RoleEntity.java example

Explorer
eucalyptus-master
- clc
  - modules
/*************************************************************************
 * Copyright 2009-2015 Eucalyptus Systems, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; version 3 of the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see http://www.gnu.org/licenses/.
 *
 * Please contact Eucalyptus Systems, Inc., 6755 Hollister Ave., Goleta
 * CA 93117, USA or visit http://www.eucalyptus.com/licenses/ if you need
 * additional information or have any questions.
 ************************************************************************/
package com.eucalyptus.auth.euare.persist.entities;

import static com.eucalyptus.upgrade.Upgrades.Version.v4_2_0;
import java.io.Serializable;
import java.util.Set;
import java.util.concurrent.Callable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Index;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne;
import javax.persistence.OneToMany;
import javax.persistence.OneToOne;
import javax.persistence.PersistenceContext;
import javax.persistence.PrePersist;
import javax.persistence.PreUpdate;
import javax.persistence.Table;
import org.apache.log4j.Logger;
import org.hibernate.annotations.NotFound;
import org.hibernate.annotations.NotFoundAction;
import com.eucalyptus.auth.util.Identifiers;
import com.eucalyptus.component.id.Euare;
import com.eucalyptus.crypto.Crypto;
import com.eucalyptus.entities.AbstractPersistent;
import com.eucalyptus.upgrade.Upgrades;
import groovy.sql.Sql;

/**
 * Database entity for a role.
 */
@Entity
@PersistenceContext( name = "eucalyptus_auth" )
@Table( name = "auth_role", indexes = {
    @Index( name = "auth_role_name_idx", columnList = "auth_role_name" ),
    @Index( name = "auth_role_owning_account_idx", columnList = "auth_role_owning_account" )
} )
public class RoleEntity extends AbstractPersistent implements Serializable {

  private static final long serialVersionUID = 1L;

  // The Role ID the user facing role id which conforms to length and character restrictions per spec.
  @Column( name = "auth_role_id_external", nullable = false, updatable = false, unique = true )
  private String roleId;

  // Role name
  @Column( name = "auth_role_name", nullable = false)
  private String name;

  // Role path (prefix to organize role name space)
  @Column( name = "auth_role_path", nullable = false )
  private String path;

  @Column( name="auth_role_secret", nullable = false )
  private String secret;

  @OneToOne( cascade = CascadeType.ALL, optional = false, orphanRemoval = true )
  @JoinColumn( name = "auth_role_assume_role_policy_id", nullable = false )
  private PolicyEntity assumeRolePolicy;

  @OneToMany( cascade = CascadeType.ALL, mappedBy = "role" )
  private Set<PolicyEntity> policies;

  // Attached policies for the role
  @NotFound( action = NotFoundAction.IGNORE )
  @JoinTable( name = "auth_role_attached_policies",
      joinColumns =        @JoinColumn( name = "auth_role_id" ),
      inverseJoinColumns = @JoinColumn( name = "auth_managed_policy_id" ) )
  @ManyToMany
  Set<ManagedPolicyEntity> attachedPolicies;

  @OneToMany( mappedBy = "role" )
  private Set<InstanceProfileEntity> instanceProfiles;

  @ManyToOne
  @JoinColumn( name = "auth_role_owning_account", nullable = false )
  private AccountEntity account;

  @Column( name = "auth_role_unique_name", unique = true, nullable = false )
  private String uniqueName;

  public RoleEntity( ) {
  }

  public RoleEntity( final String name ) {
    this( );
    this.name = name;
  }

  public String getRoleId() {
    return roleId;
  }

  public void setRoleId( final String roleId ) {
    this.roleId = roleId;
  }

  public String getName() {
    return name;
  }

  public void setName( final String name ) {
    this.name = name;
  }

  public String getPath() {
    return path;
  }

  public void setPath( final String path ) {
    this.path = path;
  }

  public String getSecret() {
    return secret;
  }

  public void setSecret( final String secret ) {
    this.secret = secret;
  }

  public PolicyEntity getAssumeRolePolicy() {
    return assumeRolePolicy;
  }

  public void setAssumeRolePolicy( final PolicyEntity assumeRolePolicy ) {
    this.assumeRolePolicy = assumeRolePolicy;
  }

  public Set<PolicyEntity> getPolicies() {
    return policies;
  }

  public void setPolicies( final Set<PolicyEntity> policies ) {
    this.policies = policies;
  }

  public Set<ManagedPolicyEntity> getAttachedPolicies( ) {
    return attachedPolicies;
  }

  public void setAttachedPolicies( final Set<ManagedPolicyEntity> attachedPolicies ) {
    this.attachedPolicies = attachedPolicies;
  }

  public Set<InstanceProfileEntity> getInstanceProfiles() {
    return instanceProfiles;
  }

  public void setInstanceProfiles( final Set<InstanceProfileEntity> instanceProfiles ) {
    this.instanceProfiles = instanceProfiles;
  }

  public AccountEntity getAccount() {
    return account;
  }

  public void setAccount( final AccountEntity account ) {
    this.account = account;
  }

  @PrePersist
  @PreUpdate
  public void generateOnCommit() {
    if( this.roleId == null ) {
      this.roleId = Identifiers.generateIdentifier( "ARO" );
    }
    if ( this.secret == null ) {
      this.secret = Crypto.generateSecretKey();
    }
    this.uniqueName = account.getAccountNumber() + ":" + name;
  }

  @Override
  public String toString( ) {
    StringBuilder sb = new StringBuilder( );
    sb.append( "Role(" );
    sb.append( "id=" ).append( this.getId() ).append( ", " );
    sb.append( "roleId=" ).append( this.getRoleId() ).append( ", " );
    sb.append( "name=" ).append( this.getName() ).append( ", " );
    sb.append( "path=" ).append( this.getPath() ).append( ", " );
    sb.append( ")" );
    return sb.toString( );
  }

  @Upgrades.PreUpgrade( value = Euare.class, since = v4_2_0 )
  public static class RolePreUpgrade420 implements Callable<Boolean> {
    private static final Logger logger = Logger.getLogger( RolePreUpgrade420.class );

    @Override
    public Boolean call( ) throws Exception {
      Sql sql = null;
      try {
        sql = Upgrades.DatabaseFilters.NEWVERSION.getConnection("eucalyptus_auth");
        sql.execute( "alter table auth_role add constraint uk_en00jos6jjrjjxooo3mlhg3sn unique ( auth_role_id_external )" );
        return true;
      } catch (Exception ex) {
        logger.error( ex, ex );
        return false;
      } finally {
        if (sql != null) {
          sql.close();
        }
      }
    }
  }  
}