RemoveGroupCommand.java example

Explorer
ovirt-engine-master
package org.ovirt.engine.core.bll.aaa;

import javax.inject.Inject;

import org.ovirt.engine.core.bll.MultiLevelAdministrationHandler;
import org.ovirt.engine.core.bll.context.CommandContext;
import org.ovirt.engine.core.common.AuditLogType;
import org.ovirt.engine.core.common.action.IdParameters;
import org.ovirt.engine.core.common.action.PermissionsOperationsParameters;
import org.ovirt.engine.core.common.action.VdcActionType;
import org.ovirt.engine.core.common.businessentities.Permission;
import org.ovirt.engine.core.common.errors.EngineMessage;
import org.ovirt.engine.core.compat.Guid;
import org.ovirt.engine.core.dao.DbGroupDao;
import org.ovirt.engine.core.dao.DbUserDao;
import org.ovirt.engine.core.dao.PermissionDao;

public class RemoveGroupCommand<T extends IdParameters> extends AdGroupsHandlingCommandBase<T> {

    @Inject
    private PermissionDao permissionDao;
    @Inject
    private DbUserDao dbUserDao;
    @Inject
    private DbGroupDao dbGroupDao;

    /**
     * Constructor for command creation when compensation is applied on startup
     */
    public RemoveGroupCommand(Guid commandId) {
        super(commandId);
    }

    public RemoveGroupCommand(T parameters, CommandContext cmdContext) {
        super(parameters, cmdContext);
    }

    @Override
    protected void executeCommand() {
        // Get the identifier of the group from the parameters:
        Guid id = getParameters().getId();

        // Remove the permissions of the group:
        // TODO: This should be done without invoking the command to avoid the overhead.
        for (Permission permission : permissionDao.getAllDirectPermissionsForAdElement(id)) {
            PermissionsOperationsParameters param = new PermissionsOperationsParameters(permission);
            param.setSessionId(getParameters().getSessionId());
            runInternalActionWithTasksContext(VdcActionType.RemovePermission, param);
        }

        // Remove the group itself:
        dbGroupDao.remove(id);

        setSucceeded(true);
    }

    @Override
    public AuditLogType getAuditLogTypeValue() {
        return getSucceeded()? AuditLogType.USER_REMOVE_AD_GROUP : AuditLogType.USER_REMOVE_AD_GROUP_FAILED;
    }

    @Override
    protected boolean validate() {
        // Get the identifier of the group from the parameters:
        Guid id = getParameters().getId();

        // Check that the group being removed isn't the last remaining group
        // of super users:
        if (isLastSuperUserGroup(id)) {
            addValidationMessage(EngineMessage.ERROR_CANNOT_REMOVE_LAST_SUPER_USER_ROLE);
            return false;
        }

        // Check that the group being removed isn't the everyone group:
        if (MultiLevelAdministrationHandler.EVERYONE_OBJECT_ID.equals(id)) {
            addValidationMessage(EngineMessage.ACTION_TYPE_FAILED_CANNOT_REMOVE_BUILTIN_GROUP_EVERYONE);
            return false;
        }

        return true;
    }

    protected boolean isLastSuperUserGroup(Guid groupId) {
        return MultiLevelAdministrationHandler.isLastSuperUserGroup(groupId);
    }
}