private RoleGrantedAuthority renameProject(
RoleGrantedAuthority authority, String projectName, String newProjectName) {
GrantedAuthorityTarget target = authority.getTarget();
String targetId = target.getTargetId();
GrantedAuthorityTarget newTarget = null;
switch (target.getType()) {
case PROJECT:
{
String projName = targetId;
if (projName.equals(projectName)) {
newTarget =
new GrantedAuthorityTarget(newProjectName, GrantedAuthorityTarget.Type.PROJECT);
}
}
break;
case BRANCH:
{
String projName = StringUtils.substringBefore(targetId, "/"); // $NON-NLS-1$
if (projName.equals(projectName)) {
String branchName = StringUtils.substringAfter(targetId, "/"); // $NON-NLS-1$
String newTargetId = newProjectName + "/" + branchName; // $NON-NLS-1$
newTarget = new GrantedAuthorityTarget(newTargetId, GrantedAuthorityTarget.Type.BRANCH);
}
}
break;
}
return (newTarget != null)
? new RoleGrantedAuthority(newTarget, authority.getRoleName())
: null;
}
public void renameRole(String roleName, String newRoleName, User currentUser) throws IOException {
Assert.hasLength(roleName);
Assert.hasLength(newRoleName);
Assert.notNull(currentUser);
// check that role exists by trying to load it
getRole(roleName);
// check that new role does not exist by trying to load it
try {
getRole(newRoleName);
throw new IllegalArgumentException("role already exists: " + newRoleName); // $NON-NLS-1$
} catch (RoleNotFoundException e) {
// okay
}
log.info("renaming role: {} -> {}", roleName, newRoleName); // $NON-NLS-1$
ILockedRepository repo = null;
try {
repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
File workingDir = RepositoryUtil.getWorkingDir(repo.r());
File file = new File(workingDir, roleName + ROLE_SUFFIX);
File newFile = new File(workingDir, newRoleName + ROLE_SUFFIX);
FileUtils.copyFile(file, newFile);
Git git = Git.wrap(repo.r());
git.rm().addFilepattern(roleName + ROLE_SUFFIX).call();
git.add().addFilepattern(newRoleName + ROLE_SUFFIX).call();
List<String> users = listUsers(repo);
users.add(ANONYMOUS_USER_LOGIN_NAME);
for (String user : users) {
List<RoleGrantedAuthority> authorities = getUserAuthorities(user, repo);
Set<RoleGrantedAuthority> newAuthorities = Sets.newHashSet();
for (Iterator<RoleGrantedAuthority> iter = authorities.iterator(); iter.hasNext(); ) {
RoleGrantedAuthority rga = iter.next();
if (rga.getRoleName().equals(roleName)) {
RoleGrantedAuthority newRga = new RoleGrantedAuthority(rga.getTarget(), newRoleName);
newAuthorities.add(newRga);
iter.remove();
}
}
if (!newAuthorities.isEmpty()) {
authorities.addAll(newAuthorities);
saveUserAuthorities(user, Sets.newHashSet(authorities), repo, currentUser, false);
}
}
PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
git.commit()
.setAuthor(ident)
.setCommitter(ident)
.setMessage("rename role " + roleName + " to " + newRoleName) // $NON-NLS-1$ //$NON-NLS-2$
.call();
} catch (GitAPIException e) {
throw new IOException(e);
} finally {
Util.closeQuietly(repo);
}
}
private void saveUserAuthorities(
String loginName,
Set<RoleGrantedAuthority> authorities,
ILockedRepository repo,
User currentUser,
boolean commit)
throws IOException, GitAPIException {
Map<String, Set<String>> authoritiesMap = new HashMap<String, Set<String>>();
for (RoleGrantedAuthority rga : authorities) {
GrantedAuthorityTarget target = rga.getTarget();
String targetStr = target.getType().name() + ":" + target.getTargetId(); // $NON-NLS-1$
Set<String> roleNames = authoritiesMap.get(targetStr);
if (roleNames == null) {
roleNames = Sets.newHashSet();
authoritiesMap.put(targetStr, roleNames);
}
roleNames.add(rga.getRoleName());
}
Gson gson = new GsonBuilder().enableComplexMapKeySerialization().create();
String json = gson.toJson(authoritiesMap);
File workingDir = RepositoryUtil.getWorkingDir(repo.r());
File workingFile = new File(workingDir, loginName + AUTHORITIES_SUFFIX);
FileUtils.write(workingFile, json, Charsets.UTF_8);
Git git = Git.wrap(repo.r());
git.add().addFilepattern(loginName + AUTHORITIES_SUFFIX).call();
if (commit) {
PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
git.commit().setAuthor(ident).setCommitter(ident).setMessage(loginName).call();
}
}
/**
* Converts a {@link RoleGrantedAuthority} to a set of {@link PermissionGrantedAuthority}. This
* method will return an empty set if the role specified by the RoleGrantedAuthority does not
* exist (rather than throwing a {@link RoleNotFoundException}.)
*/
Set<PermissionGrantedAuthority> toPermissionGrantedAuthorities(RoleGrantedAuthority rga)
throws IOException {
Set<PermissionGrantedAuthority> result = Sets.newHashSet();
try {
Role role = getRole(rga.getRoleName());
GrantedAuthorityTarget target = rga.getTarget();
for (Permission permission : role.getPermissions()) {
result.add(new PermissionGrantedAuthority(target, permission));
}
} catch (RoleNotFoundException e) {
// role might have been deleted
}
return result;
}
public void deleteRole(String roleName, User currentUser) throws IOException {
Assert.hasLength(roleName);
Assert.notNull(currentUser);
// check that role exists by trying to load it
getRole(roleName);
ILockedRepository repo = null;
try {
repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
Git git = Git.wrap(repo.r());
git.rm().addFilepattern(roleName + ROLE_SUFFIX).call();
// remove role from all users
List<String> users = listUsers(repo);
users.add(ANONYMOUS_USER_LOGIN_NAME);
for (String user : users) {
List<RoleGrantedAuthority> authorities = getUserAuthorities(user, repo);
boolean changed = false;
for (Iterator<RoleGrantedAuthority> iter = authorities.iterator(); iter.hasNext(); ) {
RoleGrantedAuthority rga = iter.next();
if (rga.getRoleName().equals(roleName)) {
iter.remove();
changed = true;
}
}
if (changed) {
saveUserAuthorities(user, Sets.newHashSet(authorities), repo, currentUser, false);
}
}
PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
git.commit()
.setAuthor(ident)
.setCommitter(ident)
.setMessage("delete role " + roleName) // $NON-NLS-1$
.call();
} catch (GitAPIException e) {
throw new IOException(e);
} finally {
Util.closeQuietly(repo);
}
}
