wamblee.org Git - utils/blob - security/src/main/java/org/wamblee/security/authorization/hibernate/PersistentAuthorizationService.java

   1 /*
   2  * Copyright 2005 the original author or authors.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 package org.wamblee.security.authorization.hibernate;
  18
  19 import java.util.List;
  20
  21 import org.springframework.orm.hibernate3.HibernateTemplate;
  22 import org.wamblee.persistence.AbstractPersistent;
  23 import org.wamblee.persistence.hibernate.HibernateSupport;
  24 import org.wamblee.security.authorization.AuthorizationRule;
  25 import org.wamblee.security.authorization.AuthorizationService;
  26 import org.wamblee.security.authorization.DefaultAuthorizationService;
  27 import org.wamblee.security.authorization.Operation;
  28 import org.wamblee.usermgt.UserAccessor;
  29
  30 /**
  31  * Authorization service with persistent storage.
  32  * This is a wrapper for {@link org.wamblee.security.authorization.DefaultAuthorizationService}
  33  * which refreshes the state of the service at certain time intervals.
  34  *
  35  * @author Erik Brakkee
  36  */
  37 public class PersistentAuthorizationService extends AbstractPersistent
  38         implements AuthorizationService {
  39
  40     /**
  41      * Name of query to find the service by name.
  42      */
  43     private static final String FIND_QUERY = "findAuthorizationServiceByName";
  44
  45     /**
  46      * Name of the query parameter for the service name.
  47      */
  48     private static final String NAME_PARAM = "name";
  49
  50     /**
  51      * Authorization service to use.
  52      */
  53     private DefaultAuthorizationService _service;
  54
  55     /**
  56      * Hibernate template to use.
  57      */
  58     private HibernateTemplate _template;
  59
  60     /**
  61      * User accessor.
  62      */
  63     private UserAccessor _userAccessor;
  64
  65     /**
  66      * Name of the service.
  67      */
  68     private String _name;
  69
  70     /**
  71      * Refresh interval in milliseconds.
  72      */
  73     private final long _refreshInterval;
  74
  75     /**
  76      * Last refresh time.
  77      */
  78     private long _lastRefreshTime;
  79
  80     /**
  81      * Constructs the persistent service.
  82      *
  83      * @param aName
  84      *            Name of the service.
  85      * @param aTemplate
  86      *            Hibernate template for hibernate usage.
  87      * @param aAccessor
  88      *            User accessor.
  89      * @param aRefresh
  90      *            Whether or not to refresh the state of the service at the
  91      *            start of every operation.
  92      */
  93     public PersistentAuthorizationService(String aName,
  94             HibernateTemplate aTemplate, UserAccessor aAccessor,
  95             long aRefreshInterval) {
  96         _template = aTemplate;
  97         _refreshInterval = aRefreshInterval;
  98         _lastRefreshTime = System.currentTimeMillis();
  99         _userAccessor = aAccessor;
 100         _name = aName;
 101     }
 102
 103     /**
 104      * Initialize service if needed.
 105      */
 106     private void initialize() {
 107         if (_service == null) {
 108             List<DefaultAuthorizationService> result = _template
 109                     .findByNamedQueryAndNamedParam(FIND_QUERY, NAME_PARAM,
 110                             _name);
 111
 112             if (result.size() > 1) {
 113                 throw new IllegalArgumentException(
 114                         "Returned more than one service for name '" + _name
 115                                 + "' (" + result.size() + ")");
 116             }
 117
 118             if (result.size() == 0) {
 119                 _service = new DefaultAuthorizationService(_userAccessor, _name);
 120                 _template.persist(_service);
 121             } else {
 122                 _service = result.get(0);
 123                 _service.setUserAccessor(_userAccessor);
 124             }
 125         }
 126     }
 127
 128     /*
 129      * (non-Javadoc)
 130      *
 131      * @see org.wamblee.security.authorization.AuthorizationService#isAllowed(java.lang.Object,
 132      *      org.wamblee.security.authorization.Operation)
 133      */
 134     public boolean isAllowed(Object aResource, Operation aOperation) {
 135         initialize();
 136         refresh();
 137         return _service.isAllowed(aResource, aOperation);
 138     }
 139
 140     /* (non-Javadoc)
 141      * @see org.wamblee.security.authorization.AuthorizationService#check(T, org.wamblee.security.authorization.Operation)
 142      */
 143     public <T> T check(T aResource, Operation aOperation) {
 144         initialize();
 145         refresh();
 146         return _service.check(aResource, aOperation);
 147     }
 148
 149     /*
 150      * (non-Javadoc)
 151      *
 152      * @see org.wamblee.security.authorization.AuthorizationService#getRules()
 153      */
 154     public AuthorizationRule[] getRules() {
 155         initialize();
 156         refresh();
 157         return _service.getRules();
 158     }
 159
 160     /*
 161      * (non-Javadoc)
 162      *
 163      * @see org.wamblee.security.authorization.AuthorizationService#appendRule(org.wamblee.security.authorization.AuthorizationRule)
 164      */
 165     public void appendRule(AuthorizationRule aRule) {
 166         initialize();
 167         refresh();
 168         _service.appendRule(aRule);
 169         save();
 170     }
 171
 172     /*
 173      * (non-Javadoc)
 174      *
 175      * @see org.wamblee.security.authorization.AuthorizationService#removeRule(int)
 176      */
 177     public void removeRule(int aIndex) {
 178         initialize();
 179         refresh();
 180         _service.removeRule(aIndex);
 181         save();
 182     }
 183
 184     /*
 185      * (non-Javadoc)
 186      *
 187      * @see org.wamblee.security.authorization.AuthorizationService#insertRuleAfter(int,
 188      *      org.wamblee.security.authorization.AuthorizationRule)
 189      */
 190     public void insertRuleAfter(int aIndex, AuthorizationRule aRule) {
 191         initialize();
 192         refresh();
 193         _service.insertRuleAfter(aIndex, aRule);
 194         save();
 195     }
 196
 197     /**
 198      * Refreshes the state of the service through hibernate.
 199      *
 200      */
 201     private synchronized void refresh() {
 202         long time = System.currentTimeMillis();
 203         if ( time - _lastRefreshTime > _refreshInterval ) {
 204             _template.refresh(_service);
 205             _lastRefreshTime = time;
 206         }
 207     }
 208
 209     /**
 210      * Saves any changes to the service state if necessary.
 211      */
 212     private void save() {
 213         HibernateSupport.merge(_template, _service);
 214     }
 215 }