001/*
002 *  Copyright 2016 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.plugins.repository;
017
018import java.util.Map;
019import java.util.Set;
020
021import org.ametys.core.group.GroupIdentity;
022import org.ametys.core.right.ProfileAssignmentStorage;
023import org.ametys.core.user.UserIdentity;
024import org.ametys.plugins.repository.jcr.ACLJCRAmetysObjectHelper;
025import org.ametys.plugins.repository.jcr.JCRAmetysObject;
026import org.ametys.runtime.plugin.component.AbstractLogEnabled;
027
028/**
029 * Implementation of {@link ProfileAssignmentStorage} for {@link ACLAmetysObject}s which stores profile assignments in subnodes of the node representing this object.
030 */
031public class ACLAmetysObjectProfileAssignmentStorage extends AbstractLogEnabled implements ProfileAssignmentStorage
032{
033    /* -------------- */
034    /* HAS PERMISSION */
035    /* -------------- */
036
037    public boolean hasUserDeniedProfile(Set< ? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)
038    {
039        return ACLJCRAmetysObjectHelper.hasUserDeniedProfile(rootContexts, user, profileIds);
040    }
041    
042    public boolean hasUserAllowedProfile(Set< ? extends Object> rootContexts, UserIdentity user, Set<String> profileIds)
043    {
044        return ACLJCRAmetysObjectHelper.hasUserAllowedProfile(rootContexts, user, profileIds);
045    }
046    
047    public boolean hasGroupDeniedProfile(Set< ? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds)
048    {
049        return ACLJCRAmetysObjectHelper.hasGroupDeniedProfile(rootContexts, group, profileIds);
050    }
051    
052    public boolean hasGroupAllowedProfile(Set< ? extends Object> rootContexts, GroupIdentity group, Set<String> profileIds)
053    {
054        return ACLJCRAmetysObjectHelper.hasGroupAllowedProfile(rootContexts, group, profileIds);
055    }
056    
057    public boolean hasAnyConnectedDeniedProfile(Set< ? extends Object> rootContexts, Set<String> profileIds)
058    {
059        return ACLJCRAmetysObjectHelper.hasAnyConnectedDeniedProfile(rootContexts, profileIds);
060    }
061    
062    public boolean hasAnyConnectedAllowedProfile(Set< ? extends Object> rootContexts, Set<String> profileIds)
063    {
064        return ACLJCRAmetysObjectHelper.hasAnyConnectedAllowedProfile(rootContexts, profileIds);
065    }
066    
067    public boolean hasAnonymousDeniedProfile(Set< ? extends Object> rootContexts, Set<String> profileIds)
068    {
069        return ACLJCRAmetysObjectHelper.hasAnonymousDeniedProfile(rootContexts, profileIds);
070    }
071    
072    public boolean hasAnonymousAllowedProfile(Set< ? extends Object> rootContexts, Set<String> profileIds)
073    {
074        return ACLJCRAmetysObjectHelper.hasAnonymousAllowedProfile(rootContexts, profileIds);
075    }
076    
077    /* --------------------------------------- */
078    /* ALLOWED PROFILES FOR ANY CONNECTED USER */
079    /* --------------------------------------- */
080    
081    @Override
082    public Set<String> getAllowedProfilesForAnyConnectedUser(Object object)
083    {
084        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
085        return ametysObj.getAllowedProfilesForAnyConnectedUser();
086    }
087    
088    @Override
089    public boolean isAnyConnectedUserAllowed(Object object, String profileId)
090    {
091        return getAllowedProfilesForAnyConnectedUser(object).contains(profileId);
092    }
093
094    /* -------------------------------------- */
095    /* DENIED PROFILES FOR ANY CONNECTED USER */
096    /* -------------------------------------- */
097    
098    @Override
099    public Set<String> getDeniedProfilesForAnyConnectedUser(Object object)
100    {
101        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
102        return ametysObj.getDeniedProfilesForAnyConnectedUser();
103    }
104    
105    @Override
106    public boolean isAnyConnectedUserDenied(Object object, String profileId)
107    {
108        return getDeniedProfilesForAnyConnectedUser(object).contains(profileId);
109    }
110    
111    /* ------------------------------ */
112    /* ALLOWED PROFILES FOR ANONYMOUS */
113    /* ------------------------------ */
114    
115    @Override
116    public Set<String> getAllowedProfilesForAnonymous(Object object)
117    {
118        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
119        return ametysObj.getAllowedProfilesForAnonymous();
120    }
121    
122    @Override
123    public boolean isAnonymousAllowed(Object object, String profileId)
124    {
125        return getAllowedProfilesForAnonymous(object).contains(profileId);
126    }
127    
128    /* ----------------------------- */
129    /* DENIED PROFILES FOR ANONYMOUS */
130    /* ----------------------------- */
131    
132    @Override
133    public Set<String> getDeniedProfilesForAnonymous(Object object)
134    {
135        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
136        return ametysObj.getDeniedProfilesForAnonymous();
137    }
138    
139    @Override
140    public boolean isAnonymousDenied(Object object, String profileId)
141    {
142        return getDeniedProfilesForAnonymous(object).contains(profileId);
143    }
144    
145    /* --------------------------- */
146    /* MANAGEMENT OF ALLOWED USERS */
147    /* --------------------------- */
148    @Override
149    public Set<String> getAllowedProfilesForUser(UserIdentity user, Object object)
150    {
151        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
152        return ametysObj.getAllowedProfilesForUser(user);
153    }
154    
155    @Override
156    public Map<UserIdentity, Set<String>> getAllowedProfilesForUsers(Object object)
157    {
158        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
159        return ametysObj.getAllowedProfilesForUsers();
160    }
161
162    @Override
163    public Set<UserIdentity> getAllowedUsers(Object object, String profileId)
164    {
165        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
166        return ametysObj.getAllowedUsers(profileId);
167    }
168
169    /* ---------------------------- */
170    /* MANAGEMENT OF ALLOWED GROUPS */
171    /* ---------------------------- */
172    @Override
173    public Map<GroupIdentity, Set<String>> getAllowedProfilesForGroups(Object object)
174    {
175        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
176        return ametysObj.getAllowedProfilesForGroups();
177    }
178
179    @Override
180    public Set<GroupIdentity> getAllowedGroups(Object object, String profileId)
181    {
182        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
183        return ametysObj.getAllowedGroups(profileId);
184    }
185
186    /* ---------------------------- */
187    /* MANAGEMENT OF DENIED USERS */
188    /* ---------------------------- */
189    @Override
190    public Set<String> getDeniedProfilesForUser(UserIdentity user, Object object)
191    {
192        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
193        return ametysObj.getDeniedProfilesForUser(user);
194    }
195    
196    @Override
197    public Map<UserIdentity, Set<String>> getDeniedProfilesForUsers(Object object)
198    {
199        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
200        return ametysObj.getDeniedProfilesForUsers();
201    }
202
203    @Override
204    public Set<UserIdentity> getDeniedUsers(Object object, String profileId)
205    {
206        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
207        return ametysObj.getDeniedUsers(profileId);
208    }
209
210    /* ----------------------------- */
211    /* MANAGEMENT OF DENIED GROUPS */
212    /* ----------------------------- */
213
214    @Override
215    public Map<GroupIdentity, Set<String>> getDeniedProfilesForGroups(Object object)
216    {
217        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
218        return ametysObj.getDeniedProfilesForGroups();
219    }
220
221    @Override
222    public Set<GroupIdentity> getDeniedGroups(Object object, String profileId)
223    {
224        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
225        return ametysObj.getDeniedGroups(profileId);
226    }
227    
228    @Override
229    public boolean isInheritanceDisallowed(Object object)
230    {
231        ACLAmetysObject ametysObj = (ACLAmetysObject) object;
232        return ametysObj.isInheritanceDisallowed();
233    }
234
235    
236    /* ------------------------------ */
237    /* SUPPORT OF OBJECT AND PRIORITY */
238    /* ------------------------------ */
239    
240    @Override
241    public boolean isSupported(Object object)
242    {
243        return object instanceof ACLAmetysObject && object instanceof JCRAmetysObject;
244    }
245    
246    public boolean isRootContextSupported(Object rootContext)
247    {
248        return rootContext instanceof JCRAmetysObject;
249    }
250
251    @Override
252    public int getPriority()
253    {
254        // Minor priority than ModifiableACLAmetysObjectProfileAssignmentStorage
255        return ProfileAssignmentStorage.MAX_PRIORITY + 100;
256    }
257}