1
package com.eucalyptus.auth;
3
import java.security.Principal;
4
import java.util.Enumeration;
6
import org.apache.log4j.Logger;
7
import com.eucalyptus.auth.principal.Authorization;
8
import com.eucalyptus.auth.principal.BaseAuthorization;
9
import com.eucalyptus.auth.principal.Group;
10
import com.eucalyptus.auth.principal.User;
11
import com.eucalyptus.entities.EntityWrapper;
12
import com.eucalyptus.records.EventClass;
13
import com.eucalyptus.records.EventRecord;
14
import com.eucalyptus.records.EventType;
15
import com.eucalyptus.util.EucalyptusCloudException;
16
import com.eucalyptus.util.FinalReturn;
17
import com.eucalyptus.util.TransactionException;
18
import com.eucalyptus.util.Transactions;
19
import com.eucalyptus.util.Tx;
20
import com.google.common.collect.ImmutableList;
21
import com.google.common.collect.Iterators;
22
import com.google.common.collect.Lists;
24
public class DatabaseWrappedGroup implements Group {
25
private static Logger LOG = Logger.getLogger( DatabaseWrappedGroup.class );
27
public static Group newInstance( Group g ) {
28
if( Groups.NAME_ALL.equals( g.getName( ) ) ) {
29
return new AllGroup( g );
31
return new DatabaseWrappedGroup( g );
35
private GroupEntity searchGroup;
38
protected DatabaseWrappedGroup( Group group ) {
39
this.searchGroup = new GroupEntity( group.getName( ) );
44
public boolean addMember( Principal principal ) {
45
EntityWrapper<UserEntity> db = Authentication.getEntityWrapper( );
47
UserEntity user = db.getUnique( new UserEntity( principal.getName( ) ) );
48
GroupEntity g = db.recast( GroupEntity.class ).getUnique( this.searchGroup );
49
if ( !g.isMember( user ) ) {
52
EventRecord.here( Groups.class, EventClass.GROUP, EventType.GROUP_MEMBER_ADDED, this.getName( ), user.getName( ) ).info();
58
} catch ( EucalyptusCloudException e ) {
66
public boolean isMember( Principal member ) {
67
EntityWrapper<UserEntity> db = Authentication.getEntityWrapper( );
69
boolean ret = this.group.isMember( db.getUnique( new UserEntity( member.getName( ) ) ) );
72
} catch ( EucalyptusCloudException e ) {
80
public Enumeration<? extends Principal> members( ) {
81
final List<User> userList = Lists.newArrayList( );
83
Transactions.one( this.searchGroup, new Tx<GroupEntity>( ) {
85
public void fire( GroupEntity t ) throws Throwable {
86
for( User user : t.getMembers( ) ) {
88
userList.add( Users.lookupUser( user.getName( ) ) );
89
} catch ( NoSuchUserException e ) {
95
} catch ( TransactionException e1 ) {
98
return Iterators.asEnumeration( userList.iterator( ) );
102
public boolean removeMember( Principal user ) {
103
EntityWrapper<UserEntity> db = Authentication.getEntityWrapper( );
105
UserEntity userInfo = db.getUnique( new UserEntity( user.getName( ) ) );
106
GroupEntity g = db.recast( GroupEntity.class ).getUnique( this.searchGroup );
107
if ( g.isMember( userInfo ) ) {
108
g.removeMember( userInfo );
110
EventRecord.here( Groups.class, EventClass.GROUP, EventType.GROUP_MEMBER_REMOVED, this.getName( ), userInfo.getName( ) ).info();
116
} catch ( EucalyptusCloudException e ) {
124
public String getName( ) {
125
return this.group.getName( );
129
public boolean equals( Object o ) {
130
if ( this == o ) return true;
131
if ( o instanceof GroupEntity ) {
132
GroupEntity that = ( GroupEntity ) o;
133
return this.group.equals( that );
134
} else if ( o instanceof DatabaseWrappedGroup ) {
135
DatabaseWrappedGroup that = ( DatabaseWrappedGroup ) o;
136
return this.group.equals( that.group );
143
public boolean addAuthorization( final Authorization authorization ) {
144
if ( authorization instanceof BaseAuthorization ) {
145
BaseAuthorization auth = ( BaseAuthorization ) authorization;
146
EntityWrapper<BaseAuthorization> db = EntityWrapper.get( BaseAuthorization.class );
150
GroupEntity g = db.recast( GroupEntity.class ).getUnique( searchGroup );
151
ret = g.addAuthorization( auth );
152
db.recast( GroupEntity.class ).merge( g );
155
EventRecord.here( Groups.class, EventClass.GROUP, EventType.GROUP_AUTH_GRANTED, this.getName( ), auth.getDisplayName( ), auth.getValue( ) ).info();
156
} catch ( Throwable e ) {
163
throw new RuntimeException( "Authorizations must extend from BaseAuthorization, passed: " + authorization.getClass( ).getCanonicalName( ) );
168
public ImmutableList<Authorization> getAuthorizations( ) {
169
final List<Authorization> auths = Lists.newArrayList( );
171
Transactions.one( this.searchGroup, new Tx<GroupEntity>( ) {
173
public void fire( GroupEntity t ) throws Throwable {
174
for( Authorization a : t.getAuthorizations( ) ) {
179
} catch ( TransactionException e ) {
182
return ImmutableList.copyOf( auths );
186
public ImmutableList<User> getMembers( ) {
187
final List<User> users = Lists.newArrayList( );
189
Transactions.one( this.searchGroup, new Tx<GroupEntity>( ) {
191
public void fire( GroupEntity t ) throws Throwable {
192
users.addAll( t.getMembers( ) );
195
} catch ( TransactionException e ) {
198
return ImmutableList.copyOf( users );
202
public boolean removeAuthorization( final Authorization auth ) {
203
final FinalReturn<Boolean> ret = FinalReturn.newInstance( );
205
Transactions.one( this.searchGroup, new Tx<GroupEntity>( ) {
207
public void fire( GroupEntity t ) throws Throwable {
208
ret.set( t.removeAuthorization( auth ) );
209
EventRecord.here( Groups.class, EventClass.GROUP, EventType.GROUP_AUTH_REVOKED, t.getName( ), auth.getDisplayName( ), auth.getValue( ) ).info();
212
} catch ( TransactionException e ) {