/** * Access (find if needed) the azg from the AuthzGroupService that implements my grouping. * * @return My azg. */ protected AuthzGroup getAzg() { if (m_azg == null) { try { m_azg = AuthzGroupService.getAuthzGroup(getReference()); } catch (GroupNotDefinedException e) { try { // create the group's azg, but don't store it yet (that happens if save is called) // use a template, but assign no user any maintain role // find the template for the new azg String groupAzgTemplate = siteService.groupAzgTemplate(m_site); AuthzGroup template = null; try { template = AuthzGroupService.getAuthzGroup(groupAzgTemplate); } catch (Exception e1) { try { // if the template is not defined, try the fall back template template = AuthzGroupService.getAuthzGroup("!group.template"); } catch (Exception e2) { } } m_azg = AuthzGroupService.newAuthzGroup(getReference(), template, null); m_azgChanged = true; if (m_site != null) { try { // remove all roles that is not in parent site realm Set<Role> parentSiteRoles = m_site.getRoles(); for (Iterator<Role> i = m_azg.getRoles().iterator(); i.hasNext(); ) { Role role = (Role) i.next(); if (!parentSiteRoles.contains(role)) { m_azg.removeRole(role.getId()); } } // add all new roles from parent site realm Set<Role> currentRoles = m_azg.getRoles(); for (Iterator<Role> j = parentSiteRoles.iterator(); j.hasNext(); ) { Role role = (Role) j.next(); if (currentRoles == null || !currentRoles.contains(role)) { String roleId = role.getId(); try { m_azg.addRole(roleId, role); } catch (RoleAlreadyDefinedException rException) { M_log.warn( "getAzg: role id " + roleId + " already used in group " + m_azg.getReference() + rException.getMessage()); } } } } catch (Exception e1) { M_log.warn( "getAzg: cannot access realm of " + m_site.getReference() + e1.getMessage()); } } } catch (Throwable t) { M_log.warn("getAzg: " + t); } } } return m_azg; }
/** @inheritDoc */ public String getReference() { return siteService.siteGroupReference(m_site.getId(), getId()); }