/**
* Access (find if needed) the azg from the AuthzGroupService that implements my grouping.
*
* @return My azg.
*/
protected AuthzGroup getAzg() {
if (m_azg == null) {
try {
m_azg = AuthzGroupService.getAuthzGroup(getReference());
} catch (GroupNotDefinedException e) {
try {
// create the group's azg, but don't store it yet (that happens if save is called)
// use a template, but assign no user any maintain role
// find the template for the new azg
String groupAzgTemplate = siteService.groupAzgTemplate(m_site);
AuthzGroup template = null;
try {
template = AuthzGroupService.getAuthzGroup(groupAzgTemplate);
} catch (Exception e1) {
try {
// if the template is not defined, try the fall back template
template = AuthzGroupService.getAuthzGroup("!group.template");
} catch (Exception e2) {
}
}
m_azg = AuthzGroupService.newAuthzGroup(getReference(), template, null);
m_azgChanged = true;
if (m_site != null) {
try {
// remove all roles that is not in parent site realm
Set<Role> parentSiteRoles = m_site.getRoles();
for (Iterator<Role> i = m_azg.getRoles().iterator(); i.hasNext(); ) {
Role role = (Role) i.next();
if (!parentSiteRoles.contains(role)) {
m_azg.removeRole(role.getId());
}
}
// add all new roles from parent site realm
Set<Role> currentRoles = m_azg.getRoles();
for (Iterator<Role> j = parentSiteRoles.iterator(); j.hasNext(); ) {
Role role = (Role) j.next();
if (currentRoles == null || !currentRoles.contains(role)) {
String roleId = role.getId();
try {
m_azg.addRole(roleId, role);
} catch (RoleAlreadyDefinedException rException) {
M_log.warn(
"getAzg: role id "
+ roleId
+ " already used in group "
+ m_azg.getReference()
+ rException.getMessage());
}
}
}
} catch (Exception e1) {
M_log.warn(
"getAzg: cannot access realm of " + m_site.getReference() + e1.getMessage());
}
}
} catch (Throwable t) {
M_log.warn("getAzg: " + t);
}
}
}
return m_azg;
}
/** @inheritDoc */
public String getReference() {
return siteService.siteGroupReference(m_site.getId(), getId());
}
