001 package org.mycore.services.acl;
002
003 import java.util.Date;
004 import java.util.Iterator;
005 import java.util.List;
006 import java.util.Map;
007
008 import org.apache.log4j.Logger;
009 import org.hibernate.Criteria;
010 import org.hibernate.Query;
011 import org.hibernate.Session;
012 import org.hibernate.criterion.Order;
013 import org.hibernate.criterion.Restrictions;
014 import org.mycore.access.mcrimpl.MCRAccessControlSystem;
015 import org.mycore.access.mcrimpl.MCRAccessRule;
016 import org.mycore.access.mcrimpl.MCRAccessStore;
017 import org.mycore.access.mcrimpl.MCRRuleMapping;
018 import org.mycore.access.mcrimpl.MCRRuleStore;
019 import org.mycore.backend.hibernate.MCRHIBConnection;
020 import org.mycore.backend.hibernate.tables.MCRACCESS;
021 import org.mycore.backend.hibernate.tables.MCRACCESSRULE;
022 import org.mycore.common.MCRCache;
023 import org.mycore.common.MCRException;
024 import org.mycore.common.MCRSessionMgr;
025
026 public class MCRACLHIBAccess {
027 String uid = MCRSessionMgr.getCurrentSession().getCurrentUserID();
028
029 private static Logger LOGGER = Logger.getLogger(MCRACLHIBAccess.class);
030
031 public List getAccess() {
032 return MCRHIBConnection.instance().getSession().createCriteria(MCRACCESS.class).list();
033 }
034
035 public List getAccessPermission(String objidFilter, String acpoolFilter) {
036 return getAccessPermission(objidFilter, acpoolFilter, null);
037 }
038
039 public List getAccessPermission(String objidFilter, String acpoolFilter, String ridFilter) {
040 Criteria query = MCRHIBConnection.instance().getSession().createCriteria(MCRACCESS.class);
041
042 if (objidFilter != null && !objidFilter.equals("")) {
043 LOGGER.info("OBJID Filter: " + objidFilter + "\t" + objidFilter.replaceAll("\\*", "%"));
044 query = query.add(Restrictions.like("key.objid", objidFilter.replaceAll("\\*", "%")));
045 }
046
047 if (acpoolFilter != null && !acpoolFilter.equals("")) {
048 LOGGER.info("ACPOOL Filter: " + acpoolFilter + "\t" + acpoolFilter.replaceAll("\\*", "%"));
049 query = query.add(Restrictions.like("key.acpool", acpoolFilter.replaceAll("\\*", "%")));
050 }
051
052 if (ridFilter != null && !ridFilter.equals("")) {
053 LOGGER.info("RID Filter: " + ridFilter);
054 query = query.add(Restrictions.like("rule.rid", ridFilter.replaceAll("\\*", "%")));
055 }
056
057 query.addOrder(Order.asc("key.objid"));
058 query.addOrder(Order.asc("key.acpool"));
059
060 return query.list();
061 }
062
063 public List getAccessRule() {
064 Criteria query = MCRHIBConnection.instance().getSession().createCriteria(MCRACCESSRULE.class);
065 List list = query.list();
066
067 return list;
068 }
069
070 public void savePermChanges(Map diffMap) {
071 MCRAccessStore accessStore = MCRAccessStore.getInstance();
072
073 List updateList = (List) diffMap.get("update");
074 List saveList = (List) diffMap.get("save");
075 List deleteList = (List) diffMap.get("delete");
076
077 if (updateList != null) {
078 for (Iterator it = updateList.iterator(); it.hasNext();) {
079 MCRRuleMapping accDef = (MCRRuleMapping) it.next();
080
081 String rid = accDef.getRuleId();
082 if (rid == null || rid.trim().length() <= 0){
083 throw new MCRException("The rule ID should not be null, empty or just spaces");
084 }
085
086 String acpool = accDef.getPool();
087 if (acpool == null || acpool.trim().length() <= 0){
088 throw new MCRException("The AcPool ID should not be null, empty or just spaces");
089 }
090
091 String objid = accDef.getObjId();
092 if (objid == null || objid.trim().length() <= 0){
093 throw new MCRException("The object ID should not be null, empty or just spaces");
094 }
095
096 accessStore.updateAccessDefinition(accDef);
097 }
098 }
099
100 if (saveList != null) {
101 for (Iterator it = saveList.iterator(); it.hasNext();) {
102 MCRRuleMapping next = (MCRRuleMapping) it.next();
103 accessStore.createAccessDefinition(next);
104 }
105 }
106
107 if (deleteList != null) {
108 for (Iterator it = deleteList.iterator(); it.hasNext();) {
109 accessStore.deleteAccessDefinition((MCRRuleMapping) it.next());
110 }
111 }
112 }
113
114 public void saveRuleChanges(Map diffMap) {
115 MCRRuleStore ruleStore = MCRRuleStore.getInstance();
116 MCRCache cache = MCRAccessControlSystem.getCache();
117
118 List updateList = (List) diffMap.get("update");
119 List saveList = (List) diffMap.get("save");
120 List deleteList = (List) diffMap.get("delete");
121
122 if (updateList != null)
123 for (Iterator it = updateList.iterator(); it.hasNext();) {
124 MCRACCESSRULE rule = (MCRACCESSRULE) it.next();
125 String rid = rule.getRid();
126 String ruleString = rule.getRule();
127 String desc = rule.getDescription();
128 StringBuffer debugMSG = new StringBuffer("Update: ");
129 debugMSG.append(rid).append(" - ");
130 debugMSG.append(ruleString).append(" - ");
131 debugMSG.append(desc);
132
133 LOGGER.debug(debugMSG.toString());
134 MCRAccessRule accessRule = new MCRAccessRule(rid, uid, new Date(), ruleString, desc);
135 ruleStore.updateRule(accessRule);
136 cache.put(rid, accessRule);
137 }
138
139 if (saveList != null)
140 for (Iterator it = saveList.iterator(); it.hasNext();) {
141 MCRACCESSRULE rule = (MCRACCESSRULE) it.next();
142 String rid = rule.getRid();
143 String ruleString = rule.getRule();
144 String desc = rule.getDescription();
145 MCRAccessRule accessRule = new MCRAccessRule(rid, uid, new Date(), ruleString, desc);
146
147 ruleStore.createRule(accessRule);
148 cache.put(rid, accessRule); // upadte cache
149 }
150
151 if (deleteList != null)
152 for (Iterator it = deleteList.iterator(); it.hasNext();) {
153 String rid = (String) it.next();
154
155 if (ruleIsInUse(rid).isEmpty()) {
156 ruleStore.deleteRule(rid);
157 cache.remove(rid);
158 LOGGER.debug("Rule " + rid + " deleted!");
159 } else {
160 LOGGER.debug("Rule " + rid + " is in use, don't deleted!");
161 }
162 }
163
164 }
165
166 public List ruleIsInUse(String ruleid) {
167 Session session = MCRHIBConnection.instance().getSession();
168 Query query = session.createQuery("from MCRACCESS as accdef where accdef.rule.rid = '" + ruleid + "'");
169 return query.list();
170 }
171 }