Examples of com.adito.policyframework.AccessRights

• com.adito.policyframework.AccessRights
  An interface for a list of access rights and rules,

        Realm realm = getDefaultRealm();
        Policy policy = createPolicy(realm);
        User user = createAccount();
        getPolicyService().grantPolicyToPrincipal(policy, user);

        AccessRights accessRights = createAssignAccessRights(getResourceType().getPermissionClass());
        PropertyList selectedPolicies = PropertyList.createFromArray(new int[] {policy.getResourceId()});
        PolicyDatabaseFactory.getInstance().attachResourceToPolicyList(accessRights, selectedPolicies, getSessionInfo());
        PropertyProfile resource = createResource();
        assertTrue("Should be, as one already exists.", getPolicyService().isPrincipalGrantedResourcesOfType(user, resource.getResourceType(), null));
        assertEquals("Should be only one.", getPolicyService().getGrantedResourcesOfType(user, getResourceType()).size(), 1);

        PolicyDatabaseFactory.getInstance().attachResourceToPolicyList(resource, selectedPolicies, getSessionInfo());
        assertEquals("Should be two.", getPolicyService().getGrantedResourcesOfType(user, getResourceType()).size(), 2);

        PolicyDatabaseFactory.getInstance().detachResourceFromPolicyList(resource, getSessionInfo());
        assertEquals("Should be only one.", getPolicyService().getGrantedResourcesOfType(user, getResourceType()).size(), 1);
        getPolicyService().revokePolicyFromPrincipal(policy, user);
        deleteAccount(user);

        PolicyDatabaseFactory.getInstance().detachResourceFromPolicyList(accessRights, getSessionInfo());
        deleteResource(resource);
        getPolicyService().deleteAccessRights(accessRights.getResourceId());
        getPolicyService().deletePolicy(policy.getResourceId());
    }

    public ActionForward edit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        ActionForward actionForward = super.edit(mapping, form, request, response);
        AccessRightsForm arf = (AccessRightsForm) form;
        AccessRights accessRights = (AccessRights) ResourceStack.peekEditingStack(request.getSession());
        if (actionForward.getName().equals("home")){
            // super returned a home, so we must go home.
            return actionForward;
        }
        List<AccessRight> accessRights2 = accessRights.getAccessRights();
        PropertyList selectedAccessRights = new PropertyList();
        for (AccessRight right : accessRights2) {
            String permissionString = CoreUtil.getMessageResources(getSessionInfo(request).getHttpSession(),
                right.getPermission().getBundle()).getMessage("permission." + right.getPermission().getId() + ".title").trim();
            String resourceTypeString = CoreUtil.getMessageResources(getSessionInfo(request).getHttpSession(),
                right.getResourceType().getBundle()).getMessage(
                "resourceType." + right.getResourceType().getResourceTypeId() + ".title").trim();
            String lableString = resourceTypeString + " " + permissionString;
            selectedAccessRights.add(lableString);
        }
        AccessRightsMultiSelectDataSource accessRightsMultiSelectDataSource = new AccessRightsMultiSelectDataSource(accessRights
                        .getAccessRightsClass());
        MultiSelectSelectionModel accessRightsModel = new MultiSelectSelectionModel(getSessionInfo(request),
                        accessRightsMultiSelectDataSource, selectedAccessRights);
        arf.setAccessRightsModel(accessRightsModel);
        arf.setSelectedAccessRights(selectedAccessRights);

     *      javax.servlet.http.HttpServletResponse)
     */
    public ActionForward commit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        AccessRightsForm arf = (AccessRightsForm) form;
        AccessRights resource = (AccessRights) arf.getResource();
        PropertyList selectedAccessRightsList = arf.getSelectedAccessRightsList();
        resource.getAccessRights().clear();
        resource.setAllAccessRights(getSessionInfo(request).getHttpSession(), selectedAccessRightsList);
        saveMessage(request, "editAccessRights.message.saved", resource);
        super.commit(mapping, form, request, response);
        return getRedirectWithMessages(mapping, request);
    }

    /* (non-Javadoc)
     * @see com.adito.policyframework.actions.AbstractResourcesDispatchAction#remove(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
     */
    public ActionForward remove(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        AccessRights resource = (AccessRights) getSelectedResource(form);
        super.remove(mapping, form, request, response);
        saveMessage(request, "access.rights.deleted.message", resource);
        return getRedirectWithMessages(mapping, request);
    }

   * @see com.adito.policyframework.PolicyDatabase#getAccessRightsByName(java.lang.String, int)
   */
  public AccessRights getAccessRightsByName(String name, int realmID)
      throws Exception {
    String cacheKey = "resourcePermissionByName-" + name + "-realm id-" + realmID;
    AccessRights resourcePermission = (AccessRights) policyCache
        .retrieve(cacheKey);
    if (resourcePermission == null) {
      JDBCPreparedStatement ps = db
          .getStatement("getResourcePermissionByName.select");
      ps.setString(1, name);

   *
   * @see com.adito.policyframework.PolicyDatabase#getResourcePermission(int)
   */
  public AccessRights getAccessRight(int id) throws Exception {
    String cacheKey = "resourcePermission-" + id;
    AccessRights resourcePermission = (AccessRights) policyCache
        .retrieve(cacheKey);
    if (resourcePermission == null) {
      JDBCPreparedStatement ps = db
          .getStatement("getResourcePermission.select");
      ps.setInt(1, id);

      if (LogonControllerFactory.getInstance().isAdministrator(
          user)) {
        val = Boolean.TRUE;
      } else {
        List resourcePermissions = getAccessRights();
        AccessRights resourcePermission = null;
        for (Iterator i = resourcePermissions.iterator(); val == null
            && i.hasNext();) {
          resourcePermission = (AccessRights) i.next();
          if (system
              && resourcePermission.getAccessRightsClass().equals(
                  PolicyConstants.SYSTEM_CLASS)
              || delegation
              && resourcePermission.getAccessRightsClass().equals(
                  PolicyConstants.DELEGATION_CLASS)
              || personal
              && resourcePermission.getAccessRightsClass().equals(
                  PolicyConstants.PERSONAL_CLASS))
            if (isPrincipalAllowed(user, resourcePermission, true)) {
              val = Boolean.TRUE;
            }
        }

        List<AccessRight> listAccessRight;
        listAccessRight = (List) policyCache.retrieve(cacheKey);
        if (listAccessRight == null) {
            listAccessRight = new ArrayList<AccessRight>();
            List resourcePermissions = getAccessRights(user.getRealm().getRealmID());
            AccessRights resourcePermission = null;
            for (Iterator i = resourcePermissions.iterator(); i.hasNext();) {
                resourcePermission = (AccessRights) i.next();
                if (system && resourcePermission.getAccessRightsClass().equals(PolicyConstants.SYSTEM_CLASS) || delegation
                                && resourcePermission.getAccessRightsClass().equals(PolicyConstants.DELEGATION_CLASS) || personal
                                && resourcePermission.getAccessRightsClass().equals(PolicyConstants.PERSONAL_CLASS)) {
                    if (isPrincipalAllowed(user, resourcePermission, true)
                                    || LogonControllerFactory.getInstance().isAdministrator(user)) {
                        listAccessRight.addAll(resourcePermission.getAccessRights());
                    }
                }
            }
            storeToCache(cacheKey, (Serializable) listAccessRight);
        }

      if (LogonControllerFactory.getInstance().isAdministrator(
          user)) {
        val = Boolean.TRUE;
      } else {
        List resourcePermissions = getAccessRights();
        AccessRights resourcePermission = null;
        AccessRight permission = null;
        // Iterator through all resource permissions
        Map<String,Boolean> matched = new HashMap<String,Boolean>();
        for (Iterator i = resourcePermissions.iterator(); val == null
            && i.hasNext();) {
          resourcePermission = (AccessRights) i.next();
          // Iterator through all permissions in the resource
          for (Iterator j = resourcePermission.getAccessRights()
              .iterator(); val == null && j.hasNext();) {
            permission = (AccessRight) j.next();
            // Until the resource type matches
            if (resourceType.equals(permission.getResourceType())) {
              // Check the mask, at least one must match

                user)) {
                val = Boolean.TRUE;
            } else {
                val = Boolean.FALSE;
                List resourcePermissions = getAccessRights();
                AccessRights resourcePermission = null;
                AccessRight permission = null;
                // Iterator through all resource permissions

                for (Iterator i = resourcePermissions.iterator();  !val && i.hasNext();) {
                    resourcePermission = (AccessRights) i.next();
                    // Iterator through all permissions in the resource
                    for (Iterator j = resourcePermission.getAccessRights().iterator();  !val && j.hasNext();) {
                        permission = (AccessRight) j.next();
                        // Until the resource type matches
                        if (resource.getResourceType().equals(permission.getResourceType())) {