public static void setGroupProperties(PDPGroup group, Properties properties) {
//
// make sure its in the list of groups
//
Iterable<String> groups =
Splitter.on(',')
.trimResults()
.omitEmptyStrings()
.split(properties.getProperty(PROP_PAP_GROUPS, ""));
boolean inList = false;
for (String g : groups) {
if (g.equals(group.getId())) {
inList = true;
}
}
if (!inList) {
Set<String> grps = Sets.newHashSet(groups);
grps.add(group.getId());
String newGroupList = "";
if (grps.size() == 1) {
newGroupList = grps.iterator().next();
} else if (grps.size() > 1) {
newGroupList = Joiner.on(',').skipNulls().join(grps);
}
logger.info("New Group List: " + newGroupList);
properties.setProperty(PROP_PAP_GROUPS, newGroupList);
}
//
// Set its properties
//
properties.setProperty(group.getId() + ".name", group.getName());
properties.setProperty(group.getId() + ".description", group.getDescription());
//
// Set its PDP list
//
if (group.getPdps().size() > 0) {
String pdpList = "";
if (group.getPdps().size() == 1) {
pdpList = group.getPdps().iterator().next().getId();
} else if (group.getPdps().size() > 1) {
Set<String> ids = new HashSet<String>();
for (PDP pdp : group.getPdps()) {
ids.add(pdp.getId());
}
pdpList = Joiner.on(',').skipNulls().join(ids);
}
properties.setProperty(group.getId() + ".pdps", pdpList);
} else {
properties.setProperty(group.getId() + ".pdps", "");
}
}
@Override
public void newPDP(String id, PDPGroup group, String name, String description)
throws PAPException, NullPointerException {
if (group == null) {
throw new PAPException("You must specify which group the PDP will belong to.");
}
if (!this.groups.contains(group)) {
throw new PAPException("Unknown group, not in our list.");
}
for (PDP p : group.getPdps()) {
if (p.getId().equals(id)) {
throw new PAPException("A PDP with this ID exists.");
}
}
if (group instanceof StdPDPGroup) {
StdPDP pdp = new StdPDP(id, name, description);
if (((StdPDPGroup) group).addPDP(pdp)) {
//
// Save the properties and notify any listeners
//
pdpChanged(pdp);
return;
}
}
}
@Override
public PDPGroup getPDPGroup(PDP pdp) throws PAPException {
for (PDPGroup group : this.groups) {
if (group.getPdps().contains(pdp)) {
return group;
}
}
return null;
}
@Override
public PDP getPDP(String pdpId) throws PAPException {
for (PDPGroup group : this.groups) {
for (PDP pdp : group.getPdps()) {
if (pdp.getId().equals(pdpId)) {
return pdp;
}
}
}
return null;
}
private void saveConfiguration() throws PAPException, IOException {
//
// Create our properties object
//
Properties properties =
new Properties() {
private static final long serialVersionUID = 1L;
// For Debugging it is helpful for the file to be in a sorted order,
// any by returning the keys in the natural Alpha order for strings we get close enough.
// TreeSet is sorted, and this just overrides the normal Properties method to get the
// keys.
@Override
public synchronized Enumeration<Object> keys() {
return Collections.enumeration(new TreeSet<Object>(super.keySet()));
}
};
//
// Iterate our groups
//
List<String> ids = new ArrayList<String>();
for (PDPGroup group : this.groups) {
ids.add(group.getId());
properties.setProperty(
group.getId() + ".name", (group.getName() == null ? "" : group.getName()));
properties.setProperty(
group.getId() + ".description",
(group.getDescription() == null ? "" : group.getDescription()));
//
// Iterate its PDPs
//
List<String> pdps = new ArrayList<String>();
for (PDP pdp : group.getPdps()) {
pdps.add(pdp.getId());
properties.setProperty(pdp.getId() + ".name", (pdp.getName() == null ? "" : pdp.getName()));
properties.setProperty(
pdp.getId() + ".description",
(pdp.getDescription() == null ? "" : pdp.getDescription()));
}
String pdpList = "";
if (pdps.size() == 1) {
pdpList = pdps.get(0);
} else if (pdps.size() > 1) {
pdpList = Joiner.on(',').skipNulls().join(pdps);
}
if (logger.isDebugEnabled()) {
logger.debug("Group " + group.getId() + " PDPS: " + pdpList);
}
properties.setProperty(group.getId() + ".pdps", pdpList);
}
if (ids.isEmpty()) {
throw new PAPException("Inconsistency - we have NO groups. We should have at least one.");
}
String groupList = "";
if (ids.size() == 1) {
groupList = ids.get(0);
} else if (ids.size() > 1) {
groupList = Joiner.on(',').skipNulls().join(ids);
}
logger.info("New Group List: " + groupList);
properties.setProperty(PROP_PAP_GROUPS, groupList);
//
// Get the default group
//
PDPGroup defaultGroup = this.getDefaultGroup();
if (defaultGroup == null) {
throw new PAPException("Invalid state - no default group.");
}
properties.setProperty(PROP_PAP_GROUPS_DEFAULT, defaultGroup.getId());
//
// Now we can save the file
//
Path file = Paths.get(this.repository.toString(), "xacml.properties");
try (OutputStream os = Files.newOutputStream(file)) {
properties.store(os, "");
}
}
@Override
public void removeGroup(PDPGroup group, PDPGroup newGroup)
throws PAPException, NullPointerException {
if (group == null) {
throw new NullPointerException();
}
//
// Does this group exist?
//
if (!this.groups.contains(group)) {
logger.error("This group doesn't exist.");
throw new PAPException("The group '" + group.getId() + "' does not exist");
}
//
// Is it the default group?
//
if (group.isDefaultGroup()) {
throw new PAPException("You cannot delete the default group.");
}
Set<PDP> pdps = group.getPdps();
//
// Are there PDPs? If so, then we need a target group
//
if (!pdps.isEmpty() && newGroup == null) {
throw new NullPointerException(
"Group targeted for deletion has PDPs, you must provide a new group for them.");
}
//
// Move the PDPs
//
if (!pdps.isEmpty()) {
if (!(newGroup instanceof StdPDPGroup)) {
throw new PAPException(
"Unexpected class for newGroup: " + newGroup.getClass().getCanonicalName());
}
// The movePDP function will modify the set of PDPs in the group.
// To avoid concurrent modification exceptions we need to duplicate the list before calling
// that
// function.
List<PDP> pdpList = new ArrayList<PDP>();
for (PDP pdp : pdps) {
pdpList.add(pdp);
}
// now we can use the PDPs from the list without having ConcurrentAccessExceptions
for (PDP pdp : pdpList) {
this.movePDP(pdp, newGroup);
}
}
//
// remove the directory for the group
//
String id = group.getId();
Path groupPath = Paths.get(this.repository.toString(), id);
//
// If it exists already
//
if (!Files.exists(groupPath)) {
logger.warn("removeGroup " + id + " directory does not exist" + groupPath.toString());
} else {
try {
Files.walkFileTree(
groupPath,
new SimpleFileVisitor<Path>() {
@Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs)
throws IOException {
Files.delete(file);
return super.visitFile(file, attrs);
}
});
//
// delete the directory
//
Files.delete(groupPath);
} catch (IOException e) {
logger.error("Failed to delete " + groupPath + ": " + e);
throw new PAPException("Failed to delete " + id);
}
}
// remove the group from the set of all groups
groups.remove(group);
//
// Save changes
//
changed();
this.doSave();
}
