Google Git
Sign in
apache / syncope / 6ab0ffc43370bbfca8253e5ddb0242c27a752fb5 / . / core / workflow-java / src / main / java / org / apache / syncope / core / workflow / java / AbstractAnyObjectWorkflowAdapter.java
blob: 7bbf66ac7420a290229ceed738fd43796f2fb107 [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.syncope.core.workflow.java;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.apache.syncope.common.lib.request.AnyObjectCR;
import org.apache.syncope.common.lib.request.AnyObjectUR;
import org.apache.syncope.common.lib.types.AnyEntitlement;
import org.apache.syncope.core.persistence.api.dao.AnyObjectDAO;
import org.apache.syncope.core.persistence.api.entity.EntityFactory;
import org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject;
import org.apache.syncope.core.provisioning.api.WorkflowResult;
import org.apache.syncope.core.provisioning.api.data.AnyObjectDataBinder;
import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.apache.syncope.core.workflow.api.AnyObjectWorkflowAdapter;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = { Throwable.class })
public abstract class AbstractAnyObjectWorkflowAdapter
extends AbstractWorkflowAdapter implements AnyObjectWorkflowAdapter {
protected final AnyObjectDataBinder dataBinder;
protected final AnyObjectDAO anyObjectDAO;
protected final EntityFactory entityFactory;
public AbstractAnyObjectWorkflowAdapter(
final AnyObjectDataBinder dataBinder,
final AnyObjectDAO anyObjectDAO,
final EntityFactory entityFactory) {
this.dataBinder = dataBinder;
this.anyObjectDAO = anyObjectDAO;
this.entityFactory = entityFactory;
}
@Override
public String getPrefix() {
return null;
}
protected abstract WorkflowResult<String> doCreate(AnyObjectCR anyObjectCR, String creator, String context);
@Override
public WorkflowResult<String> create(final AnyObjectCR anyObjectCR, final String creator, final String context) {
return doCreate(anyObjectCR, creator, context);
}
protected abstract WorkflowResult<AnyObjectUR> doUpdate(
AnyObject anyObject, AnyObjectUR anyObjectUR, String updater, String context);
@Override
public WorkflowResult<AnyObjectUR> update(
final AnyObjectUR anyObjectUR, final String updater, final String context) {
WorkflowResult<AnyObjectUR> result = doUpdate(
anyObjectDAO.authFind(anyObjectUR.getKey()), anyObjectUR, updater, context);
AnyObject anyObject = anyObjectDAO.find(anyObjectUR.getKey());
// ensure that requester's administration rights are still valid
Set<String> authRealms = new HashSet<>();
authRealms.addAll(AuthContextUtils.getAuthorizations().
getOrDefault(AnyEntitlement.READ.getFor(anyObject.getType().getKey()), Collections.emptySet()));
authRealms.addAll(AuthContextUtils.getAuthorizations().
getOrDefault(AnyEntitlement.UPDATE.getFor(anyObject.getType().getKey()), Collections.emptySet()));
anyObjectDAO.securityChecks(
authRealms,
anyObject.getKey(),
anyObject.getRealm().getFullPath(),
anyObjectDAO.findAllGroupKeys(anyObject));
return result;
}
protected abstract void doDelete(AnyObject anyObject);
@Override
public void delete(final String anyObjectKey) {
doDelete(anyObjectDAO.authFind(anyObjectKey));
}
}