X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fwamblee%2Fphotos%2Fmodel%2Fauthorization%2FAuthorizedAlbum.java;h=b59aafeb9a0d13650dd09d49b6b09307114e2dd1;hb=HEAD;hp=96610a6c940a92e05967aed7f98bd40579179530;hpb=06bf9182a5cd8b626d8e66c1fde4e8e6c722a0b5;p=photos diff --git a/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java b/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java index 96610a6..b59aafe 100644 --- a/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java +++ b/src/main/java/org/wamblee/photos/model/authorization/AuthorizedAlbum.java @@ -21,12 +21,19 @@ import java.util.ArrayList; import java.util.List; import java.util.logging.Logger; +import javax.enterprise.context.SessionScoped; +import javax.inject.Inject; +import javax.servlet.http.HttpSession; + import org.wamblee.cache.Cache; import org.wamblee.cache.CachedObject; import org.wamblee.photos.model.Album; import org.wamblee.photos.model.Path; import org.wamblee.photos.model.Photo; import org.wamblee.photos.model.PhotoEntry; +import org.wamblee.photos.model.plumbing.AllPhotos; +import org.wamblee.photos.model.plumbing.AuthorizedPhotos; +import org.wamblee.photos.model.plumbing.PhotoCache; import org.wamblee.security.authorization.AllOperation; import org.wamblee.security.authorization.AuthorizationService; import org.wamblee.security.authorization.DeleteOperation; @@ -37,45 +44,45 @@ import org.wamblee.security.authorization.WriteOperation; * Decorator for an album providing defined behavior when used in a concurrent * setting. */ +@SessionScoped +@AuthorizedPhotos public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { - private static final Logger LOGGER = Logger.getLogger(AuthorizedAlbum.class - .getName()); + private static final Logger LOGGER = Logger.getLogger(AuthorizedAlbum.class.getName()); private AuthorizationService _authorizer; private CachedObject> _authorizedEntries; - private String _sessionId; + private HttpSession _session; /** * Constructs concurrent album as a decorator for an album implementation. - * - * @param aAlbum - * Album to decorate. + * + * @param aAlbum Album to decorate. */ - public AuthorizedAlbum(Album aAlbum, AuthorizationService aService, - Cache aCache, String aSessionId) { + @Inject + public AuthorizedAlbum(@AllPhotos Album aAlbum, AuthorizationService aService, + @PhotoCache Cache> aCache, HttpSession aSession) { super(aAlbum); _authorizer = aService; - _authorizedEntries = new CachedObject>( - aCache, aSessionId + "/" + aAlbum.getPath(), - new CachedObject.Computation>() { - public ArrayList getObject(String aObjectKey) { - return AuthorizedAlbum.this.compute(); - } - }); - _sessionId = aSessionId; + _authorizedEntries = new CachedObject<>(aCache, "session:" + aSession.getId() + "/" + aAlbum.getPath(), + new CachedObject.Computation>() { + public ArrayList getObject(String aObjectKey) { + return AuthorizedAlbum.this.compute(); + } + }); + _session = aSession; } /** * Computes the cache of photo entries to which read access is allowed. - * + * * @return Photo entries to which read access is allowed. */ private synchronized ArrayList compute() { LOGGER.info("Refreshing cache " + getPath()); - ArrayList result = new ArrayList(); + ArrayList result = new ArrayList<>(); for (int i = 0; i < decorated().size(); i++) { PhotoEntry entry = decorated().getEntry(i); if (_authorizer.isAllowed(entry, new ReadOperation())) { @@ -83,6 +90,9 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { // automatically. } } + if (result == null) { + throw new RuntimeException("Result is null"); + } return result; } @@ -93,9 +103,8 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { /** * Creates a decorate for the photo entry to make it safe for concurrent * access. - * - * @param aEntry - * Entry to decorate + * + * @param aEntry Entry to decorate * @return Decorated photo. */ private T decorate(T aEntry) { @@ -104,11 +113,9 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { } else if (aEntry instanceof Photo) { return (T) new AuthorizedPhoto((Photo) aEntry); } else if (aEntry instanceof Album) { - return (T) new AuthorizedAlbum((Album) aEntry, _authorizer, - _authorizedEntries.getCache(), _sessionId); + return (T) new AuthorizedAlbum((Album) aEntry, _authorizer, _authorizedEntries.getCache(), _session); } else { - throw new IllegalArgumentException( - "Entry is neither a photo nor an album: " + aEntry); + throw new IllegalArgumentException("Entry is neither a photo nor an album: " + aEntry); } } @@ -140,7 +147,7 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { } else { if (!(entry instanceof Album)) { throw new IllegalArgumentException(getPath() + " " + - aPath); + aPath); } return ((Album) entry).getEntry(remainder); } @@ -174,9 +181,12 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { * java.io.InputStream) */ public void addImage(String aId, InputStream aImage) throws IOException { - _authorizer.check(this, new WriteOperation()); - _authorizedEntries.invalidate(); - decorated().addImage(aId, aImage); + try { + _authorizer.check(this, new WriteOperation()); + decorated().addImage(aId, aImage); + } finally { + _authorizedEntries.invalidate(); + } } /* @@ -185,9 +195,12 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { * @see org.wamblee.photos.model.Album#addAlbum(java.lang.String) */ public void addAlbum(String aId) throws IOException { - _authorizer.check(this, new WriteOperation()); - _authorizedEntries.invalidate(); - decorated().addAlbum(aId); + try { + _authorizer.check(this, new WriteOperation()); + decorated().addAlbum(aId); + } finally { + _authorizedEntries.invalidate(); + } } /* @@ -196,17 +209,19 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { * @see org.wamblee.photos.model.Album#removeEntry(java.lang.String) */ public void removeEntry(String aId) throws IOException { - // Check whether deletion is allowed. - PhotoEntry entry = _authorizer.check(decorated().getEntry("/" + aId), - new DeleteOperation()); - _authorizedEntries.invalidate(); - decorated().removeEntry(aId); + try { + // Check whether deletion is allowed. + PhotoEntry entry = _authorizer.check(decorated().getEntry("/" + aId), new DeleteOperation()); + _authorizedEntries.invalidate(); + decorated().removeEntry(aId); + } finally { + _authorizedEntries.invalidate(); + } } public Photo findPhotoBefore(String aId) { Photo entry = decorated().findPhotoBefore(aId); - while (entry != null && - !_authorizer.isAllowed(entry, new AllOperation())) { + while (entry != null && !_authorizer.isAllowed(entry, new AllOperation())) { entry = decorated().findPhotoBefore(entry.getId()); } return decorate(entry); @@ -214,8 +229,7 @@ public class AuthorizedAlbum extends AuthorizedPhotoEntry implements Album { public Photo findPhotoAfter(String aId) { Photo entry = decorated().findPhotoAfter(aId); - while (entry != null && - !_authorizer.isAllowed(entry, new AllOperation())) { + while (entry != null && !_authorizer.isAllowed(entry, new AllOperation())) { entry = decorated().findPhotoAfter(entry.getId()); } return decorate(entry);