1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 package org.opencastproject.authorization.xacml.manager.impl.persistence;
23
24 import static org.opencastproject.authorization.xacml.manager.impl.persistence.ManagedAclEntity.findByIdAndOrgQuery;
25 import static org.opencastproject.db.Queries.namedQuery;
26
27 import org.opencastproject.authorization.xacml.manager.api.ManagedAcl;
28 import org.opencastproject.authorization.xacml.manager.impl.AclDb;
29 import org.opencastproject.db.DBSession;
30 import org.opencastproject.db.DBSessionFactory;
31 import org.opencastproject.security.api.AccessControlList;
32 import org.opencastproject.security.api.Organization;
33 import org.opencastproject.util.data.functions.Misc;
34
35 import org.osgi.service.component.annotations.Activate;
36 import org.osgi.service.component.annotations.Component;
37 import org.osgi.service.component.annotations.Deactivate;
38 import org.osgi.service.component.annotations.Reference;
39
40 import java.util.List;
41 import java.util.Optional;
42
43 import javax.persistence.EntityManagerFactory;
44 import javax.persistence.RollbackException;
45
46
47 @Component(
48 property = {
49 "service.description=JPA based ACL Provider"
50 },
51 immediate = true,
52 service = { AclDb.class }
53 )
54 public final class JpaAclDb implements AclDb {
55 private DBSessionFactory dbSessionFactory;
56 private EntityManagerFactory emf;
57 private DBSession db;
58
59 @Activate
60 public void activate() {
61 db = dbSessionFactory.createSession(emf);
62 }
63
64 @Deactivate
65 public synchronized void deactivate() {
66 db.close();
67 }
68
69 @Reference
70 public void setDBSessionFactory(DBSessionFactory dbSessionFactory) {
71 this.dbSessionFactory = dbSessionFactory;
72 }
73
74 @Reference(target = "(osgi.unit.name=org.opencastproject.authorization.xacml.manager)")
75 public void setEntityManagerFactory(EntityManagerFactory emf) {
76 this.emf = emf;
77 }
78
79 @Override
80 public List<ManagedAcl> getAcls(Organization org) {
81 return Misc.widen(db.execTx(ManagedAclEntity.findByOrgQuery(org.getId())));
82 }
83
84 @Override
85 public Optional<ManagedAcl> getAcl(Organization org, long id) {
86 return Misc.widen(db.execTx(ManagedAclEntity.findByIdAndOrgQuery(org.getId(), id)));
87 }
88
89 @Override
90 public Optional<ManagedAcl> getAcl(Organization org, String name) {
91 return Misc.widen(db.execTx(ManagedAclEntity.findByNameAndOrgQuery(org.getId(), name)));
92 }
93
94 @Override
95 public boolean updateAcl(final ManagedAcl acl) {
96 return db.execTx(em -> {
97 Optional<ManagedAclEntity> e = findByIdAndOrgQuery(acl.getOrganizationId(), acl.getId()).apply(em);
98 if (e.isEmpty()) {
99 return false;
100 }
101 final ManagedAclEntity updated = e.get().update(acl.getName(), acl.getAcl(), acl.getOrganizationId());
102 em.merge(updated);
103 return true;
104 });
105 }
106
107 @Override
108 public Optional<ManagedAcl> createAcl(Organization org, AccessControlList acl, String name) {
109 try {
110 final ManagedAcl e = new ManagedAclEntity().update(name, acl, org.getId());
111 return db.execTx(namedQuery.persistOpt(e));
112 } catch (RollbackException e) {
113
114 final Throwable cause = e.getCause();
115 String message = cause.getMessage().toLowerCase();
116 if (message.contains("unique") || message.contains("duplicate")) {
117 return Optional.empty();
118 }
119 throw e;
120 }
121 }
122
123 @Override
124 public boolean deleteAcl(Organization org, long id) {
125 return db.execTx(ManagedAclEntity.deleteByIdAndOrgQuery(org.getId(), id)) > 0;
126 }
127 }