X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fwamblee%2Fphotos%2Fmodel%2Fauthorization%2FAuthorizedAlbum.java;h=b59aafeb9a0d13650dd09d49b6b09307114e2dd1;hb=HEAD;hp=7406d9985f6e5e3308c8fab514a47c3514ecb82b;hpb=8845e7fe6141ccc98fd070ee4e653941f6e60508;p=photos diff --git a/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java b/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java index 7406d99..b59aafe 100644 --- a/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java +++ b/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java @@ -19,14 +19,21 @@ import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; import java.util.List; +import java.util.logging.Logger; + +import javax.enterprise.context.SessionScoped; +import javax.inject.Inject; +import javax.servlet.http.HttpSession; -import org.apache.log4j.Logger; import org.wamblee.cache.Cache; import org.wamblee.cache.CachedObject; import org.wamblee.photos.model.Album; import org.wamblee.photos.model.Path; import org.wamblee.photos.model.Photo; import org.wamblee.photos.model.PhotoEntry; +import org.wamblee.photos.model.plumbing.AllPhotos; +import org.wamblee.photos.model.plumbing.AuthorizedPhotos; +import org.wamblee.photos.model.plumbing.PhotoCache; import org.wamblee.security.authorization.AllOperation; import org.wamblee.security.authorization.AuthorizationService; import org.wamblee.security.authorization.DeleteOperation; @@ -37,45 +44,45 @@ import org.wamblee.security.authorization.WriteOperation; * Decorator for an album providing defined behavior when used in a concurrent * setting. */ +@SessionScoped +@AuthorizedPhotos public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { - private static final Logger LOGGER = Logger - .getLogger(AuthorizedAlbum.class); + private static final Logger LOGGER = Logger.getLogger(AuthorizedAlbum.class.getName()); private AuthorizationService _authorizer; private CachedObject> _authorizedEntries; - private String _sessionId; + private HttpSession _session; /** * Constructs concurrent album as a decorator for an album implementation. - * - * @param aAlbum - * Album to decorate. + * + * @param aAlbum Album to decorate. */ - public AuthorizedAlbum(Album aAlbum, AuthorizationService aService, - Cache aCache, String aSessionId) { + @Inject + public AuthorizedAlbum(@AllPhotos Album aAlbum, AuthorizationService aService, + @PhotoCache Cache> aCache, HttpSession aSession) { super(aAlbum); _authorizer = aService; - _authorizedEntries = new CachedObject>( - aCache, aSessionId + "/" + aAlbum.getPath(), + _authorizedEntries = new CachedObject<>(aCache, "session:" + aSession.getId() + "/" + aAlbum.getPath(), new CachedObject.Computation>() { public ArrayList getObject(String aObjectKey) { return AuthorizedAlbum.this.compute(); } }); - _sessionId = aSessionId; + _session = aSession; } /** * Computes the cache of photo entries to which read access is allowed. - * + * * @return Photo entries to which read access is allowed. */ private synchronized ArrayList compute() { LOGGER.info("Refreshing cache " + getPath()); - ArrayList result = new ArrayList(); + ArrayList result = new ArrayList<>(); for (int i = 0; i < decorated().size(); i++) { PhotoEntry entry = decorated().getEntry(i); if (_authorizer.isAllowed(entry, new ReadOperation())) { @@ -83,6 +90,9 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { // automatically. } } + if (result == null) { + throw new RuntimeException("Result is null"); + } return result; } @@ -93,9 +103,8 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { /** * Creates a decorate for the photo entry to make it safe for concurrent * access. - * - * @param aEntry - * Entry to decorate + * + * @param aEntry Entry to decorate * @return Decorated photo. */ private T decorate(T aEntry) { @@ -104,11 +113,9 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { } else if (aEntry instanceof Photo) { return (T) new AuthorizedPhoto((Photo) aEntry); } else if (aEntry instanceof Album) { - return (T) new AuthorizedAlbum((Album) aEntry, _authorizer, - _authorizedEntries.getCache(), _sessionId); + return (T) new AuthorizedAlbum((Album) aEntry, _authorizer, _authorizedEntries.getCache(), _session); } else { - throw new IllegalArgumentException( - "Entry is neither a photo nor an album: " + aEntry); + throw new IllegalArgumentException("Entry is neither a photo nor an album: " + aEntry); } } @@ -139,8 +146,8 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { return entry; } else { if (!(entry instanceof Album)) { - throw new IllegalArgumentException(getPath() + " " - + aPath); + throw new IllegalArgumentException(getPath() + " " + + aPath); } return ((Album) entry).getEntry(remainder); } @@ -174,9 +181,12 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { * java.io.InputStream) */ public void addImage(String aId, InputStream aImage) throws IOException { - _authorizer.check(this, new WriteOperation()); - _authorizedEntries.invalidate(); - decorated().addImage(aId, aImage); + try { + _authorizer.check(this, new WriteOperation()); + decorated().addImage(aId, aImage); + } finally { + _authorizedEntries.invalidate(); + } } /* @@ -185,9 +195,12 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { * @see org.wamblee.photos.model.Album#addAlbum(java.lang.String) */ public void addAlbum(String aId) throws IOException { - _authorizer.check(this, new WriteOperation()); - _authorizedEntries.invalidate(); - decorated().addAlbum(aId); + try { + _authorizer.check(this, new WriteOperation()); + decorated().addAlbum(aId); + } finally { + _authorizedEntries.invalidate(); + } } /* @@ -196,17 +209,19 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { * @see org.wamblee.photos.model.Album#removeEntry(java.lang.String) */ public void removeEntry(String aId) throws IOException { - // Check whether deletion is allowed. - PhotoEntry entry = _authorizer.check(decorated().getEntry("/" + aId), - new DeleteOperation()); - _authorizedEntries.invalidate(); - decorated().removeEntry(aId); + try { + // Check whether deletion is allowed. + PhotoEntry entry = _authorizer.check(decorated().getEntry("/" + aId), new DeleteOperation()); + _authorizedEntries.invalidate(); + decorated().removeEntry(aId); + } finally { + _authorizedEntries.invalidate(); + } } public Photo findPhotoBefore(String aId) { Photo entry = decorated().findPhotoBefore(aId); - while (entry != null - && !_authorizer.isAllowed(entry, new AllOperation())) { + while (entry != null && !_authorizer.isAllowed(entry, new AllOperation())) { entry = decorated().findPhotoBefore(entry.getId()); } return decorate(entry); @@ -214,8 +229,7 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { public Photo findPhotoAfter(String aId) { Photo entry = decorated().findPhotoAfter(aId); - while (entry != null - && !_authorizer.isAllowed(entry, new AllOperation())) { + while (entry != null && !_authorizer.isAllowed(entry, new AllOperation())) { entry = decorated().findPhotoAfter(entry.getId()); } return decorate(entry);