/**
   * Deploys a .gar archive to the Registry path in REGISTRY_GADGET_STORAGE_PATH
   *
   * @param deploymentFileData - info about the deployed file
   * @throws DeploymentException - error while deploying .gar archive
   */
  public void deploy(DeploymentFileData deploymentFileData) throws DeploymentException {
    try {

      //            int tenantId;
      //            try {
      //                tenantId =
      // MultitenantUtils.getTenantId(DashboardContext.getConfigContext());
      //            } catch (Exception e) {
      //                throw new DeploymentException(e);
      //            }

      UserRegistry registry = getRegistry(tenantID);

      // Extracting archive
      String extractedArchiveDir = extractGarArchive(deploymentFileData.getAbsolutePath());

      // Set permission for anonymous read. We do it here because it should happen always in order
      // to support mounting a remote registry.

      if (registry != null) {
        AuthorizationManager accessControlAdmin = registry.getUserRealm().getAuthorizationManager();

        if (!accessControlAdmin.isRoleAuthorized(
            CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME,
            RegistryConstants.CONFIG_REGISTRY_BASE_PATH + REGISTRY_GADGET_STORAGE_PATH,
            ActionConstants.GET)) {
          accessControlAdmin.authorizeRole(
              CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME,
              RegistryConstants.CONFIG_REGISTRY_BASE_PATH + REGISTRY_GADGET_STORAGE_PATH,
              ActionConstants.GET);
        }

        File gadgetsDir = new File(extractedArchiveDir);
        if (gadgetsDir.exists()) {
          beginFileTansfer(gadgetsDir, tenantID);

          log.info(
              "Successfully populated gadgets from archive ."
                  + deploymentFileData.getAbsolutePath()
                  + " to the registry.");
        } else {
          log.info("Couldn't find contents at '" + extractedArchiveDir + "'. Giving up.");
        }
      }

    } catch (RegistryException e) {
      throw new DeploymentException("An error occured while deploying gadget archive", e);
    } catch (CarbonException e) {
      throw new DeploymentException("An error occured while deploying gadget archive", e);
    } catch (UserStoreException e) {
      throw new DeploymentException("An error occured while deploying gadget archive", e);
    }
  }
  private static void transferDirectoryContentToRegistry(
      File rootDirectory, Registry registry, String rootPath, int tenantId) throws Exception {

    try {

      File[] filesAndDirs = rootDirectory.listFiles();
      List<File> filesDirs = Arrays.asList(filesAndDirs);

      for (File file : filesDirs) {

        if (!file.isFile()) {
          // This is a Directory add a new collection
          // This path is used to store the file resource under registry
          String directoryRegistryPath =
              REGISTRY_GADGET_STORAGE_PATH
                  + file.getAbsolutePath().substring(rootPath.length()).replaceAll("[/\\\\]+", "/");

          // If the collection exists no need to create it. If not, create.
          if (!registry.resourceExists(directoryRegistryPath)) {
            Collection newCollection = registry.newCollection();
            registry.put(directoryRegistryPath, newCollection);
          }

          // Set permission for anonymous read. We do it here because it should happen always in
          // order
          // to support mounting a remote registry.
          UserRegistry userRegistry = getRegistry(tenantId);
          AuthorizationManager accessControlAdmin =
              userRegistry.getUserRealm().getAuthorizationManager();

          if (!accessControlAdmin.isRoleAuthorized(
              CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME,
              RegistryConstants.CONFIG_REGISTRY_BASE_PATH + REGISTRY_GADGET_STORAGE_PATH,
              ActionConstants.GET)) {
            accessControlAdmin.authorizeRole(
                CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME,
                RegistryConstants.CONFIG_REGISTRY_BASE_PATH + REGISTRY_GADGET_STORAGE_PATH,
                ActionConstants.GET);
          }

          // recurse
          transferDirectoryContentToRegistry(file, registry, rootPath, tenantId);
        } else {
          // Adding gadget to the gadget browser: gadget conf.xml need to be present
          if (file.getName().equals(GADGET_CONF_FILE)) {
            FileInputStream fis = new FileInputStream(file);
            XMLInputFactory xif = XMLInputFactory.newInstance();
            XMLStreamReader reader = xif.createXMLStreamReader(fis);

            StAXOMBuilder builder = new StAXOMBuilder(reader);
            OMElement omEle = builder.getDocumentElement();

            String gadgetName = omEle.getFirstChildWithName(new QName("name")).getText();
            String gadgetPath = omEle.getFirstChildWithName(new QName("path")).getText();
            String gadgetDesc = omEle.getFirstChildWithName(new QName("description")).getText();

            Resource res = registry.newResource();
            res.setProperty(DashboardConstants.GADGET_NAME, gadgetName);
            res.setProperty(DashboardConstants.GADGET_DESC, gadgetDesc);
            res.setProperty(DashboardConstants.GADGET_URL, gadgetPath);

            registry.put(
                DashboardConstants.SYSTEM_GADGETREPO_REGISTRY_ROOT
                    + DashboardConstants.GADGETS_COL
                    + "/"
                    + gadgetName,
                res);

          } else {
            // Add this to registry
            addToRegistry(rootPath, file, tenantId);
          }
        }
      }
    } catch (Exception e) {
      log.error(e.getMessage(), e);
      throw new Exception(e);
    }
  }
  public void doAuthorizationStuff() throws Exception {
    AuthorizationManager authMan = realm.getAuthorizationManager();
    UserStoreManager usWriter = realm.getUserStoreManager();

    usWriter.addRole("rolex", new String[] {"saman", "amara"}, null);
    usWriter.addRole("roley", null, null);
    authMan.authorizeRole("rolex", "wall", "write");
    authMan.authorizeRole("roley", "table", "write");
    authMan.authorizeUser("sunil", "wall", "read");

    assertTrue(authMan.isUserAuthorized("saman", "wall", "write"));
    assertTrue(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertTrue(authMan.isRoleAuthorized("roley", "table", "write"));
    assertFalse(authMan.isUserAuthorized("saman", "wall", "read"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "write"));

    authMan.clearUserAuthorization("sunil", "wall", "read");
    authMan.clearRoleAuthorization("roley", "table", "write");
    authMan.clearResourceAuthorizations("wall");

    assertFalse(authMan.isUserAuthorized("saman", "wall", "write"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertFalse(authMan.isRoleAuthorized("roley", "table", "write"));
  }
  public void doAuthorizationStuff() throws Exception {
    AuthorizationManager authMan = realm.getAuthorizationManager();
    UserStoreManager usWriter = realm.getUserStoreManager();

    usWriter.addRole("rolex", new String[] {"saman", "amara"}, null);
    usWriter.addRole("roley", null, null);
    authMan.authorizeRole("rolex", "wall", "write");
    authMan.authorizeRole("roley", "table", "write");

    try {
      authMan.authorizeRole(null, "wall", "write");
      fail("Exception at authorizing a role with Null role");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeRole("rollee", null, "write");
      fail("Exception at authorizing a role with Null resourceID");
    } catch (Exception e) {
      // exptected error in negative testing
    }
    try {
      authMan.authorizeRole("rollee", "wall", null);
      fail("Exception at authorizing a role with Null action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeRole("rolleex", "wall", "run");
      fail("Exception at authorizing a role with Invalid action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    // ***authorize user
    authMan.authorizeUser("sunil", "wall", "read");
    try {
      authMan.authorizeUser(null, "wall", "read");
      fail("Exception at authorizing a user with Null name");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeUser("isuru", null, "read");
      fail("Exception at authorizing a user with Null resourceID");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeUser("isuru", "wall", null);
      fail("Exception at authorizing a user with Null action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeUser("isuru", "wall", "run");
      fail("Exception at authorizing a user with Invalid action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    assertTrue(authMan.isUserAuthorized("saman", "wall", "write"));
    assertTrue(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertTrue(authMan.isRoleAuthorized("primary/roley", "table", "write"));
    assertFalse(authMan.isRoleAuthorized("roley", "chair", "write"));
    assertFalse(authMan.isUserAuthorized("saman", "wall", "read"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "write"));
    assertFalse(authMan.isUserAuthorized("isuru", "wall", "write"));
    try {
      boolean b = authMan.isUserAuthorized("isuru", "wall", "run");
      fail("Exception at check authorization of a user with Invalid action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    String[] AllowedRolesForResource = authMan.getAllowedRolesForResource("wall", "write");
    assertEquals(1, AllowedRolesForResource.length);
    // assertEquals(2,authMan.getAllowedUsersForResource("wall", "write").length);
    // String[] AllowedUsersForResource = authMan.getAllowedUsersForResource("wall", "read");
    // assertEquals(1, AllowedUsersForResource.length);

    authMan.clearUserAuthorization("sunil", "wall", "read");
    try {
      authMan.clearUserAuthorization("isuru", "wall", "run");
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearUserAuthorization(null, "wall", "run");
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearUserAuthorization("isuru", null, "run");
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearUserAuthorization("isuru", "wall", null);
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    authMan.clearRoleAuthorization("roley", "table", "write");
    try {
      authMan.clearRoleAuthorization(null, "table", "write");
      fail("Exception at clear role authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearRoleAuthorization("roleee", null, "write");
      fail("Exception at clear role authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearRoleAuthorization("roleee", "table", null);
      fail("Exception at clear role authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    authMan.clearResourceAuthorizations("wall");
    try {
      authMan.clearResourceAuthorizations(null);
      fail("Exception at clear Resource Authorizations");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    assertFalse(authMan.isUserAuthorized("saman", "wall", "write"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertFalse(authMan.isRoleAuthorized("roley", "table", "write"));
  }