2 * Copyright 2005-2010 the original author or authors.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package org.wamblee.security.authorization.jpa;
18 import javax.persistence.EntityManager;
19 import javax.persistence.NoResultException;
20 import javax.persistence.NonUniqueResultException;
22 import org.wamblee.persistence.JpaMergeSupport;
23 import org.wamblee.security.authorization.AbstractAuthorizationService;
24 import org.wamblee.security.authorization.AbstractAuthorizationRule;
25 import org.wamblee.security.authorization.AuthorizationRule;
26 import org.wamblee.security.authorization.AuthorizationService;
27 import org.wamblee.security.authorization.DefaultAuthorizationService;
28 import org.wamblee.security.authorization.Operation;
29 import org.wamblee.usermgt.UserAccessor;
32 * Authorization service with persistent storage. This is a wrapper for
33 * {@link org.wamblee.security.authorization.DefaultAuthorizationService} which
34 * refreshes the state of the service at certain time intervals.
36 * @author Erik Brakkee
38 public class JpaAuthorizationService implements AuthorizationService {
41 * Authorization service to use.
43 private AuthorizationService service;
46 * Hibernate template to use.
48 private EntityManager entityManager;
53 private UserAccessor userAccessor;
56 * Name of the service.
61 * Refresh interval in milliseconds.
63 private final long refreshInterval;
68 private long lastRefreshTime;
71 * Constructs the persistent service.
74 * Name of the service.
75 * @param aEntityManager
80 * Whether or not to refresh the state of the service at the
81 * start of every operation.
83 public JpaAuthorizationService(String aName, EntityManager aEntityManager,
84 UserAccessor aAccessor, long aRefreshInterval) {
85 entityManager = aEntityManager;
86 refreshInterval = aRefreshInterval;
87 lastRefreshTime = System.currentTimeMillis();
88 userAccessor = aAccessor;
93 public void setUserAccessor(UserAccessor aUserAccessor) {
94 userAccessor = aUserAccessor;
98 * Initialize service if needed.
101 private void initialize() {
102 if (service == null) {
107 private void refreshByReload() {
109 service = entityManager.createNamedQuery(
110 AbstractAuthorizationService.QUERY_FIND_BY_NAME,
111 AbstractAuthorizationService.class).setParameter(
112 AbstractAuthorizationService.NAME_PARAM, name).getSingleResult();
113 service.setUserAccessor(userAccessor);
114 } catch (NonUniqueResultException e) {
115 throw new IllegalArgumentException(
116 "Returned more than one service for name '" + name + "'");
117 } catch (NoResultException e) {
118 service = new DefaultAuthorizationService(userAccessor, name);
119 entityManager.persist(service);
127 * org.wamblee.security.authorization.AuthorizationService#isAllowed(java
128 * .lang.Object, org.wamblee.security.authorization.Operation)
130 public boolean isAllowed(Object aResource, Operation aOperation) {
134 return service.isAllowed(aResource, aOperation);
140 * @see org.wamblee.security.authorization.AuthorizationService#check(T,
141 * org.wamblee.security.authorization.Operation)
143 public <T> T check(T aResource, Operation aOperation) {
147 return service.check(aResource, aOperation);
153 * @see org.wamblee.security.authorization.AuthorizationService#getRules()
155 public AuthorizationRule[] getRules() {
159 return service.getRules();
166 * org.wamblee.security.authorization.AuthorizationService#appendRule(org
167 * .wamblee.security.authorization.AuthorizationRule)
169 public void appendRule(AuthorizationRule aRule) {
172 service.appendRule(aRule);
180 * org.wamblee.security.authorization.AuthorizationService#removeRule(int)
182 public void removeRule(int aIndex) {
185 service.removeRule(aIndex);
193 * org.wamblee.security.authorization.AuthorizationService#insertRuleAfter
194 * (int, org.wamblee.security.authorization.AuthorizationRule)
196 public void insertRuleAfter(int aIndex, AuthorizationRule aRule) {
199 service.insertRuleAfter(aIndex, aRule);
204 * Refreshes the state of the service through hibernate.
206 private synchronized void refresh() {
207 long time = System.currentTimeMillis();
209 if ((time - lastRefreshTime) > refreshInterval) {
211 lastRefreshTime = time;
216 * Saves any changes to the service state if necessary.
218 private void save() {
219 AuthorizationService merged = entityManager.merge(service);
220 entityManager.flush();
221 JpaMergeSupport.merge(merged, service);