/**
* Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2006-2016
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.glite.security.voms.admin.operations.users;
import org.glite.security.voms.admin.event.EventManager;
import org.glite.security.voms.admin.event.user.membership.RoleDismissedEvent;
import org.glite.security.voms.admin.operations.BaseVomsOperation;
import org.glite.security.voms.admin.operations.VOMSContext;
import org.glite.security.voms.admin.operations.VOMSPermission;
import org.glite.security.voms.admin.operations.groups.FindGroupOperation;
import org.glite.security.voms.admin.operations.roles.FindRoleOperation;
import org.glite.security.voms.admin.persistence.dao.VOMSUserDAO;
import org.glite.security.voms.admin.persistence.error.NoSuchGroupException;
import org.glite.security.voms.admin.persistence.error.NoSuchRoleException;
import org.glite.security.voms.admin.persistence.error.NoSuchUserException;
import org.glite.security.voms.admin.persistence.model.VOMSGroup;
import org.glite.security.voms.admin.persistence.model.VOMSRole;
import org.glite.security.voms.admin.persistence.model.VOMSUser;
public class DismissRoleOperation extends BaseVomsOperation {
VOMSUser user;
VOMSGroup group;
VOMSRole role;
private DismissRoleOperation(Long userId, String roleFqan) {
user = (VOMSUser) FindUserOperation.instance(userId).execute();
VOMSContext context = VOMSContext.instance(roleFqan);
group = context.getGroup();
role = context.getRole();
}
private DismissRoleOperation(VOMSUser u, VOMSGroup g, VOMSRole r) {
this.user = u;
this.group = g;
this.role = r;
}
public VOMSContext getContext() {
return VOMSContext.instance(group);
}
public VOMSPermission getRequiredPermission() {
return VOMSPermission.getContainerRWPermissions();
}
public Object doExecute() {
VOMSUserDAO.instance().dismissRole(user, group, role);
EventManager.instance().dispatch(new RoleDismissedEvent(user, group, role));
return user;
}
public static DismissRoleOperation instance(String groupName,
String roleName, String userName, String caDn) {
VOMSUser u = (VOMSUser) FindUserOperation.instance(userName, caDn)
.execute();
VOMSGroup g = (VOMSGroup) FindGroupOperation.instance(groupName).execute();
VOMSRole r = (VOMSRole) FindRoleOperation.instance(roleName).execute();
if (u == null)
throw new NoSuchUserException("User '" + userName + "," + caDn
+ "' not found in this vo.");
if (g == null)
throw new NoSuchGroupException("Group '" + groupName
+ "' does not exist in this vo.");
if (r == null)
throw new NoSuchRoleException("Role '" + roleName
+ "' does not exists in this vo.");
return new DismissRoleOperation(u, g, r);
}
public static DismissRoleOperation instance(VOMSUser u, VOMSGroup g,
VOMSRole r) {
return new DismissRoleOperation(u, g, r);
}
public static DismissRoleOperation instance(Long userId, String roleFqan) {
return new DismissRoleOperation(userId, roleFqan);
}
protected void setupPermissions() {
addRequiredPermission(VOMSContext.instance(group), VOMSPermission
.getContainerReadPermission().setMembershipRWPermission());
}
}