond() != null) {
             setDynMembership(role, roleTO.getDynMembershipCond());
         } else if (role.getDynMembership() != null && roleTO.getDynMembershipCond() == null) {
             role.setDynMembership(null);
         } else if (role.getDynMembership() == null && roleTO.getDynMembershipCond() != null) {
             setDynMembership(role, roleTO.getDynMembershipCond());
         } else if (role.getDynMembership() != null && roleTO.getDynMembershipCond() != null
                 && !role.getDynMembership().getFIQLCond().equals(roleTO.getDynMembershipCond())) {

             setDynMembership(role, roleTO.getDynMembershipCond());
         }

         role.getPrivileges().clear();
         for (String key : roleTO.getPrivileges()) {
             Privilege privilege = applicationDAO.findPrivilege(key);
             if (privilege == null) {
                 LOG.debug("Invalid privilege {}, ignoring", key);
             } else {
                 role.add(privilege);
             }
         }

         return roleDAO.saveAndRefreshDynMemberships(role);
     }

     @Override
     public RoleTO getRoleTO(final Role role) {
         RoleTO roleTO = new RoleTO();

         roleTO.setKey(role.getKey());
         roleTO.getEntitlements().addAll(role.getEntitlements());

         roleTO.getRealms().addAll(role.getRealms().stream().
                 map(Realm::getFullPath).collect(Collectors.toList()));

         roleTO.getDynRealms().addAll(role.getDynRealms().stream().
                 map(Entity::getKey).collect(Collectors.toList()));

         if (role.getDynMembership() != null) {
             roleTO.setDynMembershipCond(role.getDynMembership().getFIQLCond());
         }

         roleTO.getPrivileges().addAll(role.getPrivileges().stream().
                 map(Entity::getKey).collect(Collectors.toList()));

         return roleTO;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.syncope.core.provisioning.java.data;

	import java.util.stream.Collectors;
	import org.apache.syncope.common.lib.SyncopeClientException;
	import org.apache.syncope.common.lib.to.RoleTO;
	import org.apache.syncope.common.lib.types.ClientExceptionType;
	import org.apache.syncope.core.persistence.api.dao.ApplicationDAO;
	import org.apache.syncope.core.persistence.api.dao.DynRealmDAO;
	import org.apache.syncope.core.persistence.api.search.SearchCondConverter;
	import org.apache.syncope.core.persistence.api.dao.RealmDAO;
	import org.apache.syncope.core.persistence.api.dao.RoleDAO;
	import org.apache.syncope.core.persistence.api.dao.search.SearchCond;
	import org.apache.syncope.core.persistence.api.entity.DynRealm;
	import org.apache.syncope.core.persistence.api.entity.Entity;
	import org.apache.syncope.core.persistence.api.entity.EntityFactory;
	import org.apache.syncope.core.persistence.api.entity.Privilege;
	import org.apache.syncope.core.persistence.api.entity.Realm;
	import org.apache.syncope.core.persistence.api.entity.Role;
	import org.apache.syncope.core.persistence.api.entity.user.DynRoleMembership;
	import org.apache.syncope.core.persistence.api.search.SearchCondVisitor;
	import org.apache.syncope.core.provisioning.api.data.RoleDataBinder;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	public class RoleDataBinderImpl implements RoleDataBinder {

	protected static final Logger LOG = LoggerFactory.getLogger(RoleDataBinder.class);

	protected final RealmDAO realmDAO;

	protected final DynRealmDAO dynRealmDAO;

	protected final RoleDAO roleDAO;

	protected final ApplicationDAO applicationDAO;

	protected final EntityFactory entityFactory;

	protected final SearchCondVisitor searchCondVisitor;

	public RoleDataBinderImpl(
	final RealmDAO realmDAO,
	final DynRealmDAO dynRealmDAO,
	final RoleDAO roleDAO,
	final ApplicationDAO applicationDAO,
	final EntityFactory entityFactory,
	final SearchCondVisitor searchCondVisitor) {

	this.realmDAO = realmDAO;
	this.dynRealmDAO = dynRealmDAO;
	this.roleDAO = roleDAO;
	this.applicationDAO = applicationDAO;
	this.entityFactory = entityFactory;
	this.searchCondVisitor = searchCondVisitor;
	}

	protected void setDynMembership(final Role role, final String dynMembershipFIQL) {
	SearchCond dynMembershipCond = SearchCondConverter.convert(searchCondVisitor, dynMembershipFIQL);
	if (!dynMembershipCond.isValid()) {
	SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidSearchExpression);
	sce.getElements().add(dynMembershipFIQL);
	throw sce;
	}

	DynRoleMembership dynMembership;
	if (role.getDynMembership() == null) {
	dynMembership = entityFactory.newEntity(DynRoleMembership.class);
	dynMembership.setRole(role);
	role.setDynMembership(dynMembership);
	} else {
	dynMembership = role.getDynMembership();
	}
	dynMembership.setFIQLCond(dynMembershipFIQL);
	}

	@Override
	public Role create(final RoleTO roleTO) {
	return update(entityFactory.newEntity(Role.class), roleTO);
	}

	@Override
	public Role update(final Role toBeUpdated, final RoleTO roleTO) {
	toBeUpdated.setKey(roleTO.getKey());
	Role role = roleDAO.save(toBeUpdated);

	role.getEntitlements().clear();
	role.getEntitlements().addAll(roleTO.getEntitlements());

	role.getRealms().clear();
	for (String realmFullPath : roleTO.getRealms()) {
	Realm realm = realmDAO.findByFullPath(realmFullPath);
	if (realm == null) {
	LOG.debug("Invalid realm full path {}, ignoring", realmFullPath);
	} else {
	role.add(realm);
	}
	}

	role.getDynRealms().clear();
	for (String key : roleTO.getDynRealms()) {
	DynRealm dynRealm = dynRealmDAO.find(key);
	if (dynRealm == null) {
	LOG.debug("Invalid dynamic ream {}, ignoring", key);
	} else {
	role.add(dynRealm);
	}
	}

	role = roleDAO.save(role);

	// dynamic membership
	roleDAO.clearDynMembers(role);
	if (role.getKey() == null && roleTO.getDynMembershipCond() != null) {
	setDynMembership(role, roleTO.getDynMembershipCond());
	} else if (role.getDynMembership() != null && roleTO.getDynMembershipCond() == null) {
	role.setDynMembership(null);
	} else if (role.getDynMembership() == null && roleTO.getDynMembershipCond() != null) {
	setDynMembership(role, roleTO.getDynMembershipCond());
	} else if (role.getDynMembership() != null && roleTO.getDynMembershipCond() != null
	&& !role.getDynMembership().getFIQLCond().equals(roleTO.getDynMembershipCond())) {

	setDynMembership(role, roleTO.getDynMembershipCond());
	}

	role.getPrivileges().clear();
	for (String key : roleTO.getPrivileges()) {
	Privilege privilege = applicationDAO.findPrivilege(key);
	if (privilege == null) {
	LOG.debug("Invalid privilege {}, ignoring", key);
	} else {
	role.add(privilege);
	}
	}

	return roleDAO.saveAndRefreshDynMemberships(role);
	}

	@Override
	public RoleTO getRoleTO(final Role role) {
	RoleTO roleTO = new RoleTO();

	roleTO.setKey(role.getKey());
	roleTO.getEntitlements().addAll(role.getEntitlements());

	roleTO.getRealms().addAll(role.getRealms().stream().
	map(Realm::getFullPath).collect(Collectors.toList()));

	roleTO.getDynRealms().addAll(role.getDynRealms().stream().
	map(Entity::getKey).collect(Collectors.toList()));

	if (role.getDynMembership() != null) {
	roleTO.setDynMembershipCond(role.getDynMembership().getFIQLCond());
	}

	roleTO.getPrivileges().addAll(role.getPrivileges().stream().
	map(Entity::getKey).collect(Collectors.toList()));

	return roleTO;
	}
	}