2 * Copyright (C) 2007 EDIT
3 * European Distributed Institute of Taxonomy
4 * http://www.e-taxonomy.eu
6 * The contents of this file are subject to the Mozilla Public License Version 1.1
7 * See LICENSE.TXT at the top of this package for the full license terms.
10 package eu
.etaxonomy
.cdm
.api
.service
;
12 import java
.util
.ArrayList
;
13 import java
.util
.HashMap
;
14 import java
.util
.Iterator
;
15 import java
.util
.List
;
18 import java
.util
.UUID
;
20 import org
.hibernate
.criterion
.Criterion
;
21 import org
.springframework
.beans
.factory
.annotation
.Autowired
;
22 import org
.springframework
.security
.access
.prepost
.PreAuthorize
;
23 import org
.springframework
.security
.core
.GrantedAuthority
;
24 import org
.springframework
.stereotype
.Service
;
25 import org
.springframework
.transaction
.annotation
.Transactional
;
26 import org
.springframework
.util
.Assert
;
28 import eu
.etaxonomy
.cdm
.model
.permission
.GrantedAuthorityImpl
;
29 import eu
.etaxonomy
.cdm
.model
.permission
.Group
;
30 import eu
.etaxonomy
.cdm
.model
.permission
.User
;
31 import eu
.etaxonomy
.cdm
.persistence
.dao
.permission
.IGrantedAuthorityDao
;
32 import eu
.etaxonomy
.cdm
.persistence
.dao
.permission
.IGroupDao
;
33 import eu
.etaxonomy
.cdm
.persistence
.dao
.permission
.IUserDao
;
34 import eu
.etaxonomy
.cdm
.persistence
.dto
.MergeResult
;
35 import eu
.etaxonomy
.cdm
.persistence
.query
.MatchMode
;
36 import eu
.etaxonomy
.cdm
.persistence
.query
.OrderHint
;
43 @Transactional(readOnly
= true)
44 @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")
45 public class GroupServiceImpl
extends ServiceBase
<Group
,IGroupDao
> implements IGroupService
{
47 protected IUserDao userDao
;
49 protected IGrantedAuthorityDao grantedAuthorityDao
;
52 public List
<String
> findAllGroups() {
53 return dao
.listNames(null,null);
57 public List
<String
> findUsersInGroup(String groupName
) {
58 Assert
.hasText(groupName
);
59 Group group
= dao
.findGroupByName(groupName
);
61 List
<String
> users
= dao
.listMembers(group
, null, null);
68 @Transactional(readOnly
=false)
69 public void deleteGroup(String groupUUID
) {
70 Assert
.notNull(groupUUID
);
72 Group group
= dao
.findByUuid(UUID
.fromString(groupUUID
));
73 Iterator
<User
> it
= group
.getMembers().iterator();
74 group
.getMembers().clear();
75 // while (it.hasNext()){
83 @Transactional(readOnly
=false)
84 public void renameGroup(String oldName
, String newName
) {
85 Assert
.hasText(oldName
);
86 Assert
.hasText(newName
);
88 Group group
= dao
.findGroupByName(oldName
);
90 group
.setName(newName
);
95 @Transactional(readOnly
=false)
96 public void addUserToGroup(String username
, String groupName
) {
97 Assert
.hasText(username
);
98 Assert
.hasText(groupName
);
100 Group group
= dao
.findGroupByName(groupName
);
101 User user
= userDao
.findUserByUsername(username
);
103 if(group
!= null && user
!= null){
104 if(group
.addMember(user
)) {
111 @Transactional(readOnly
=false)
112 public void removeUserFromGroup(String username
, String groupName
) {
113 Assert
.hasText(username
);
114 Assert
.hasText(groupName
);
116 Group group
= dao
.findGroupByName(groupName
);
117 User user
= userDao
.findUserByUsername(username
);
119 if(group
!= null && user
!= null){
120 if(group
.removeMember(user
)){
127 public List
<GrantedAuthority
> findGroupAuthorities(String groupName
) {
128 Assert
.hasText(groupName
);
129 Group group
= dao
.findGroupByName(groupName
);
132 return new ArrayList
<>(group
.getGrantedAuthorities());
135 return new ArrayList
<>();
139 @Transactional(readOnly
=false)
140 public void addGroupAuthority(String groupName
, GrantedAuthority authority
) {
141 Assert
.hasText(groupName
);
142 Assert
.notNull(authority
);
144 Group group
= dao
.findGroupByName(groupName
);
147 if(group
.getGrantedAuthorities().add(authority
)){
154 @Transactional(readOnly
=false)
155 public void removeGroupAuthority(String groupName
,
156 GrantedAuthority authority
) {
157 Assert
.hasText(groupName
);
158 Assert
.notNull(authority
);
160 Group group
= dao
.findGroupByName(groupName
);
163 if(group
.getGrantedAuthorities().remove(authority
)) {
171 protected void setDao(IGroupDao dao
) {
176 public void setUserDao(IUserDao userDao
){
177 this.userDao
= userDao
;
181 public void setGrantedAuthorityDao(IGrantedAuthorityDao grantedAuthorityDao
){
182 this.grantedAuthorityDao
= grantedAuthorityDao
;
187 @Transactional(readOnly
= true)
188 public List
<Group
> listByName(String queryString
,MatchMode matchmode
, List
<Criterion
> criteria
, Integer pageSize
, Integer pageNumber
, List
<OrderHint
> orderHints
, List
<String
> propertyPaths
) {
189 long numberOfResults
= dao
.countByName(queryString
, matchmode
, criteria
);
191 List
<Group
> results
= new ArrayList
<>();
192 if(numberOfResults
> 0) {
193 results
= dao
.findByName(queryString
, matchmode
, criteria
, pageSize
, pageNumber
, orderHints
, propertyPaths
);
199 @Transactional(readOnly
=false)
200 public void createGroup(String groupName
, List
<GrantedAuthority
> authorities
) {
201 Assert
.hasText(groupName
);
202 Assert
.notNull(authorities
);
204 Group newGroup
= Group
.NewInstance(groupName
);
205 for (GrantedAuthority grantedAuthority
: authorities
){
206 newGroup
.addGrantedAuthority(grantedAuthority
);
212 @Transactional(readOnly
=false)
213 @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")
214 public UUID
saveGroup(Group group
) {
215 return dao
.save(group
).getUuid();
219 @Transactional(readOnly
=false)
220 public DeleteResult
delete(UUID groupUUID
){
222 String groupUUIDString
= groupUUID
.toString();
223 Group group
= dao
.findByUuid(groupUUID
);
224 //org.springframework.security.provisioning.GroupManager#deleteGroup needs a string argument
225 this.deleteGroup(groupUUIDString
);
226 DeleteResult result
= new DeleteResult();
227 result
.addDeletedObject(group
);
228 //there is no feedback from the deleteGroup method...
233 @Transactional(readOnly
= false)
234 public MergeResult
<Group
> merge(Group newInstance
, boolean returnTransientEntity
) {
236 Set
<GrantedAuthority
> newAuthorities
= newInstance
.getGrantedAuthorities();
237 Map
<GrantedAuthority
, GrantedAuthority
> mapOfAlreadyExistingAuthorities
= new HashMap
<GrantedAuthority
, GrantedAuthority
>();
238 GrantedAuthorityImpl alreadyInDB
;
239 for (GrantedAuthority authority
: newAuthorities
){
240 if (authority
instanceof GrantedAuthorityImpl
){
241 alreadyInDB
= grantedAuthorityDao
.findAuthorityString(authority
.getAuthority());
242 if (alreadyInDB
!= null){
243 if (alreadyInDB
.getId() != ((GrantedAuthorityImpl
)authority
).getId()){
244 mapOfAlreadyExistingAuthorities
.put(authority
,alreadyInDB
);
249 for (GrantedAuthority authority
: mapOfAlreadyExistingAuthorities
.keySet()){
250 newInstance
.removeGrantedAuthority(authority
);
251 newInstance
.addGrantedAuthority(mapOfAlreadyExistingAuthorities
.get(authority
));
254 return dao
.merge(newInstance
, returnTransientEntity
);