com.bagri.server.hazelcast.management.PermissionAwareManager Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of bagri-server-hazelcast Show documentation
Bagri DB Cache: Hazelcast implementation
The newest version!
package com.bagri.server.hazelcast.management;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.management.openmbean.CompositeData;

import org.springframework.jmx.export.annotation.ManagedAttribute;
import org.springframework.jmx.export.annotation.ManagedOperation;
import org.springframework.jmx.export.annotation.ManagedOperationParameter;
import org.springframework.jmx.export.annotation.ManagedOperationParameters;

import com.bagri.core.system.Permission;
import com.bagri.core.system.PermissionAware;
import com.bagri.core.system.Role;
import com.bagri.server.hazelcast.task.role.PermissionUpdater;
import com.bagri.server.hazelcast.task.role.RoleUpdater;
import com.bagri.support.util.JMXUtils;
import com.hazelcast.core.HazelcastInstance;
import com.hazelcast.core.IMap;

public abstract class PermissionAwareManager extends EntityManager {
	
	public PermissionAwareManager() {
		super();
	}
	
	public PermissionAwareManager(HazelcastInstance hzInstance, String entityName) {
		super(hzInstance, entityName);
	}
	
	@Override
	public P getEntity() {
		return (P) super.getEntity();
	}
	
	protected abstract IMap getRoleCache();

	@ManagedAttribute(description="Returns registered Role permissions")
	public CompositeData getDirectPermissions() {
		Map pMap = getEntity().getFlatPermissions();
		return JMXUtils.mapToComposite(entityName, "permissions", pMap);
	}
	
	@ManagedAttribute(description="Returns included (nested) Roles")
	public String[] getDirectRoles() {
		Set roles = getEntity().getIncludedRoles(); 
		return roles.toArray(new String[roles.size()]);
	}
	
	protected void getRecursivePermissions(Map xPerms, String roleName) {
		Role role = getRoleCache().get(roleName);
		if (role != null) {
			if (role.getIncludedRoles().size() > 0) {
				for (String name: role.getIncludedRoles()) {
					getRecursivePermissions(xPerms, name);
				}
			}
			
			Collection perms = role.getPermissions().values();
			if (perms.size() > 0) {
				for (Permission perm: perms) {
					Permission xPerm = xPerms.get(perm.getResource());
					if (xPerm == null) {
						xPerm = new Permission(perm.getResource());
						xPerms.put(perm.getResource(), xPerm);
					}
					for (Permission.Value p: perm.getPermissions()) {
						xPerm.addPermission(p);
					}
				}
			}
		}
	}

	protected void getRecursiveRoles(Set xRoles, String roleName) {
		Role role = getRoleCache().get(roleName);
		if (role != null) {
			if (role.getIncludedRoles().size() > 0) {
				for (String name: role.getIncludedRoles()) {
					getRecursiveRoles(xRoles, name);
				}
			}
			xRoles.add(roleName);
		}
	}
	
	@ManagedOperation(description="Returns access permission for the named Resource")
	@ManagedOperationParameters({
		@ManagedOperationParameter(name = "resource", description = "A name of the Resource to return")})
	public String[] getResourcePermissions(String resource) {
		Permission perm = getEntity().getPermissions().get(resource);
		if (perm != null) {
			return perm.getPermissionsAsArray();
		}
		return new String[0];
	}
	
	@ManagedOperation(description="Set access permission to the named Resource")
	@ManagedOperationParameters({
		@ManagedOperationParameter(name = "resource", description = "A name of Resource to add Permissions"),
		@ManagedOperationParameter(name = "permissions", description = "Permisions to add separated by whitespace")})
	public void addPermissions(String resource, String permissions) {
		P role = updatePermissions(resource, permissions, RoleUpdater.Action.add);
	    logger.trace("addPermissions; execution result: {}", role);
	}
	
	@ManagedOperation(description="Removes access permission to the named Reource")
	@ManagedOperationParameters({
		@ManagedOperationParameter(name = "resource", description = "A name of Resource to remove permissions from"),
		@ManagedOperationParameter(name = "permissions", description = "Permisions to remove separated by whitespace")})
	public void removePermissions(String resource, String permissions) {
		P role = updatePermissions(resource, permissions, RoleUpdater.Action.remove);
	    logger.trace("removePermissions; execution result: {}", role);
	}

	private P updatePermissions(String resource, String permissions, RoleUpdater.Action action) {
		P role = getEntity();
		String[] aPerms = resolvePermissions(permissions);
	    Object result = entityCache.executeOnKey(entityName, new PermissionUpdater(role.getVersion(), 
	    		getCurrentUser(), resource, aPerms, action));
		return (P) result;
	}
	
	private String[] resolvePermissions(String permissions) {
		String[] aPerms = permissions.split(" ");
	    logger.trace("resolvePermissions.enter; got permissions: '{}'; split to array: {} with length: {}", permissions, aPerms, aPerms.length);
	    List lPerms = new ArrayList(aPerms.length);
	    for (String perm: aPerms) {
	    	String xPerm = perm.trim();
	    	if (xPerm.length() > 0) {
	    		try {
	    			if (Permission.Value.valueOf(xPerm) != null) {
	    				lPerms.add(xPerm);
	    			} else {
	    			    logger.info("resolvePermissions; unknown permission: {}, skipping", xPerm);
	    			}
	    		} catch (Exception ex) {
    			    logger.warn("resolvePermissions; error resolving permission: {}, skipping", xPerm);
	    		}
	    	}
	    }
	    logger.trace("resolvePermissions.exit; returning: {}", lPerms);
		return lPerms.toArray(new String[lPerms.size()]);
	}
	
	@ManagedOperation(description="Adds included (nested) Roles")
	@ManagedOperationParameters({
		@ManagedOperationParameter(name = "roles", description = "Name of the Roles to include separated by whitespace")})
	public void addIncludedRoles(String roles) {
		P role = updateIncludedRoles(roles, RoleUpdater.Action.add);
	    logger.trace("addIncludedRoles; execution result: {}", role);
	}
	
	@ManagedOperation(description="Removes included (nested) Roles")
	@ManagedOperationParameters({
		@ManagedOperationParameter(name = "roles", description = "Name of the Roles to remove separated by whitespace")})
	public void removeIncludedRoles(String roles) {
		P role = updateIncludedRoles(roles, RoleUpdater.Action.remove);
	    logger.trace("removeIncludedRoles; execution result: {}", role);
	}

	private P updateIncludedRoles(String roles, RoleUpdater.Action action) {
		String[] aRoles = roles.split(" ");
		P role = getEntity();
	    Object result = entityCache.executeOnKey(entityName, new RoleUpdater(role.getVersion(), 
	    		getCurrentUser(), aRoles, action));
		return (P) result;
	}
	
	
}