org.alfresco.repo.security.authority
Class AuthorityServiceImpl

java.lang.Object
  extended by org.alfresco.repo.security.authority.AuthorityServiceImpl
All Implemented Interfaces:
AuthorityService, org.springframework.beans.factory.InitializingBean

public class AuthorityServiceImpl
extends java.lang.Object
implements AuthorityService, org.springframework.beans.factory.InitializingBean

The default implementation of the authority service.


Nested Class Summary
 class AuthorityServiceImpl.UserAuthoritySet
          Lazy load set of authorities.
 
Nested classes/interfaces inherited from interface org.alfresco.service.cmr.security.AuthorityService
AuthorityService.AuthorityFilter
 
Field Summary
 
Fields inherited from interface org.alfresco.service.cmr.security.AuthorityService
ZONE_APP_DEFAULT, ZONE_APP_SHARE, ZONE_APP_WCM, ZONE_AUTH_ALFRESCO, ZONE_AUTH_EXT_PREFIX
 
Constructor Summary
AuthorityServiceImpl()
           
 
Method Summary
 void addAuthority(java.util.Collection parentNames, java.lang.String childName)
          Set a given child authority to be included by the given parent authorities.
 void addAuthority(java.lang.String parentName, java.lang.String childName)
          Set an authority to include another authority.
 void addAuthorityToZones(java.lang.String authorityName, java.util.Set zones)
          Add a zone to an authority.
 void afterPropertiesSet()
           
 boolean authorityExists(java.lang.String name)
          Check if an authority exists.
 java.lang.String createAuthority(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String shortName)
          Create an authority.
 java.lang.String createAuthority(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String shortName, java.lang.String authorityDisplayName, java.util.Set authorityZones)
          Create an authority with a display name and zone.
 void deleteAuthority(java.lang.String name)
          Delete an authority and all its relationships.
 void deleteAuthority(java.lang.String name, boolean cascade)
          Delete an authority and all its relationships, optionally recursively deleting child authorities of the same type.
 java.util.Set findAuthorities(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String parentAuthority, boolean immediate, java.lang.String displayNamePattern, java.lang.String zoneName)
          Search for authorities by pattern matching (* and ?) against the authority name.
 java.util.Set getAllAuthorities(org.alfresco.service.cmr.security.AuthorityType type)
          Get all authorities by type See also "getAuthorities" (paged) alternative
 java.util.Set getAllAuthoritiesInZone(java.lang.String zoneName, org.alfresco.service.cmr.security.AuthorityType type)
          Gets the names of all authorities in a zone, optionally filtered by type See also "getAuthorities" paged alternative (note: in that case, zone must exist)
 java.util.Set getAllRootAuthorities(org.alfresco.service.cmr.security.AuthorityType type)
          Get all root authorities by type.
 java.util.Set getAllRootAuthoritiesInZone(java.lang.String zoneName, org.alfresco.service.cmr.security.AuthorityType type)
          Gets the names of all root authorities in a zone, optionally filtered by type.
 java.util.Set getAuthorities()
          Get the authorities for the current user
 org.alfresco.query.PagingResults getAuthorities(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String zoneName, java.lang.String displayNameFilter, boolean sortByDisplayName, boolean sortAscending, org.alfresco.query.PagingRequest pagingRequest)
          Get authorities by type and/or zone
 java.util.Set getAuthoritiesForUser(java.lang.String currentUserName)
          Get the authorities for the given user
 java.lang.String getAuthorityDisplayName(java.lang.String name)
          Get the display name for the given authority.
 org.alfresco.service.cmr.repository.NodeRef getAuthorityNodeRef(java.lang.String name)
          Gets the authority node for the specified name
 java.util.Set getAuthorityZones(java.lang.String name)
          Gets the name of the zone containing the specified authority.
 java.util.Set getContainedAuthorities(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String name, boolean immediate)
          Get all the authorities that are contained by the given authority.
 java.util.Set getContainingAuthorities(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String name, boolean immediate)
          Get the authorities that contain the given authority, but use getAuthoritiesForUser(userName).contains(authority) rather than getContainingAuthorities(type, userName, false).contains(authority) or use #getContainingAuthoritiesInZone(AuthorityType, String, AuthorityService.ZONE_APP_DEFAULT) as they will be much faster.
 java.util.Set getContainingAuthoritiesInZone(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String authority, java.lang.String zoneName, AuthorityService.AuthorityFilter filter, int size)
          Get a set of authorities with varying filter criteria
 java.util.Set getDefaultZones()
          Get the name of the default zone.
 java.lang.String getName(org.alfresco.service.cmr.security.AuthorityType type, java.lang.String shortName)
          Create the full identifier for an authority given its short name and type.
 org.alfresco.service.cmr.repository.NodeRef getOrCreateZone(java.lang.String zoneName)
          Gets or creates an authority zone node with the specified name
 java.lang.String getShortName(java.lang.String name)
          Extract the short name of an authority from its full identifier.
 org.alfresco.service.cmr.repository.NodeRef getZone(java.lang.String zoneName)
          Gets an authority zone node with the specified name
 boolean hasAdminAuthority()
          Check of the current user has admin authority.
 boolean hasGuestAuthority()
          Check of the current user has guest authority.
 boolean isAdminAuthority(java.lang.String authorityName)
          Does the given authority have admin authority.
 boolean isGuestAuthority(java.lang.String authorityName)
          Does the given authority have guest authority.
 void removeAuthority(java.lang.String parentName, java.lang.String childName)
          Remove an authority as a member of another authority.
 void removeAuthorityFromZones(java.lang.String authorityName, java.util.Set zones)
          Remove a zone from an authority
 void setAdminGroups(java.util.Set adminGroups)
           
 void setAuthenticationService(AuthenticationService authenticationService)
           
 void setAuthorityDAO(AuthorityDAO authorityDAO)
           
 void setAuthorityDisplayName(java.lang.String authorityName, java.lang.String authorityDisplayName)
          Set the display name for the given authority.
 void setGuestGroups(java.util.Set guestGroups)
           
 void setPermissionServiceSPI(PermissionServiceSPI permissionServiceSPI)
           
 void setPersonService(PersonService personService)
           
 void setTenantService(org.alfresco.repo.tenant.TenantService tenantService)
           
 void setUserNameMatcher(UserNameMatcher userNameMatcher)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthorityServiceImpl

public AuthorityServiceImpl()
Method Detail

setTenantService

public void setTenantService(org.alfresco.repo.tenant.TenantService tenantService)

setPersonService

public void setPersonService(PersonService personService)

setAuthorityDAO

public void setAuthorityDAO(AuthorityDAO authorityDAO)

setUserNameMatcher

public void setUserNameMatcher(UserNameMatcher userNameMatcher)

setAuthenticationService

public void setAuthenticationService(AuthenticationService authenticationService)

setPermissionServiceSPI

public void setPermissionServiceSPI(PermissionServiceSPI permissionServiceSPI)

setAdminGroups

public void setAdminGroups(java.util.Set adminGroups)

setGuestGroups

public void setGuestGroups(java.util.Set guestGroups)

afterPropertiesSet

public void afterPropertiesSet()
                        throws java.lang.Exception
Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
Throws:
java.lang.Exception

hasAdminAuthority

public boolean hasAdminAuthority()
Check of the current user has admin authority. There is no contract for who should have this authority, only that it can be tested here. It could be determined by group membership, role, authentication mechanism, ...

Specified by:
hasAdminAuthority in interface AuthorityService
Returns:
true if the currently authenticated user has the admin authority

isAdminAuthority

public boolean isAdminAuthority(java.lang.String authorityName)
Does the given authority have admin authority.

Specified by:
isAdminAuthority in interface AuthorityService
Parameters:
authorityName - The name of the authority.
Returns:
Whether the authority is an 'administrator'.

hasGuestAuthority

public boolean hasGuestAuthority()
Check of the current user has guest authority. There is no contract for who should have this authority, only that it can be tested here. It could be determined by group membership, role, authentication mechanism, ...

Specified by:
hasGuestAuthority in interface AuthorityService
Returns:
true if the currently authenticated user has the guest authority

isGuestAuthority

public boolean isGuestAuthority(java.lang.String authorityName)
Does the given authority have guest authority.

Specified by:
isGuestAuthority in interface AuthorityService
Parameters:
authorityName - The name of the authority.
Returns:
Whether the authority is a 'guest'.

getAuthorities

public java.util.Set getAuthorities()
Get the authorities for the current user

Specified by:
getAuthorities in interface AuthorityService
Returns:
authorities for the current user

getAuthoritiesForUser

public java.util.Set getAuthoritiesForUser(java.lang.String currentUserName)
Get the authorities for the given user

Specified by:
getAuthoritiesForUser in interface AuthorityService

getAllAuthorities

public java.util.Set getAllAuthorities(org.alfresco.service.cmr.security.AuthorityType type)
Get all authorities by type See also "getAuthorities" (paged) alternative

Specified by:
getAllAuthorities in interface AuthorityService
Parameters:
type - the type of authorities - cannot be null
Returns:
all authorities by type
See Also:
(paged)

getAuthorities

public org.alfresco.query.PagingResults getAuthorities(org.alfresco.service.cmr.security.AuthorityType type,
                                                       java.lang.String zoneName,
                                                       java.lang.String displayNameFilter,
                                                       boolean sortByDisplayName,
                                                       boolean sortAscending,
                                                       org.alfresco.query.PagingRequest pagingRequest)
Get authorities by type and/or zone

Specified by:
getAuthorities in interface AuthorityService
Parameters:
type - the type of authorities (note: mandatory if zoneName is null)
zoneName - the zoneName (note: mandatory if type is null)
displayNameFilter - optional filter (startsWith / ignoreCase) for authority display name (note: implied trailing "*")
sortByDisplayName - if true then sort (ignoring case) by the authority display name, if false then unsorted note: for users, displayName/shortName is equivalent to the userName, for groups if the display is null then use the short name
sortAscending - if true then sort ascending else sort descending (ignore if sortByDisplayName is false)
pagingRequest - the requested page (skipCount, maxItems, queryExectionId)

addAuthority

public void addAuthority(java.lang.String parentName,
                         java.lang.String childName)
Set an authority to include another authority. For example, adding a group to a group or adding a user to a group.

Specified by:
addAuthority in interface AuthorityService
Parameters:
parentName - - the full name string identifier for the parent.
childName - - the string identifier for the child.

addAuthority

public void addAuthority(java.util.Collection parentNames,
                         java.lang.String childName)
Set a given child authority to be included by the given parent authorities. For example, adding a group to groups or adding a user to groups.

Specified by:
addAuthority in interface AuthorityService
Parameters:
parentNames - - the full name string identifier for the parents.
childName - - the string identifier for the child.

createAuthority

public java.lang.String createAuthority(org.alfresco.service.cmr.security.AuthorityType type,
                                        java.lang.String shortName)
Create an authority.

Specified by:
createAuthority in interface AuthorityService
Parameters:
type - - the type of the authority
shortName - - the short name of the authority to create this will also be set as the default display name for the authority
Returns:
the name of the authority (this will be the prefix, if any associated with the type appended with the short name)

deleteAuthority

public void deleteAuthority(java.lang.String name)
Delete an authority and all its relationships. Note child authorities are not deleted.

Specified by:
deleteAuthority in interface AuthorityService

deleteAuthority

public void deleteAuthority(java.lang.String name,
                            boolean cascade)
Delete an authority and all its relationships, optionally recursively deleting child authorities of the same type.

Specified by:
deleteAuthority in interface AuthorityService
Parameters:
name - the authority long name
cascade - should the delete be cascaded to child authorities of the same type?

getAllRootAuthorities

public java.util.Set getAllRootAuthorities(org.alfresco.service.cmr.security.AuthorityType type)
Get all root authorities by type. Root authorities are ones that were created without an authority as the parent authority;

Specified by:
getAllRootAuthorities in interface AuthorityService
Parameters:
type - - the type of the authority
Returns:
all root authorities by type.

getContainedAuthorities

public java.util.Set getContainedAuthorities(org.alfresco.service.cmr.security.AuthorityType type,
                                             java.lang.String name,
                                             boolean immediate)
Get all the authorities that are contained by the given authority. For a group you could get all the authorities it contains, just the users it contains or just the other groups it includes.

Specified by:
getContainedAuthorities in interface AuthorityService
Parameters:
type - - if not null, limit to the type of authority specified
name - - the name of the containing authority
immediate - - if true, limit the depth to just immediate child, if false find authorities at any depth
Returns:

getContainingAuthorities

public java.util.Set getContainingAuthorities(org.alfresco.service.cmr.security.AuthorityType type,
                                              java.lang.String name,
                                              boolean immediate)
Get the authorities that contain the given authority, but use getAuthoritiesForUser(userName).contains(authority) rather than getContainingAuthorities(type, userName, false).contains(authority) or use #getContainingAuthoritiesInZone(AuthorityType, String, AuthorityService.ZONE_APP_DEFAULT) as they will be much faster. For example, this method can be used find out all the authorities that contain a group.

Specified by:
getContainingAuthorities in interface AuthorityService
Parameters:
type - - if not null, limit to the type of authority specified
name - - the name of the authority for which the containing authorities are required.
immediate - - limit to immediate parents or any ancestor.
Returns:

getAuthorityNodeRef

public org.alfresco.service.cmr.repository.NodeRef getAuthorityNodeRef(java.lang.String name)
Gets the authority node for the specified name

Specified by:
getAuthorityNodeRef in interface AuthorityService
Parameters:
name - The authority name
Returns:
the reference to the authority node

getContainingAuthoritiesInZone

public java.util.Set getContainingAuthoritiesInZone(org.alfresco.service.cmr.security.AuthorityType type,
                                                    java.lang.String authority,
                                                    java.lang.String zoneName,
                                                    AuthorityService.AuthorityFilter filter,
                                                    int size)
Get a set of authorities with varying filter criteria

Specified by:
getContainingAuthoritiesInZone in interface AuthorityService
Parameters:
type - authority type or null for all types
authority - if non-null, only return those authorities who contain this authority
zoneName - if non-null, only include authorities in the named zone
filter - optional callback to apply further filter criteria or null
size - if greater than zero, the maximum results to return. The search strategy used is varied depending on this number.
Returns:
a set of authorities

removeAuthority

public void removeAuthority(java.lang.String parentName,
                            java.lang.String childName)
Description copied from interface: AuthorityService
Remove an authority as a member of another authority. The child authority will still exist. If the child authority was not created as a root authority and you remove its creation link, it will be moved to a root authority. If you want rid of it, use delete.

Specified by:
removeAuthority in interface AuthorityService
Parameters:
parentName - - the string identifier for the parent.
childName - - the string identifier for the child.

authorityExists

public boolean authorityExists(java.lang.String name)
Check if an authority exists.

Specified by:
authorityExists in interface AuthorityService
Parameters:
name - (the long name).
Returns:
true, the authority exists.

createAuthority

public java.lang.String createAuthority(org.alfresco.service.cmr.security.AuthorityType type,
                                        java.lang.String shortName,
                                        java.lang.String authorityDisplayName,
                                        java.util.Set authorityZones)
Create an authority with a display name and zone.

Specified by:
createAuthority in interface AuthorityService
Parameters:
type - the type of the authority
shortName - the short name of the authority to create
authorityDisplayName - the display name for the authority
Returns:
the full name of the authority (this will be the prefix, if any associated with the type appended with the short name)

getAuthorityDisplayName

public java.lang.String getAuthorityDisplayName(java.lang.String name)
Get the display name for the given authority.

Specified by:
getAuthorityDisplayName in interface AuthorityService
Parameters:
name - - the full authority string including any prefix (e.g. GROUP_woof)
Returns:
- the display name

setAuthorityDisplayName

public void setAuthorityDisplayName(java.lang.String authorityName,
                                    java.lang.String authorityDisplayName)
Set the display name for the given authority. Setting the display name is only supported for authorities of type group

Specified by:
setAuthorityDisplayName in interface AuthorityService

getAuthorityZones

public java.util.Set getAuthorityZones(java.lang.String name)
Gets the name of the zone containing the specified authority.

Specified by:
getAuthorityZones in interface AuthorityService
Parameters:
name - the authority long name
Returns:
the the name of the zone containing the specified authority, AuthorityService#DEFAULT_ZONE if the authority exists but has no zone, or null if the authority does not exist.

getOrCreateZone

public org.alfresco.service.cmr.repository.NodeRef getOrCreateZone(java.lang.String zoneName)
Gets or creates an authority zone node with the specified name

Specified by:
getOrCreateZone in interface AuthorityService
Parameters:
zoneName - the zone name
Returns:
reference to the zone node

getZone

public org.alfresco.service.cmr.repository.NodeRef getZone(java.lang.String zoneName)
Gets an authority zone node with the specified name

Specified by:
getZone in interface AuthorityService
Parameters:
zoneName - the zone name
Returns:
reference to the zone node or null

getAllAuthoritiesInZone

public java.util.Set getAllAuthoritiesInZone(java.lang.String zoneName,
                                             org.alfresco.service.cmr.security.AuthorityType type)
Gets the names of all authorities in a zone, optionally filtered by type See also "getAuthorities" paged alternative (note: in that case, zone must exist)

Specified by:
getAllAuthoritiesInZone in interface AuthorityService
Parameters:
zoneName - the zone name - note: if zone does not exist then will currently return empty set
type - the authority type to filter by or null for all authority types
Returns:
the names of all authorities in a zone, optionally filtered by type
See Also:
(paged)

addAuthorityToZones

public void addAuthorityToZones(java.lang.String authorityName,
                                java.util.Set zones)
Add a zone to an authority.

Specified by:
addAuthorityToZones in interface AuthorityService

removeAuthorityFromZones

public void removeAuthorityFromZones(java.lang.String authorityName,
                                     java.util.Set zones)
Remove a zone from an authority

Specified by:
removeAuthorityFromZones in interface AuthorityService

getDefaultZones

public java.util.Set getDefaultZones()
Get the name of the default zone.

Specified by:
getDefaultZones in interface AuthorityService
Returns:
the default zone

getAllRootAuthoritiesInZone

public java.util.Set getAllRootAuthoritiesInZone(java.lang.String zoneName,
                                                 org.alfresco.service.cmr.security.AuthorityType type)
Gets the names of all root authorities in a zone, optionally filtered by type.

Specified by:
getAllRootAuthoritiesInZone in interface AuthorityService
Parameters:
zoneName - the zone name
type - the authority type to filter by or null for all authority types
Returns:
the names of all root authorities in a zone, optionally filtered by type

findAuthorities

public java.util.Set findAuthorities(org.alfresco.service.cmr.security.AuthorityType type,
                                     java.lang.String parentAuthority,
                                     boolean immediate,
                                     java.lang.String displayNamePattern,
                                     java.lang.String zoneName)
Search for authorities by pattern matching (* and ?) against the authority name. Note: This will use a search index to find the results (eg. via Lucene / SOLR).

Specified by:
findAuthorities in interface AuthorityService
parentAuthority - if non-null, will look only for authorities who are a child of the named parent
immediate - if true then only search root groups if parentAuthority is null, or immediate children of parentAuthority if it is non-null.
zoneName - - may be null to indicate all zones
Returns:

getName

public java.lang.String getName(org.alfresco.service.cmr.security.AuthorityType type,
                                java.lang.String shortName)
Create the full identifier for an authority given its short name and type.

Specified by:
getName in interface AuthorityService
Returns:

getShortName

public java.lang.String getShortName(java.lang.String name)
Extract the short name of an authority from its full identifier.

Specified by:
getShortName in interface AuthorityService
Returns:


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.