001    //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/security/drm/model/Group.java $
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005       Department of Geography, University of Bonn
006     and
007       lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035    ----------------------------------------------------------------------------*/
036    package org.deegree.security.drm.model;
037    
038    import java.util.HashSet;
039    
040    import org.deegree.security.GeneralSecurityException;
041    import org.deegree.security.drm.SecurityAccess;
042    import org.deegree.security.drm.SecurityRegistry;
043    
044    /**
045     * Implementation of group-objects. <code>Groups</code> s can be members of other
046     * <code>Groups</code> and have associated <code>Role</code>s.
047     *
048     * @author <a href="mailto:mschneider@lat-lon.de">Markus Schneider </a>
049     * @version $Revision: 18195 $
050     */
051    public class Group extends SecurableObject {
052    
053        public final static int ID_SEC_ADMIN = 2;
054    
055        /**
056         * Creates a new <code>Group</code> -instance.
057         *
058         * @param id
059         * @param name
060         * @param title
061         * @param registry
062         */
063        public Group( int id, String name, String title, SecurityRegistry registry ) {
064            this.id = id;
065            this.name = name;
066            this.title = title;
067            this.registry = registry;
068        }
069    
070        /**
071         * Returns the <code>User</code> s that are DIRECT (i.e. not via group membership) members of
072         * this group.
073         *
074         * @param securityAccess
075         * @throws GeneralSecurityException
076         */
077        public User[] getUsers( SecurityAccess securityAccess )
078                                throws GeneralSecurityException {
079            return registry.getUsersInGroup( securityAccess, this );
080        }
081    
082        /**
083         * Returns the <code>Groups</code> s that are DIRECT members (i.e. not via inheritance) of
084         * this group.
085         *
086         * @param securityAccess
087         * @throws GeneralSecurityException
088         */
089        public Group[] getGroups( SecurityAccess securityAccess )
090                                throws GeneralSecurityException {
091            return registry.getGroupsInGroup( securityAccess, this );
092        }
093    
094        /**
095         * Returns <code>Role</code> s that this group is associated with directly.
096         *
097         * @param securityAccess
098         * @throws GeneralSecurityException
099         */
100        public Role[] getRoles( SecurityAccess securityAccess )
101                                throws GeneralSecurityException {
102            return registry.getRolesForGroup( securityAccess, this );
103        }
104    
105        /**
106         * Returns the <code>Privileges</code> that the <code>Group</code> has.
107         *
108         * @param securityAccess
109         * @throws GeneralSecurityException
110         */
111        public Privilege[] getPrivileges( SecurityAccess securityAccess )
112                                throws GeneralSecurityException {
113            Role[] roles = securityAccess.getAllRolesForGroup( this );
114            HashSet<Privilege> privilegeSet = new HashSet<Privilege>();
115    
116            // gather privileges for all associated roles
117            for ( int i = 0; i < roles.length; i++ ) {
118                Privilege[] rolePrivileges = registry.getPrivilegesForRole( securityAccess, roles[i] );
119                for ( int j = 0; j < rolePrivileges.length; j++ ) {
120                    privilegeSet.add( rolePrivileges[j] );
121                }
122            }
123            return privilegeSet.toArray( new Privilege[privilegeSet.size()] );
124        }
125    
126        /**
127         * Returns the rights that this <code>Group</code> has on the given
128         * <code>SecurableObject</code>.
129         *
130         * @param securityAccess
131         */
132        public RightSet getRights( SecurityAccess securityAccess, SecurableObject object )
133                                throws GeneralSecurityException {
134            Role[] roles = securityAccess.getAllRolesForGroup( this );
135            RightSet rights = null;
136            for ( int i = 0; i < roles.length; i++ ) {
137                Right[] roleRights = registry.getRights( securityAccess, object, roles[i] );
138                switch ( i ) {
139                case 0: {
140                    rights = new RightSet( roleRights );
141                    break;
142                }
143                default: {
144                    rights.merge( new RightSet( roleRights ) );
145                }
146                }
147            }
148            return rights;
149        }
150    
151        /**
152         * Returns a <code>String</code> representation of this object.
153         */
154        public String toString( SecurityAccess securityAccess ) {
155            StringBuffer sb = new StringBuffer( "Name: " ).append( name );
156    
157            try {
158                sb.append( ", Users (Members): [" );
159                User[] users = getUsers( securityAccess );
160                for ( int i = 0; i < users.length; i++ ) {
161                    sb.append( users[i].getName() );
162                    if ( i != users.length - 1 ) {
163                        sb.append( ", " );
164                    }
165                }
166                sb.append( "]" );
167    
168                sb.append( ", Groups (Members): [" );
169                Group[] groups = getGroups( securityAccess );
170                for ( int i = 0; i < groups.length; i++ ) {
171                    sb.append( groups[i].getName() );
172                    if ( i != groups.length - 1 ) {
173                        sb.append( ", " );
174                    }
175                }
176                sb.append( "]" );
177    
178                sb.append( ", Roles: [" );
179                Role[] roles = getRoles( securityAccess );
180                for ( int i = 0; i < roles.length; i++ ) {
181                    sb.append( roles[i].getName() );
182                    if ( i != roles.length - 1 ) {
183                        sb.append( ", " );
184                    }
185                }
186                sb.append( "]" );
187            } catch ( GeneralSecurityException e ) {
188                e.printStackTrace();
189            }
190            return sb.toString();
191        }
192    }