org.squashtest.tm.service.security.acls.jdbc
Class JdbcManageableAclService

java.lang.Object
  org.springframework.security.acls.jdbc.JdbcAclService
      org.squashtest.tm.service.security.acls.jdbc.JdbcManageableAclService

All Implemented Interfaces:

org.springframework.security.acls.model.AclService, ManageableAclService, ObjectAclService

@Transactional
public class JdbcManageableAclService
extends org.springframework.security.acls.jdbc.JdbcAclService
implements ManageableAclService, ObjectAclService

When one update the Acl of an object (ie the permissions of a user), one want to refresh the aclCache if there is one. The right way to do this would have been to delegate such task to the LookupStrategy when it's relevant to do so. However we cannot subclass BasicLookupStrategy because it's final and duplicating its code for a class of ours would be illegal. So we're bypassing the cache encapsulation and expose it right here.

Author:

bsiri

Field Summary

Fields inherited from class org.springframework.security.acls.jdbc.JdbcAclService

jdbcTemplate, log

Constructor Summary

JdbcManageableAclService(DataSource dataSource, org.springframework.security.acls.jdbc.LookupStrategy lookupStrategy)

Method Summary

void	addNewResponsibility(long partyId, org.springframework.security.acls.model.ObjectIdentity entityRef, String qualifiedName)
void	createObjectIdentity(org.springframework.security.acls.model.ObjectIdentity objectIdentity) Creates (persists) a not noll, not existing object identity
protected void	evictFromCache(org.springframework.security.acls.model.ObjectIdentity oIdentity)
List<org.squashtest.tm.security.acls.PermissionGroup>	findAllPermissionGroupsByNamespace(String namespace)
List<Long>	findObjectWithoutPermissionByPartyId(long partyId, List<String> qualifiedClasses) Only a size of 1 or 2 is supported for now for the second parameter.
List<Long>	findObjectWithoutPermissionByPartyId(long partyId, String qualifiedClass)
List<Long>	findPartiesWithoutPermissionByObject(long objectId, List<String> qualifiedClassNames) Only a size of 1 or 2 is supported for now for the second parameter.
List<Long>	findPartiesWithoutPermissionByObject(long objectId, String qualifiedClassName)
List<String>	findUsersWithExecutePermission(List<org.springframework.security.acls.model.ObjectIdentity> entityRefs)
List<String>	findUsersWithWritePermission(List<org.springframework.security.acls.model.ObjectIdentity> entityRefs)
void	refreshAcls() basically ensures that recent modification affecting the ACL will be taken into account immediately.
void	removeAllResponsibilities(long partyId) Remove all responsibilities for the Party of the given Id
void	removeAllResponsibilities(long partyId, org.springframework.security.acls.model.ObjectIdentity entityRef) Removes all responsibilities a user might have on a entity.
void	removeAllResponsibilities(org.springframework.security.acls.model.ObjectIdentity entityRef) Removes ALL RESPONSIBILITIES from the given object.
void	removeObjectIdentity(org.springframework.security.acls.model.ObjectIdentity objectIdentity)
List<Object[]>	retrieveClassAclGroupFromPartyId(long partyId, List<String> qualifiedClassNames) Only a size of 1 or 2 is supported for now for the second parameter.
List<Object[]>	retrieveClassAclGroupFromPartyId(long partyId, List<String> qualifiedClassNames, org.squashtest.tm.core.foundation.collection.Sorting sorting, org.squashtest.tm.core.foundation.collection.Filtering filtering) Only a size of 1 or 2 is supported for now for the second parameter.
List<Object[]>	retrieveClassAclGroupFromPartyId(long partyId, String qualifiedClassName)
List<Object[]>	retrieveClassAclGroupFromPartyId(long partyId, String qualifiedClassName, org.squashtest.tm.core.foundation.collection.Sorting sorting, org.squashtest.tm.core.foundation.collection.Filtering filtering)
List<Object[]>	retrieveClassAclGroupFromUserLogin(String userLogin, List<String> qualifiedClassNames)
List<Object[]>	retrieveClassAclGroupFromUserLogin(String userLogin, String qualifiedClassName)
List<Object[]>	retrievePartyAndAclGroupNameFromIdentityAndClass(long entityId, Class<?> entityClass) Will find squash User ids and theirs permission names for the given acl_object_identity.identity and acl_object_identity.className
List<Object[]>	retrievePartyAndAclGroupNameFromIdentityAndClass(long entityId, Class<?> entityClass, org.squashtest.tm.core.foundation.collection.Sorting sorting, org.squashtest.tm.core.foundation.collection.Filtering filtering) Same as #retriveUserAndAclGroupNameFromIdentityAndClass(long, Class), sorted and filtered version
void	setAclCache(org.springframework.security.acls.model.AclCache aclCache)
void	updateDerivedPermissions(long partyId)

Methods inherited from class org.springframework.security.acls.jdbc.JdbcAclService

findChildren, readAclById, readAclById, readAclsById, readAclsById, setFindChildrenQuery

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JdbcManageableAclService

public JdbcManageableAclService(DataSource dataSource,
                                org.springframework.security.acls.jdbc.LookupStrategy lookupStrategy)

Method Detail

setAclCache

public void setAclCache(org.springframework.security.acls.model.AclCache aclCache)

addNewResponsibility

public void addNewResponsibility(@NotNull
                                 long partyId,
                                 @NotNull
                                 org.springframework.security.acls.model.ObjectIdentity entityRef,
                                 @NotNull
                                 String qualifiedName)

Specified by:

addNewResponsibility in interface ObjectAclService

removeObjectIdentity

public void removeObjectIdentity(org.springframework.security.acls.model.ObjectIdentity objectIdentity)

Specified by:

removeObjectIdentity in interface ManageableAclService

removeAllResponsibilities

public void removeAllResponsibilities(org.springframework.security.acls.model.ObjectIdentity entityRef)

Description copied from interface: ObjectAclService

Removes ALL RESPONSIBILITIES from the given object.

Specified by:

removeAllResponsibilities in interface ObjectAclService

removeAllResponsibilities

public void removeAllResponsibilities(long partyId)

Description copied from interface: ObjectAclService

Remove all responsibilities for the Party of the given Id

Specified by:

removeAllResponsibilities in interface ObjectAclService

removeAllResponsibilities

public void removeAllResponsibilities(@NotNull
                                      long partyId,
                                      @NotNull
                                      org.springframework.security.acls.model.ObjectIdentity entityRef)

Removes all responsibilities a user might have on a entity. In other words, the given user will no longer have any permission on the entity.

Specified by:

removeAllResponsibilities in interface ObjectAclService

Parameters:

partyId -

objectIdentity -

updateDerivedPermissions

public void updateDerivedPermissions(long partyId)

Specified by:

updateDerivedPermissions in interface ObjectAclService

createObjectIdentity

public void createObjectIdentity(@NotNull
                                 org.springframework.security.acls.model.ObjectIdentity objectIdentity)
                          throws org.springframework.security.acls.model.AlreadyExistsException

Description copied from interface: ManageableAclService

Creates (persists) a not noll, not existing object identity

Specified by:

createObjectIdentity in interface ManageableAclService

Throws:

org.springframework.security.acls.model.AlreadyExistsException

findAllPermissionGroupsByNamespace

public List<org.squashtest.tm.security.acls.PermissionGroup> findAllPermissionGroupsByNamespace(@NotNull
                                                                                                String namespace)

Specified by:

findAllPermissionGroupsByNamespace in interface ObjectAclService

retrieveClassAclGroupFromPartyId

public List<Object[]> retrieveClassAclGroupFromPartyId(@NotNull
                                                       long partyId,
                                                       String qualifiedClassName)

Specified by:

retrieveClassAclGroupFromPartyId in interface ObjectAclService

retrieveClassAclGroupFromPartyId

public List<Object[]> retrieveClassAclGroupFromPartyId(long partyId,
                                                       List<String> qualifiedClassNames)

Only a size of 1 or 2 is supported for now for the second parameter.

Specified by:

retrieveClassAclGroupFromPartyId in interface ObjectAclService

retrieveClassAclGroupFromUserLogin

public List<Object[]> retrieveClassAclGroupFromUserLogin(String userLogin,
                                                         String qualifiedClassName)

Specified by:

retrieveClassAclGroupFromUserLogin in interface ObjectAclService

retrieveClassAclGroupFromUserLogin

public List<Object[]> retrieveClassAclGroupFromUserLogin(String userLogin,
                                                         List<String> qualifiedClassNames)

Specified by:

retrieveClassAclGroupFromUserLogin in interface ObjectAclService

retrieveClassAclGroupFromPartyId

public List<Object[]> retrieveClassAclGroupFromPartyId(@NotNull
                                                       long partyId,
                                                       String qualifiedClassName,
                                                       org.squashtest.tm.core.foundation.collection.Sorting sorting,
                                                       org.squashtest.tm.core.foundation.collection.Filtering filtering)

Specified by:

retrieveClassAclGroupFromPartyId in interface ObjectAclService

retrieveClassAclGroupFromPartyId

public List<Object[]> retrieveClassAclGroupFromPartyId(long partyId,
                                                       List<String> qualifiedClassNames,
                                                       org.squashtest.tm.core.foundation.collection.Sorting sorting,
                                                       org.squashtest.tm.core.foundation.collection.Filtering filtering)

Only a size of 1 or 2 is supported for now for the second parameter.

Specified by:

retrieveClassAclGroupFromPartyId in interface ObjectAclService

findObjectWithoutPermissionByPartyId

public List<Long> findObjectWithoutPermissionByPartyId(long partyId,
                                                       String qualifiedClass)

Specified by:

findObjectWithoutPermissionByPartyId in interface ObjectAclService

findObjectWithoutPermissionByPartyId

public List<Long> findObjectWithoutPermissionByPartyId(long partyId,
                                                       List<String> qualifiedClasses)

Only a size of 1 or 2 is supported for now for the second parameter.

Specified by:

findObjectWithoutPermissionByPartyId in interface ObjectAclService

findUsersWithExecutePermission

public List<String> findUsersWithExecutePermission(List<org.springframework.security.acls.model.ObjectIdentity> entityRefs)

Specified by:

findUsersWithExecutePermission in interface ObjectAclService

findUsersWithWritePermission

public List<String> findUsersWithWritePermission(@NotNull
                                                 List<org.springframework.security.acls.model.ObjectIdentity> entityRefs)

Specified by:

findUsersWithWritePermission in interface ObjectAclService

evictFromCache

protected void evictFromCache(org.springframework.security.acls.model.ObjectIdentity oIdentity)

retrievePartyAndAclGroupNameFromIdentityAndClass

public List<Object[]> retrievePartyAndAclGroupNameFromIdentityAndClass(long entityId,
                                                                       Class<?> entityClass)

Description copied from interface: ObjectAclService

Will find squash User ids and theirs permission names for the given acl_object_identity.identity and acl_object_identity.className

Specified by:

retrievePartyAndAclGroupNameFromIdentityAndClass in interface ObjectAclService

Returns:

a list of Object[] containing at index 0 the user id and , at index 1, the user's acl_group.qualified_name for the given acl_object.

retrievePartyAndAclGroupNameFromIdentityAndClass

public List<Object[]> retrievePartyAndAclGroupNameFromIdentityAndClass(long entityId,
                                                                       Class<?> entityClass,
                                                                       org.squashtest.tm.core.foundation.collection.Sorting sorting,
                                                                       org.squashtest.tm.core.foundation.collection.Filtering filtering)

Description copied from interface: ObjectAclService

Same as #retriveUserAndAclGroupNameFromIdentityAndClass(long, Class), sorted and filtered version

Specified by:

retrievePartyAndAclGroupNameFromIdentityAndClass in interface ObjectAclService

Returns:

findPartiesWithoutPermissionByObject

public List<Long> findPartiesWithoutPermissionByObject(long objectId,
                                                       String qualifiedClassName)

Specified by:

findPartiesWithoutPermissionByObject in interface ObjectAclService

findPartiesWithoutPermissionByObject

public List<Long> findPartiesWithoutPermissionByObject(long objectId,
                                                       List<String> qualifiedClassNames)

Only a size of 1 or 2 is supported for now for the second parameter.

Specified by:

findPartiesWithoutPermissionByObject in interface ObjectAclService

refreshAcls

public void refreshAcls()

Description copied from interface: ObjectAclService

basically ensures that recent modification affecting the ACL will be taken into account immediately.

Specified by:

refreshAcls in interface ObjectAclService