1 package org.apache.turbine.services.security;
2
3 /*
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
19 * under the License.
20 */
21
22
23 import org.apache.turbine.om.security.Group;
24 import org.apache.turbine.om.security.Permission;
25 import org.apache.turbine.om.security.Role;
26 import org.apache.turbine.om.security.User;
27 import org.apache.turbine.services.TurbineServices;
28 import org.apache.turbine.util.security.AccessControlList;
29 import org.apache.turbine.util.security.DataBackendException;
30 import org.apache.turbine.util.security.EntityExistsException;
31 import org.apache.turbine.util.security.GroupSet;
32 import org.apache.turbine.util.security.PasswordMismatchException;
33 import org.apache.turbine.util.security.PermissionSet;
34 import org.apache.turbine.util.security.RoleSet;
35 import org.apache.turbine.util.security.TurbineSecurityException;
36 import org.apache.turbine.util.security.UnknownEntityException;
37
38 /**
39 * This is a Facade class for SecurityService.
40 *
41 * This class provides static methods that call related methods of the
42 * implementation of SecurityService used by the System, according to
43 * the settings in TurbineResources.
44 * <br>
45 *
46 * <a name="global">
47 * <p> Certain Roles that the Users may have in the system may are not related
48 * to any specific resource nor entity. They are assigned within a special group
49 * named 'global' that can be referenced in the code as
50 * {@link org.apache.turbine.om.security.Group#GLOBAL_GROUP_NAME}.
51 *
52 * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
53 * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
54 * @version $Id: TurbineSecurity.java 1096130 2011-04-23 10:37:19Z ludwig $
55 */
56 public abstract class TurbineSecurity
57 {
58 /**
59 * Retrieves an implementation of SecurityService, base on the settings in
60 * TurbineResources.
61 *
62 * @return an implementation of SecurityService.
63 */
64 public static SecurityService getService()
65 {
66 return (SecurityService) TurbineServices.getInstance().
67 getService(SecurityService.SERVICE_NAME);
68 }
69
70 /*-----------------------------------------------------------------------
71 Management of User objects
72 -----------------------------------------------------------------------*/
73
74 /**
75 * This method provides client-side encryption of passwords.
76 *
77 * This is an utility method that is used by other classes to maintain
78 * a consistent approach to encrypting password. The behavior of the
79 * method can be configured in service's properties.
80 *
81 * @param password the password to process
82 * @return processed password
83 */
84 public static String encryptPassword(String password)
85 {
86 return getService().encryptPassword(password);
87 }
88
89 /**
90 * This method provides client-side encryption of passwords.
91 *
92 * This is an utility method that is used by other classes to maintain
93 * a consistent approach to encrypting password. The behavior of the
94 * method can be configured in service's properties.
95 *
96 * @param password the password to process
97 * @param salt the supplied salt to encrypt the password
98 * @return processed password
99 */
100 public static String encryptPassword(String password, String salt)
101 {
102 return getService().encryptPassword(password, salt);
103 }
104
105 /**
106 * Checks if a supplied password matches the encrypted password
107 *
108 * @param checkpw The clear text password supplied by the user
109 * @param encpw The current, encrypted password
110 *
111 * @return true if the password matches, else false
112 *
113 */
114
115 public static boolean checkPassword(String checkpw, String encpw)
116 {
117 return getService().checkPassword(checkpw, encpw);
118 }
119
120 /*-----------------------------------------------------------------------
121 Getting Object Classes
122 -----------------------------------------------------------------------*/
123
124 /**
125 * Returns the Class object for the implementation of User interface
126 * used by the system.
127 *
128 * @return the implementation of User interface used by the system.
129 * @throws UnknownEntityException if the system's implementation of User
130 * interface could not be determined.
131 */
132 public static Class getUserClass()
133 throws UnknownEntityException
134 {
135 return getService().getUserClass();
136 }
137
138 /**
139 * Returns the Class object for the implementation of Group interface
140 * used by the system.
141 *
142 * @return the implementation of Group interface used by the system.
143 * @throws UnknownEntityException if the system's implementation of Group
144 * interface could not be determined.
145 */
146 public static Class getGroupClass()
147 throws UnknownEntityException
148 {
149 return getService().getGroupClass();
150 }
151
152 /**
153 * Returns the Class object for the implementation of Permission interface
154 * used by the system.
155 *
156 * @return the implementation of Permission interface used by the system.
157 * @throws UnknownEntityException if the system's implementation of Permission
158 * interface could not be determined.
159 */
160 public static Class getPermissionClass()
161 throws UnknownEntityException
162 {
163 return getService().getPermissionClass();
164 }
165
166 /**
167 * Returns the Class object for the implementation of Role interface
168 * used by the system.
169 *
170 * @return the implementation of Role interface used by the system.
171 * @throws UnknownEntityException if the system's implementation of Role
172 * interface could not be determined.
173 */
174 public static Class getRoleClass()
175 throws UnknownEntityException
176 {
177 return getService().getRoleClass();
178 }
179
180 /**
181 * Construct a blank User object.
182 *
183 * This method calls getUserClass, and then creates a new object using
184 * the default constructor.
185 *
186 * @return an object implementing User interface.
187 * @throws UnknownEntityException if the object could not be instantiated.
188 */
189 public static User getUserInstance()
190 throws UnknownEntityException
191 {
192 return getService().getUserInstance();
193 }
194
195 /**
196 * Returns the configured UserManager.
197 *
198 * @return An UserManager object
199 */
200 public static UserManager getUserManager()
201 {
202 return getService().getUserManager();
203 }
204
205 /**
206 * Configure a new user Manager.
207 *
208 * @param userManager An UserManager object
209 */
210 public void setUserManager(UserManager userManager)
211 {
212 getService().setUserManager(userManager);
213 }
214
215 /**
216 * Check whether a specified user's account exists.
217 *
218 * The login name is used for looking up the account.
219 *
220 * @param user The user to be checked.
221 * @return true if the specified account exists
222 * @throws DataBackendException if there was an error accessing the data
223 * backend.
224 */
225 public static boolean accountExists(User user)
226 throws DataBackendException
227 {
228 return getService().accountExists(user);
229 }
230
231 /**
232 * Check whether a specified user's account exists.
233 *
234 * The login name is used for looking up the account.
235 *
236 * @param userName The name of the user to be checked.
237 * @return true if the specified account exists
238 * @throws DataBackendException if there was an error accessing the data
239 * backend.
240 */
241 public static boolean accountExists(String userName)
242 throws DataBackendException
243 {
244 return getService().accountExists(userName);
245 }
246
247 /**
248 * Authenticates an user, and constructs an User object to represent
249 * him/her.
250 *
251 * @param username The user name.
252 * @param password The user password.
253 * @return An authenticated Turbine User.
254 * @throws DataBackendException if there was an error accessing the data
255 * backend.
256 * @throws UnknownEntityException if user account is not present.
257 * @throws PasswordMismatchException if the supplied password was incorrect.
258 */
259 public static User getAuthenticatedUser(String username, String password)
260 throws DataBackendException, UnknownEntityException,
261 PasswordMismatchException
262 {
263 return getService().getAuthenticatedUser(username, password);
264 }
265
266 /**
267 * Constructs an User object to represent a registered user of the
268 * application.
269 *
270 * @param username The user name.
271 * @return A Turbine User.
272 * @throws DataBackendException if there was an error accessing the data
273 * backend.
274 * @throws UnknownEntityException if user account is not present.
275 */
276 public static User getUser(String username)
277 throws DataBackendException, UnknownEntityException
278 {
279 return getService().getUser(username);
280 }
281
282 /**
283 * Constructs an User object to represent an anonymous user of the
284 * application.
285 *
286 * @return An anonymous Turbine User.
287 * @throws UnknownEntityException if the anonymous User object couldn't be
288 * constructed.
289 */
290 public static User getAnonymousUser()
291 throws UnknownEntityException
292 {
293 return getService().getAnonymousUser();
294 }
295
296 /**
297 * Checks whether a passed user object matches the anonymous user pattern
298 * according to the configured service
299 *
300 * @param user A user object
301 * @return True if this is an anonymous user
302 */
303 public static boolean isAnonymousUser(User user)
304 {
305 return getService().isAnonymousUser(user);
306 }
307
308 /**
309 * Saves User's data in the permanent storage. The user account is required
310 * to exist in the storage.
311 *
312 * @param user The User object to save.
313 * @throws UnknownEntityException if the user's account does not
314 * exist in the database.
315 * @throws DataBackendException if there is a problem accessing the
316 * storage.
317 */
318 public static void saveUser(User user)
319 throws UnknownEntityException, DataBackendException
320 {
321 getService().saveUser(user);
322 }
323
324 /**
325 * Saves User data when the session is unbound. The user account is required
326 * to exist in the storage.
327 *
328 * LastLogin, AccessCounter, persistent pull tools, and any data stored
329 * in the permData hashtable that is not mapped to a column will be saved.
330 *
331 * @exception UnknownEntityException if the user's account does not
332 * exist in the database.
333 * @exception DataBackendException if there is a problem accessing the
334 * storage.
335 */
336 public static void saveOnSessionUnbind(User user)
337 throws UnknownEntityException, DataBackendException
338 {
339 getService().saveOnSessionUnbind(user);
340 }
341
342 /**
343 * Change the password for an User.
344 *
345 * @param user an User to change password for.
346 * @param oldPassword the current password supplied by the user.
347 * @param newPassword the current password requested by the user.
348 * @throws PasswordMismatchException if the supplied password was
349 * incorrect.
350 * @throws UnknownEntityException if the user's record does not
351 * exist in the database.
352 * @throws DataBackendException if there is a problem accessing the
353 * storage.
354 */
355 public static void changePassword(User user, String oldPassword,
356 String newPassword)
357 throws PasswordMismatchException, UnknownEntityException,
358 DataBackendException
359 {
360 getService().changePassword(user, oldPassword, newPassword);
361 }
362
363 /**
364 * Forcibly sets new password for an User.
365 *
366 * This is supposed by the administrator to change the forgotten or
367 * compromised passwords. Certain implementatations of this feature
368 * would require administrative level access to the authenticating
369 * server / program.
370 *
371 * @param user an User to change password for.
372 * @param password the new password.
373 * @throws UnknownEntityException if the user's record does not
374 * exist in the database.
375 * @throws DataBackendException if there is a problem accessing the
376 * storage.
377 */
378 public static void forcePassword(User user, String password)
379 throws UnknownEntityException, DataBackendException
380 {
381 getService().forcePassword(user, password);
382 }
383
384 /*-----------------------------------------------------------------------
385 Creation of AccessControlLists
386 -----------------------------------------------------------------------*/
387
388 /**
389 * Constructs an AccessControlList for a specific user.
390 *
391 * @param user the user for whom the AccessControlList are to be retrieved
392 * @return The AccessControList object constructed from the user object.
393 * @throws DataBackendException if there was an error accessing the data
394 * backend.
395 * @throws UnknownEntityException if user account is not present.
396 */
397 public static AccessControlList getACL(User user)
398 throws DataBackendException, UnknownEntityException
399 {
400 return getService().getACL(user);
401 }
402
403 /*-----------------------------------------------------------------------
404 Security management
405 -----------------------------------------------------------------------*/
406
407 /**
408 * Grant an User a Role in a Group.
409 *
410 * @param user the user.
411 * @param group the group.
412 * @param role the role.
413 * @throws DataBackendException if there was an error accessing the data
414 * backend.
415 * @throws UnknownEntityException if user account, group or role is not
416 * present.
417 */
418 public static void grant(User user, Group group, Role role)
419 throws DataBackendException, UnknownEntityException
420 {
421 getService().grant(user, group, role);
422 }
423
424 /**
425 * Revoke a Role in a Group from an User.
426 *
427 * @param user the user.
428 * @param group the group.
429 * @param role the role.
430 * @throws DataBackendException if there was an error accessing the data
431 * backend.
432 * @throws UnknownEntityException if user account, group or role is not
433 * present.
434 */
435 public static void revoke(User user, Group group, Role role)
436 throws DataBackendException, UnknownEntityException
437 {
438 getService().revoke(user, group, role);
439 }
440
441 /**
442 * Revokes all roles from an User.
443 *
444 * This method is used when deleting an account.
445 *
446 * @param user the User.
447 * @throws DataBackendException if there was an error accessing the data
448 * backend.
449 * @throws UnknownEntityException if the account is not present.
450 */
451 public static void revokeAll(User user)
452 throws DataBackendException, UnknownEntityException
453 {
454 getService().revokeAll(user);
455 }
456
457 /**
458 * Grants a Role a Permission
459 *
460 * @param role the Role.
461 * @param permission the Permission.
462 * @throws DataBackendException if there was an error accessing the data
463 * backend.
464 * @throws UnknownEntityException if role or permission is not present.
465 */
466 public static void grant(Role role, Permission permission)
467 throws DataBackendException, UnknownEntityException
468 {
469 getService().grant(role, permission);
470 }
471
472 /**
473 * Revokes a Permission from a Role.
474 *
475 * @param role the Role.
476 * @param permission the Permission.
477 * @throws DataBackendException if there was an error accessing the data
478 * backend.
479 * @throws UnknownEntityException if role or permission is not present.
480 */
481 public static void revoke(Role role, Permission permission)
482 throws DataBackendException, UnknownEntityException
483 {
484 getService().revoke(role, permission);
485 }
486
487 /**
488 * Revokes all permissions from a Role.
489 *
490 * This method is user when deleting a Role.
491 *
492 * @param role the Role
493 * @throws DataBackendException if there was an error accessing the data
494 * backend.
495 * @throws UnknownEntityException if the Role is not present.
496 */
497 public static void revokeAll(Role role)
498 throws DataBackendException, UnknownEntityException
499 {
500 getService().revokeAll(role);
501 }
502
503 /*-----------------------------------------------------------------------
504 Account management
505 -----------------------------------------------------------------------*/
506
507 /**
508 * Creates new user account with specified attributes.
509 *
510 * <strong>TODO</strong> throw more specific exception<br>
511 *
512 * @param user the object describing account to be created.
513 * @param password password for the new user
514 * @throws DataBackendException if there was an error accessing the data
515 * backend.
516 * @throws EntityExistsException if the user account already exists.
517 */
518 public static void addUser(User user, String password)
519 throws DataBackendException, EntityExistsException
520 {
521 getService().addUser(user, password);
522 }
523
524 /**
525 * Removes an user account from the system.
526 *
527 * <strong>TODO</strong> throw more specific exception<br>
528 *
529 * @param user the object describing the account to be removed.
530 * @throws DataBackendException if there was an error accessing the data
531 * backend.
532 * @throws UnknownEntityException if the user account is not present.
533 */
534 public static void removeUser(User user)
535 throws DataBackendException, UnknownEntityException
536 {
537 getService().removeUser(user);
538 }
539
540 /*-----------------------------------------------------------------------
541 Group/Role/Permission management
542 -----------------------------------------------------------------------*/
543 /**
544 * Provides a reference to the Group object that represents the
545 * <a name="global">global group</a>.
546 *
547 * @return a Group object that represents the global group.
548 */
549 public static Group getGlobalGroup()
550 {
551 return getService().getGlobalGroup();
552 }
553
554 /**
555 * Creates a new Group in the system. This is a convenience
556 * method.
557 *
558 * @param name The name of the new Group.
559 * @return An object representing the new Group.
560 * @throws TurbineSecurityException if the Group could not be created.
561 */
562 public static Group createGroup(String name)
563 throws TurbineSecurityException
564 {
565 return getService().addGroup(getGroupInstance(name));
566 }
567
568 /**
569 * Creates a new Permission in the system. This is a convenience
570 * method.
571 *
572 * @param name The name of the new Permission.
573 * @return An object representing the new Permission.
574 * @throws TurbineSecurityException if the Permission could not be created.
575 */
576 public static Permission createPermission(String name)
577 throws TurbineSecurityException
578 {
579 return getService().addPermission(getPermissionInstance(name));
580 }
581
582 /**
583 * Creates a new Role in the system. This is a convenience
584 * method.
585 *
586 * @param name The name of the Role.
587 *
588 * @return An object representing the new Role.
589 *
590 * @throws TurbineSecurityException if the Role could not be created.
591 */
592 public static Role createRole(String name)
593 throws TurbineSecurityException
594 {
595 return getService().addRole(getRoleInstance(name));
596 }
597
598 /**
599 * Retrieve a Group object with specified name.
600 *
601 * @param groupName The name of the Group to be retrieved.
602 * @return an object representing the Group with specified name.
603 * @throws DataBackendException if there was an error accessing the data
604 * backend.
605 * @throws UnknownEntityException if the Group is not present.
606 */
607 public static Group getGroupByName(String groupName)
608 throws DataBackendException, UnknownEntityException
609 {
610 return getService().getGroupByName(groupName);
611 }
612
613 /**
614 * Retrieve a Group object with specified Id.
615 *
616 * @param name the name of the Group.
617 *
618 * @return an object representing the Group with specified name.
619 *
620 * @exception UnknownEntityException if the permission does not
621 * exist in the database.
622 * @exception DataBackendException if there is a problem accessing the
623 * storage.
624 */
625 public static Group getGroupById(int groupId)
626 throws DataBackendException,
627 UnknownEntityException
628 {
629 return getService().getGroupById(groupId);
630 }
631
632 /**
633 * Construct a blank Group object.
634 *
635 * This method calls getGroupClass, and then creates a new object using
636 * the default constructor.
637 *
638 * @param groupName The name of the Group
639 *
640 * @return an object implementing Group interface.
641 *
642 * @throws UnknownEntityException if the object could not be instantiated.
643 */
644 public static Group getGroupInstance(String groupName)
645 throws UnknownEntityException
646 {
647 return getService().getGroupInstance(groupName);
648 }
649
650 /**
651 * Construct a blank Role object.
652 *
653 * This method calls getRoleClass, and then creates a new object using
654 * the default constructor.
655 *
656 * @param roleName The name of the role.
657 *
658 * @return an object implementing Role interface.
659 *
660 * @throws UnknownEntityException if the object could not be instantiated.
661 */
662 public static Role getRoleInstance(String roleName)
663 throws UnknownEntityException
664 {
665 return getService().getRoleInstance(roleName);
666 }
667
668 /**
669 * Construct a blank Permission object.
670 *
671 * This method calls getPermissionClass, and then creates a new object using
672 * the default constructor.
673 *
674 * @param permName The name of the permission.
675 *
676 * @return an object implementing Permission interface.
677 * @throws UnknownEntityException if the object could not be instantiated.
678 */
679 public static Permission getPermissionInstance(String permName)
680 throws UnknownEntityException
681 {
682 return getService().getPermissionInstance(permName);
683 }
684
685 /**
686 * Retrieve a Role object with specified name.
687 *
688 * @param roleName The name of the Role to be retrieved.
689 * @return an object representing the Role with specified name.
690 * @throws DataBackendException if there was an error accessing the data
691 * backend.
692 * @throws UnknownEntityException if the Role is not present.
693 */
694 public static Role getRoleByName(String roleName)
695 throws DataBackendException, UnknownEntityException
696 {
697 return getService().getRoleByName(roleName);
698 }
699
700 /**
701 * Retrieve a Role object with specified Id.
702 *
703 * @param name the name of the Role.
704 *
705 * @return an object representing the Role with specified name.
706 *
707 * @exception UnknownEntityException if the permission does not
708 * exist in the database.
709 * @exception DataBackendException if there is a problem accessing the
710 * storage.
711 */
712 public static Role getRoleById(int roleId)
713 throws DataBackendException,
714 UnknownEntityException
715 {
716 return getService().getRoleById(roleId);
717 }
718
719 /**
720 * Retrieve a Permission object with specified name.
721 *
722 * @param permissionName The name of the Permission to be retrieved.
723 * @return an object representing the Permission with specified name.
724 * @throws DataBackendException if there was an error accessing the data
725 * backend.
726 * @throws UnknownEntityException if the Permission is not present.
727 */
728 public static Permission getPermissionByName(String permissionName)
729 throws DataBackendException, UnknownEntityException
730 {
731 return getService().getPermissionByName(permissionName);
732 }
733
734 /**
735 * Retrieve a Permission object with specified Id.
736 *
737 * @param name the name of the Permission.
738 *
739 * @return an object representing the Permission with specified name.
740 *
741 * @exception UnknownEntityException if the permission does not
742 * exist in the database.
743 * @exception DataBackendException if there is a problem accessing the
744 * storage.
745 */
746 public static Permission getPermissionById(int permissionId)
747 throws DataBackendException,
748 UnknownEntityException
749 {
750 return getService().getPermissionById(permissionId);
751 }
752
753 /**
754 * Retrieve a set of Groups that meet the specified Criteria.
755 *
756 * @param criteria A Criteria of Group selection.
757 * @return a set of Groups that meet the specified Criteria.
758 * @throws DataBackendException if there was an error accessing the data
759 * backend.
760 */
761 public static GroupSet getGroups(Object criteria)
762 throws DataBackendException
763 {
764 return getService().getGroups(criteria);
765 }
766
767 /**
768 * Retrieve a set of Roles that meet the specified Criteria.
769 *
770 * @param criteria a Criteria of Roles selection.
771 * @return a set of Roles that meet the specified Criteria.
772 * @throws DataBackendException if there was an error accessing the data
773 * backend.
774 */
775 public static RoleSet getRoles(Object criteria)
776 throws DataBackendException
777 {
778 return getService().getRoles(criteria);
779 }
780
781 /**
782 * Retrieve a set of Permissions that meet the specified Criteria.
783 *
784 * @param criteria a Criteria of Permissions selection.
785 * @return a set of Permissions that meet the specified Criteria.
786 * @throws DataBackendException if there was an error accessing the data
787 * backend.
788 */
789 public static PermissionSet getPermissions(Object criteria)
790 throws DataBackendException
791 {
792 return getService().getPermissions(criteria);
793 }
794
795 /**
796 * Retrieves all groups defined in the system.
797 *
798 * @return the names of all groups defined in the system.
799 * @throws DataBackendException if there was an error accessing the data
800 * backend.
801 */
802 public static GroupSet getAllGroups()
803 throws DataBackendException
804 {
805 return getService().getAllGroups();
806 }
807
808 /**
809 * Retrieves all roles defined in the system.
810 *
811 * @return the names of all roles defined in the system.
812 * @throws DataBackendException if there was an error accessing the data
813 * backend.
814 */
815 public static RoleSet getAllRoles()
816 throws DataBackendException
817 {
818 return getService().getAllRoles();
819 }
820
821 /**
822 * Retrieves all permissions defined in the system.
823 *
824 * @return the names of all roles defined in the system.
825 * @throws DataBackendException if there was an error accessing the data
826 * backend.
827 */
828 public static PermissionSet getAllPermissions()
829 throws DataBackendException
830 {
831 return getService().getAllPermissions();
832 }
833
834 /**
835 * Retrieves all permissions associated with a role.
836 *
837 * @param role the role name, for which the permissions are to be retrieved.
838 * @return the Permissions for the specified role
839 * @throws DataBackendException if there was an error accessing the data
840 * backend.
841 * @throws UnknownEntityException if the role is not present.
842 */
843 public static PermissionSet getPermissions(Role role)
844 throws DataBackendException, UnknownEntityException
845 {
846 return getService().getPermissions(role);
847 }
848
849 /**
850 * Stores Group's attributes. The Groups is required to exist in the system.
851 *
852 * @param group The Group to be stored.
853 * @throws DataBackendException if there was an error accessing the data
854 * backend.
855 * @throws UnknownEntityException if the group does not exist.
856 */
857 public static void saveGroup(Group group)
858 throws DataBackendException, UnknownEntityException
859 {
860 getService().saveGroup(group);
861 }
862
863 /**
864 * Stores Role's attributes. The Roles is required to exist in the system.
865 *
866 * @param role The Role to be stored.
867 * @throws DataBackendException if there was an error accessing the data
868 * backend.
869 * @throws UnknownEntityException if the role does not exist.
870 */
871 public static void saveRole(Role role)
872 throws DataBackendException, UnknownEntityException
873 {
874 getService().saveRole(role);
875 }
876
877 /**
878 * Stores Permission's attributes. The Permissions is required to exist in
879 * the system.
880 *
881 * @param permission The Permission to be stored.
882 * @throws DataBackendException if there was an error accessing the data
883 * backend.
884 * @throws UnknownEntityException if the permission does not exist.
885 */
886 public static void savePermission(Permission permission)
887 throws DataBackendException, UnknownEntityException
888 {
889 getService().savePermission(permission);
890 }
891
892 /**
893 * Creates a new group with specified attributes.
894 *
895 * @param group the object describing the group to be created.
896 * @throws DataBackendException if there was an error accessing the data
897 * backend.
898 * @throws EntityExistsException if the group already exists.
899 */
900 public static void addGroup(Group group)
901 throws DataBackendException, EntityExistsException
902 {
903 getService().addGroup(group);
904 }
905
906 /**
907 * Creates a new role with specified attributes.
908 *
909 * @param role the objects describing the role to be created.
910 * @throws DataBackendException if there was an error accessing the data
911 * backend.
912 * @throws EntityExistsException if the role already exists.
913 */
914 public static void addRole(Role role)
915 throws DataBackendException, EntityExistsException
916 {
917 getService().addRole(role);
918 }
919
920 /**
921 * Creates a new permission with specified attributes.
922 *
923 * @param permission the objects describing the permission to be created.
924 * @throws DataBackendException if there was an error accessing the data
925 * backend.
926 * @throws EntityExistsException if the permission already exists.
927 */
928 public static void addPermission(Permission permission)
929 throws DataBackendException, EntityExistsException
930 {
931 getService().addPermission(permission);
932 }
933
934 /**
935 * Removes a Group from the system.
936 *
937 * @param group the object describing group to be removed.
938 * @throws DataBackendException if there was an error accessing the data
939 * backend.
940 * @throws UnknownEntityException if the group does not exist.
941 */
942 public static void removeGroup(Group group)
943 throws DataBackendException, UnknownEntityException
944 {
945 getService().removeGroup(group);
946 }
947
948 /**
949 * Removes a Role from the system.
950 *
951 * @param role The object describing the role to be removed.
952 * @throws DataBackendException if there was an error accessing the data backend.
953 * @throws UnknownEntityException if the role does not exist.
954 */
955 public static void removeRole(Role role)
956 throws DataBackendException, UnknownEntityException
957 {
958 getService().removeRole(role);
959 }
960
961 /**
962 * Removes a Permission from the system.
963 *
964 * @param permission The object describing the permission to be removed.
965 * @throws DataBackendException if there was an error accessing the data
966 * backend.
967 * @throws UnknownEntityException if the permission does not exist.
968 */
969 public static void removePermission(Permission permission)
970 throws DataBackendException, UnknownEntityException
971 {
972 getService().removePermission(permission);
973 }
974
975 /**
976 * Renames an existing Group.
977 *
978 * @param group The object describing the group to be renamed.
979 * @param name the new name for the group.
980 * @throws DataBackendException if there was an error accessing the data
981 * backend.
982 * @throws UnknownEntityException if the group does not exist.
983 */
984 public static void renameGroup(Group group, String name)
985 throws DataBackendException, UnknownEntityException
986 {
987 getService().renameGroup(group, name);
988 }
989
990 /**
991 * Renames an existing Role.
992 *
993 * @param role The object describing the role to be renamed.
994 * @param name the new name for the role.
995 * @throws DataBackendException if there was an error accessing the data
996 * backend.
997 * @throws UnknownEntityException if the role does not exist.
998 */
999 public static void renameRole(Role role, String name)
1000 throws DataBackendException, UnknownEntityException
1001 {
1002 getService().renameRole(role, name);
1003 }
1004
1005 /**
1006 * Renames an existing Permission.
1007 *
1008 * @param permission The object describing the permission to be renamed.
1009 * @param name the new name for the permission.
1010 * @throws DataBackendException if there was an error accessing the data
1011 * backend.
1012 * @throws UnknownEntityException if the permission does not exist.
1013 */
1014 public static void renamePermission(Permission permission, String name)
1015 throws DataBackendException, UnknownEntityException
1016 {
1017 getService().renamePermission(permission, name);
1018 }
1019 }