ImagePermission.java

package org.jboss.seam.example.seamspace;

import static org.jboss.seam.ScopeType.CONVERSATION;

import java.io.Serializable;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;

import javax.persistence.EntityManager;

import org.jboss.seam.annotations.Begin;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.core.Conversation;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.security.Role;
import org.jboss.seam.security.SimplePrincipal;
import org.jboss.seam.security.management.IdentityManager;
import org.jboss.seam.security.permission.Permission;
import org.jboss.seam.security.permission.PermissionManager;
import org.jboss.seam.security.permission.action.PermissionSearch;

@Name("imagePermission")
@Scope(CONVERSATION)
public class ImagePermission implements Serializable
{
   private static final long serialVersionUID = -4943654157860780587L;

   private List<String> selectedRoles;   
   private List<Member> selectedFriends;
   private List<String> selectedActions;
   
   private List<String> originalActions;
   
   private List<Member> availableFriends;   
   
   @In IdentityManager identityManager;
   @In PermissionManager permissionManager;
   
   @In EntityManager entityManager;
   
   @In PermissionSearch permissionSearch;   
   
   private MemberImage target; 
   
   private Principal recipient;
   
   @SuppressWarnings("unchecked")
   @Begin(nested = true)
   public void createPermission()
   {
      target = (MemberImage) permissionSearch.getTarget();
      
      selectedFriends = new ArrayList<Member>();
      
      availableFriends = entityManager.createQuery(
            "select f.friend from MemberFriend f where f.member = :member and f.authorized = true")
            .setParameter("member", target.getMember())
            .getResultList();      
   }
   
   @Begin(nested = true)
   public void editPermission()
   {
      target = (MemberImage) permissionSearch.getTarget();
      recipient = permissionSearch.getSelectedRecipient();
            
      List<Permission> permissions = permissionManager.listPermissions(target);
      
      selectedActions = new ArrayList<String>();      
      
      for (Permission permission : permissions)
      {
         if (permission.getRecipient().equals(recipient))
         {
            if (!selectedActions.contains(permission.getAction()))
            {
               selectedActions.add(permission.getAction());
            }
         }
      }
      
      originalActions = new ArrayList<String>(selectedActions);
   }

   public List<String> getSelectedRoles()
   {
      return selectedRoles;
   }
   
   public void setSelectedRoles(List<String> selectedRoles)
   {
      this.selectedRoles = selectedRoles;
   }
   
   public List<Member> getSelectedFriends()
   {
      return selectedFriends;
   }
   
   public void setSelectedFriends(List<Member> selectedFriends)
   {
      this.selectedFriends = selectedFriends;
   }
   
   public List<String> getSelectedActions()
   {
      return selectedActions;
   }
   
   public void setSelectedActions(List<String> selectedActions)
   {
      this.selectedActions = selectedActions;
   }
   
   public String applyPermissions()
   {
      // If the recipient isn't null, it means we're editing existing permissions
      if (recipient != null)
      {
         List<Permission> grantedPermissions = new ArrayList<Permission>();
         List<Permission> revokedPermissions = new ArrayList<Permission>();
         
         for (String action : selectedActions)
         {
            if (!originalActions.contains(action)) 
            {
               grantedPermissions.add(new Permission(target, action, recipient));
            }
         }
         
         for (String action : originalActions)
         {
            if (!selectedActions.contains(action))
            {
               revokedPermissions.add(new Permission(target, action, recipient));
            }
         }
         
         if (!grantedPermissions.isEmpty()) permissionManager.grantPermissions(grantedPermissions);
         if (!revokedPermissions.isEmpty()) permissionManager.revokePermissions(revokedPermissions);
      }
      // otherwise this is a set of new permissions
      else
      {
         if (selectedActions.size() == 0)
         {
            FacesMessages.instance().add("You must select at least one action");
            return "failure";
         }
         
         List<Permission> permissions = new ArrayList<Permission>();
   
         for (String role : selectedRoles)
         {
            Principal r = new Role(role);
            for (String action : selectedActions)
            {            
               permissions.add(new Permission(target, action, r));
            }
         }
         
         for (Member friend : selectedFriends)
         {
            MemberAccount acct = (MemberAccount) entityManager.createQuery(
                  "select a from MemberAccount a where a.member = :member")
                  .setParameter("member", friend)
                  .getSingleResult();
            
            Principal p = new SimplePrincipal(acct.getUsername());
            
            for (String action : selectedActions)
            {
               permissions.add(new Permission(target, action, p));
            }
         }
         
         permissionManager.grantPermissions(permissions);
      }
      Conversation.instance().endBeforeRedirect();
      return "success";
   }
   
   public List<Member> getAvailableFriends()
   {
      return availableFriends;
   }
   
   public MemberImage getTarget()
   {
      return target;
   }
   
   public Principal getRecipient()
   {
      return recipient;
   }
}