/** Final initialization, once all dependencies are set. */
public void init() {
try {
m_relativeAccessPoint = REFERENCE_ROOT;
// construct storage and read
m_storage = newStorage();
m_storage.open();
// register as an entity producer
entityManager().registerEntityProducer(this, REFERENCE_ROOT);
// register functions
functionManager().registerFunction(SECURE_ADD_AUTHZ_GROUP);
functionManager().registerFunction(SECURE_REMOVE_AUTHZ_GROUP);
functionManager().registerFunction(SECURE_UPDATE_AUTHZ_GROUP);
functionManager().registerFunction(SECURE_UPDATE_OWN_AUTHZ_GROUP);
// if no provider was set, see if we can find one
if (m_provider == null) {
m_provider = (GroupProvider) ComponentManager.get(GroupProvider.class.getName());
}
M_log.info(
"init(): provider: " + ((m_provider == null) ? "none" : m_provider.getClass().getName()));
} catch (Throwable t) {
M_log.warn("init(); ", t);
}
}
public Object get(Object key) {
// if we have this key exactly, use it
Object value = m_wrapper.get(key);
if (value != null) return value;
// otherwise break up key as a compound id and find what values we have for these
// the values are roles, and we prefer "maintain" to "access"
String rv = null;
String[] ids = m_provider.unpackId((String) key);
for (int i = 0; i < ids.length; i++) {
// try this one
value = m_wrapper.get(ids[i]);
// if we found one already, ask the provider which to keep
if (value != null) {
rv = m_provider.preferredRole((String) value, rv);
}
}
return rv;
}
/** {@inheritDoc} */
public void refreshUser(String userId) {
if ((m_provider == null) || (userId == null)) return;
try {
String eid = userDirectoryService().getUserEid(userId);
// wrap the provided map in our special map that will deal with compound provider ids
Map providerGrants = new ProviderMap(m_provider, m_provider.getGroupRolesForUser(eid));
m_storage.refreshUser(userId, providerGrants);
// update site security for this user - get the user's realms for the three site locks
Set updAuthzGroups = getAuthzGroupsIsAllowed(userId, SiteService.SECURE_UPDATE_SITE, null);
Set unpAuthzGroups =
getAuthzGroupsIsAllowed(userId, SiteService.SITE_VISIT_UNPUBLISHED, null);
Set visitAuthzGroups = getAuthzGroupsIsAllowed(userId, SiteService.SITE_VISIT, null);
// convert from azGroup ids (potential site references) to site ids for those that are site,
// skipping special and user sites other than our user's
Set updSites = new HashSet();
for (Iterator i = updAuthzGroups.iterator(); i.hasNext(); ) {
String azGroupId = (String) i.next();
Reference ref = entityManager().newReference(azGroupId);
if ((SiteService.APPLICATION_ID.equals(ref.getType()))
&& SiteService.SITE_SUBTYPE.equals(ref.getSubType())
&& !SiteService.isSpecialSite(ref.getId())
&& (!SiteService.isUserSite(ref.getId())
|| userId.equals(SiteService.getSiteUserId(ref.getId())))) {
updSites.add(ref.getId());
}
}
Set unpSites = new HashSet();
for (Iterator i = unpAuthzGroups.iterator(); i.hasNext(); ) {
String azGroupId = (String) i.next();
Reference ref = entityManager().newReference(azGroupId);
if ((SiteService.APPLICATION_ID.equals(ref.getType()))
&& SiteService.SITE_SUBTYPE.equals(ref.getSubType())
&& !SiteService.isSpecialSite(ref.getId())
&& (!SiteService.isUserSite(ref.getId())
|| userId.equals(SiteService.getSiteUserId(ref.getId())))) {
unpSites.add(ref.getId());
}
}
Set visitSites = new HashSet();
for (Iterator i = visitAuthzGroups.iterator(); i.hasNext(); ) {
String azGroupId = (String) i.next();
Reference ref = entityManager().newReference(azGroupId);
if ((SiteService.APPLICATION_ID.equals(ref.getType()))
&& SiteService.SITE_SUBTYPE.equals(ref.getSubType())
&& !SiteService.isSpecialSite(ref.getId())
&& (!SiteService.isUserSite(ref.getId())
|| userId.equals(SiteService.getSiteUserId(ref.getId())))) {
visitSites.add(ref.getId());
}
}
SiteService.setUserSecurity(userId, updSites, unpSites, visitSites);
} catch (UserNotDefinedException e) {
M_log.warn("refreshUser: cannot find eid for user: " + userId);
}
}
