wamblee.org Git - utils/blob

   1 /*
   2  * Copyright 2005-2010 the original author or authors.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.wamblee.security.authorization.hibernate;
  17
  18 import org.springframework.orm.hibernate3.HibernateTemplate;
  19
  20 import org.wamblee.persistence.AbstractPersistent;
  21 import org.wamblee.persistence.hibernate.HibernateSupport;
  22
  23 import org.wamblee.security.authorization.AuthorizationRule;
  24 import org.wamblee.security.authorization.AuthorizationService;
  25 import org.wamblee.security.authorization.DefaultAuthorizationService;
  26 import org.wamblee.security.authorization.Operation;
  27
  28 import org.wamblee.usermgt.UserAccessor;
  29
  30 import java.util.List;
  31
  32 /**
  33  * Authorization service with persistent storage. This is a wrapper for
  34  * {@link org.wamblee.security.authorization.DefaultAuthorizationService} which
  35  * refreshes the state of the service at certain time intervals.
  36  *
  37  * @author Erik Brakkee
  38  */
  39 public class PersistentAuthorizationService extends AbstractPersistent
  40     implements AuthorizationService {
  41     /**
  42      * Name of query to find the service by name.
  43      */
  44     private static final String FIND_QUERY = "findAuthorizationServiceByName";
  45
  46     /**
  47      * Name of the query parameter for the service name.
  48      */
  49     private static final String NAME_PARAM = "name";
  50
  51     /**
  52      * Authorization service to use.
  53      */
  54     private DefaultAuthorizationService service;
  55
  56     /**
  57      * Hibernate template to use.
  58      */
  59     private HibernateTemplate template;
  60
  61     /**
  62      * User accessor.
  63      */
  64     private UserAccessor userAccessor;
  65
  66     /**
  67      * Name of the service.
  68      */
  69     private String name;
  70
  71     /**
  72      * Refresh interval in milliseconds.
  73      */
  74     private final long refreshInterval;
  75
  76     /**
  77      * Last refresh time.
  78      */
  79     private long lastRefreshTime;
  80
  81     /**
  82      * Constructs the persistent service.
  83      *
  84      * @param aName
  85      *            Name of the service.
  86      * @param aTemplate
  87      *            Hibernate template for hibernate usage.
  88      * @param aAccessor
  89      *            User accessor.
  90      * @param aRefresh
  91      *            Whether or not to refresh the state of the service at the
  92      *            start of every operation.
  93      */
  94     public PersistentAuthorizationService(String aName,
  95         HibernateTemplate aTemplate, UserAccessor aAccessor,
  96         long aRefreshInterval) {
  97         template = aTemplate;
  98         refreshInterval = aRefreshInterval;
  99         lastRefreshTime = System.currentTimeMillis();
 100         userAccessor = aAccessor;
 101         name = aName;
 102     }
 103
 104     /**
 105      * Initialize service if needed.
 106      *
 107      */
 108     private void initialize() {
 109         if (service == null) {
 110             List<DefaultAuthorizationService> result = template
 111                 .findByNamedQueryAndNamedParam(FIND_QUERY, NAME_PARAM, name);
 112
 113             if (result.size() > 1) {
 114                 throw new IllegalArgumentException(
 115                     "Returned more than one service for name '" + name + "' (" +
 116                         result.size() + ")");
 117             }
 118
 119             if (result.size() == 0) {
 120                 service = new DefaultAuthorizationService(userAccessor, name);
 121                 template.persist(service);
 122             } else {
 123                 service = result.get(0);
 124                 service.setUserAccessor(userAccessor);
 125             }
 126         }
 127     }
 128
 129     /*
 130      * (non-Javadoc)
 131      *
 132      * @see
 133      * org.wamblee.security.authorization.AuthorizationService#isAllowed(java
 134      * .lang.Object, org.wamblee.security.authorization.Operation)
 135      */
 136     public boolean isAllowed(Object aResource, Operation aOperation) {
 137         initialize();
 138         refresh();
 139
 140         return service.isAllowed(aResource, aOperation);
 141     }
 142
 143     /*
 144      * (non-Javadoc)
 145      *
 146      * @see org.wamblee.security.authorization.AuthorizationService#check(T,
 147      * org.wamblee.security.authorization.Operation)
 148      */
 149     public <T> T check(T aResource, Operation aOperation) {
 150         initialize();
 151         refresh();
 152
 153         return service.check(aResource, aOperation);
 154     }
 155
 156     /*
 157      * (non-Javadoc)
 158      *
 159      * @see org.wamblee.security.authorization.AuthorizationService#getRules()
 160      */
 161     public AuthorizationRule[] getRules() {
 162         initialize();
 163         refresh();
 164
 165         return service.getRules();
 166     }
 167
 168     /*
 169      * (non-Javadoc)
 170      *
 171      * @see
 172      * org.wamblee.security.authorization.AuthorizationService#appendRule(org
 173      * .wamblee.security.authorization.AuthorizationRule)
 174      */
 175     public void appendRule(AuthorizationRule aRule) {
 176         initialize();
 177         refresh();
 178         service.appendRule(aRule);
 179         save();
 180     }
 181
 182     /*
 183      * (non-Javadoc)
 184      *
 185      * @see
 186      * org.wamblee.security.authorization.AuthorizationService#removeRule(int)
 187      */
 188     public void removeRule(int aIndex) {
 189         initialize();
 190         refresh();
 191         service.removeRule(aIndex);
 192         save();
 193     }
 194
 195     /*
 196      * (non-Javadoc)
 197      *
 198      * @see
 199      * org.wamblee.security.authorization.AuthorizationService#insertRuleAfter
 200      * (int, org.wamblee.security.authorization.AuthorizationRule)
 201      */
 202     public void insertRuleAfter(int aIndex, AuthorizationRule aRule) {
 203         initialize();
 204         refresh();
 205         service.insertRuleAfter(aIndex, aRule);
 206         save();
 207     }
 208
 209     /**
 210      * Refreshes the state of the service through hibernate.
 211      */
 212     private synchronized void refresh() {
 213         long time = System.currentTimeMillis();
 214
 215         if ((time - lastRefreshTime) > refreshInterval) {
 216             template.refresh(service);
 217             lastRefreshTime = time;
 218         }
 219     }
 220
 221     /**
 222      * Saves any changes to the service state if necessary.
 223      */
 224     private void save() {
 225         HibernateSupport.merge(template, service);
 226     }
 227 }